onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/embed?cid=47AC05370C8D6AEE&resid=47AC05370C8D6AEE%21118&authkey=ADka2iqX5oVlSi8&em=2
Submission: On September 25 via manual (September 25th 2020, 12:58:22 am UTC) from NZ

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 8 domains to perform 61 HTTP transactions. The main IP is 13.107.42.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com.
TLS certificate: Issued by Microsoft IT TLS CA 2 on June 25th 2019. Valid for: 2 years.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2.21.26.74 2.21.26.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
22	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28e::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a02:26f0:f1:... 2a02:26f0:f1:28c::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a02:26f0:6c0... 2a02:26f0:6c00:294::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:286::2b57	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.111.233.232 104.111.233.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.109.76.78 52.109.76.78	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:bdf::10 2620:1ec:bdf::10	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	52.114.128.74 52.114.128.74	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:21::23 2620:1ec:21::23	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
61	13

2 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.21.26.74 (Germany)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-26-74.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28e::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:f1:28c::4b36 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c1-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:6c00:294::4b36 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c1-officeapps-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:286::2b57 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

uhf.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.233.232 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-232.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.109.76.78 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

messaging.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::10 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

content.lifecycle.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.114.128.74 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::23 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

config.edge.skype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	live.com onedrive.live.com word-view.officeapps.live.com	269 KB
18	office.net c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net content.lifecycle.office.net	741 KB
8	akamaihd.net spoprod-a.akamaihd.net	395 KB
5	microsoft.com uhf.microsoft.com browser.events.data.microsoft.com browser.pipe.aria.microsoft.com	2 KB
2	office.com messaging.office.com	2 KB
2	s-microsoft.com c.s-microsoft.com	3 KB
1	skype.com config.edge.skype.com	821 B
1	live.net js.live.net	16 KB
61	8

	Domain	Requested by
22	word-view.officeapps.live.com	word-view.officeapps.live.com c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net
9	c1-officeapps-15.cdn.office.net	word-view.officeapps.live.com c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net
8	c1-word-view-15.cdn.office.net	word-view.officeapps.live.com c1-word-view-15.cdn.office.net
8	spoprod-a.akamaihd.net	onedrive.live.com
3	browser.events.data.microsoft.com	c1-word-view-15.cdn.office.net content.lifecycle.office.net
2	messaging.office.com	c1-officeapps-15.cdn.office.net
2	c.s-microsoft.com	word-view.officeapps.live.com
2	onedrive.live.com	onedrive.live.com
1	browser.pipe.aria.microsoft.com	c1-officeapps-15.cdn.office.net
1	config.edge.skype.com	content.lifecycle.office.net
1	content.lifecycle.office.net	c1-word-view-15.cdn.office.net
1	js.live.net	c1-word-view-15.cdn.office.net
1	uhf.microsoft.com	word-view.officeapps.live.com
61	13

This site contains no links.

Subject Issuer	Validity	Valid
onedrive.com Microsoft IT TLS CA 2	`2019-06-25` - `2021-06-25`	2 years	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
officeapps.live.com Microsoft IT TLS CA 1	`2020-02-18` - `2022-02-18`	2 years	crt.sh
www.microsoft.com Microsoft RSA TLS CA 01	`2020-08-28` - `2021-08-28`	a year	crt.sh
*.cdn.office.net Microsoft IT TLS CA 5	`2020-04-15` - `2022-04-15`	2 years	crt.sh
unistore.www.microsoft.com Microsoft IT TLS CA 5	`2019-04-30` - `2021-04-30`	2 years	crt.sh
p.sfx.ms Microsoft IT TLS CA 2	`2020-02-04` - `2022-02-04`	2 years	crt.sh
messaging.office.com Microsoft IT TLS CA 4	`2019-05-28` - `2021-05-28`	2 years	crt.sh
content.lifecycle.office.net GlobalSign Organization Validation CA - SHA256 - G3	`2019-10-08` - `2021-10-08`	2 years	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2020-09-14` - `2021-09-09`	a year	crt.sh
edge.skype.com Microsoft IT TLS CA 4	`2019-10-31` - `2021-10-31`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://onedrive.live.com/embed?cid=47AC05370C8D6AEE&resid=47AC05370C8D6AEE%21118&authkey=ADka2iqX5oVlSi8&em=2
Frame ID: FC316E36D1D172598901C34240D53E93
Requests: 11 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
Frame ID: 808BCC0C3F01EA57E151B454C24B0AFB
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

61
Requests

100 %
HTTPS

58 %
IPv6

8
Domains

13
Subdomains

13
IPs

5
Countries

1463 kB
Transfer

4779 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request embed Show response
onedrive.live.com/ 60 KB
21 KB 4469ms
4395ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=47AC05370C8D6AEE&resid=47AC05370C8D6AEE%21118&authkey=ADka2iqX5oVlSi8&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

013829bf7a223a664419855de85b543d06f79c80fac2ac84de3fa3ae5b7ff48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onedrive.live.com
:scheme: https
:path: /embed?cid=47AC05370C8D6AEE&resid=47AC05370C8D6AEE%21118&authkey=ADka2iqX5oVlSi8&em=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: E=P:1xU0De5g2Ig=:YGkhiXYI+01atXbYNGEh6QuI/TCWjGMKNLJP0Rz28lo=:F; domain=.live.com; path=/ xid=6185096c-bcb2-46e0-b893-8093e89d51f4&&RD00155D9989B5&313; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ LD=; domain=.live.com; expires=Thu, 24-Sep-2020 23:18:01 GMT; path=/ wla42=; domain=live.com; expires=Fri, 02-Oct-2020 00:58:05 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD00155D9989B5
x-odwebserver: eastus0-odwebpl
x-msedge-ref: Ref A: 662409A4BC554F07BC40A70F146B0FF2 Ref B: WAW01EDGE0307 Ref C: 2020-09-25T00:58:01Z
date: Fri, 25 Sep 2020 00:58:05 GMT

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 85 KB
16 KB 269ms
75ms Stylesheet
text/css 2.21.26.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=47AC05370C8D6AEE&resid=47AC05370C8D6AEE%21118&authkey=ADka2iqX5oVlSi8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.26.74 , Germany, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-26-74.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Sep 2020 00:58:05 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
status: 200
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e22e00da-001e-011f-784f-ff8097000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15076043
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 169 KB
30 KB 294ms
100ms Stylesheet
text/css 2.21.26.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=47AC05370C8D6AEE&resid=47AC05370C8D6AEE%21118&authkey=ADka2iqX5oVlSi8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.26.74 , Germany, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-26-74.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Sep 2020 00:58:05 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
status: 200
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 11a3fecc-e01e-0038-744f-ff5c8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15075973
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wlx_fonts-c7993ded.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 123 KB
93 KB 324ms
131ms Stylesheet
text/css 2.21.26.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//wlx_fonts-c7993ded.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=47AC05370C8D6AEE&resid=47AC05370C8D6AEE%21118&authkey=ADka2iqX5oVlSi8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.26.74 , Germany, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-26-74.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 455be57e5ca76be462428c7b127d03d0245952b7e00ca14e8bcb3bfe7584c758

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Sep 2020 00:58:05 GMT
content-encoding: gzip
content-md5: x5k97ZNOTA+fsPCUPRp4Qw==
status: 200
content-length: 94644
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:23 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5410A12E4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: cbb6f1e3-a01e-0052-7951-ff0020000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15076819
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame 808B 102 KB
103 KB 103ms
66ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

16de55f00f90ee48244c3e60f25fefc61ff1d1eac8abccabcfe25d75048437be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: POST
:authority: word-view.officeapps.live.com
:scheme: https
:path: /wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
content-length: 231
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://onedrive.live.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onedrive.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: E=P:1xU0De5g2Ig=:YGkhiXYI+01atXbYNGEh6QuI/TCWjGMKNLJP0Rz28lo=:F; xid=6185096c-bcb2-46e0-b893-8093e89d51f4&&RD00155D9989B5&313; xidseq=1; wla42=
Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://onedrive.live.com/

Response headers

status: 200
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Fri, 25-Dec-2020 01:58:06 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure
x-correlationid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
strict-transport-security: max-age=31536000
timing-allow-origin: *
origin-trial: AtvIdUYrQADnFZVjFMSUC3v5IMITBR1h75MFUfVeL0CYUfR2I/PhZaxFC5UtS7qtFpmqP7GMiZ+Quzoq0VeiJg0AAAB7eyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IkFsbG93U3luY1hIUkluUGFnZURpc21pc3NhbCIsImV4cGlyeSI6MTYwODEzNDQwNCwiaXNTdWJkb21haW4iOnRydWV9
x-ccr: true
x-officefe: AM4PEPF00006A01
x-officeversion: 16.0.13321.41006
x-officecluster: PNL1
x-content-type-options: nosniff
content-security-policy-report-only: font-src data: c1-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net uci.officeapps.live.com c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.blob.core.windows.net content.lifecycle.office.net www.microsoft.com c.s-microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com c.s-microsoft.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' https:; child-src ms-word: https:; worker-src 'none'; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
x-officefd: AM4PEPF000068AB
x-msedge-ref: Ref A: 0086DB2B28924CBE8314635AFB6622AB Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:06Z
x-msedge-flight: 1tt8=afd_visiocapacitytest
x-msedge-features: typeheadertest,afd_visiocapacitytest
date: Fri, 25 Sep 2020 00:58:05 GMT

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 92 KB
33 KB 77ms
77ms Script
application/javascript 2.21.26.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=47AC05370C8D6AEE&resid=47AC05370C8D6AEE%21118&authkey=ADka2iqX5oVlSi8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.26.74 , Germany, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-26-74.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Sep 2020 00:58:06 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
status: 200
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e22e0108-001e-011f-1e4f-ff8097000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15075948
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 483 KB
133 KB 84ms
83ms Script
application/javascript 2.21.26.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=47AC05370C8D6AEE&resid=47AC05370C8D6AEE%21118&authkey=ADka2iqX5oVlSi8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.26.74 , Germany, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-26-74.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Sep 2020 00:58:06 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
status: 200
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 11a3ff34-e01e-0038-4b4f-ff5c8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15075916
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 34 KB
34 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 621444729b901edd79a8ac4fd06bb553901fdf84b7be631b7e1efbf31037b13c

Request headers

Origin: https://onedrive.live.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H2 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 47 KB
14 KB 77ms
77ms Script
application/javascript 2.21.26.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=47AC05370C8D6AEE&resid=47AC05370C8D6AEE%21118&authkey=ADka2iqX5oVlSi8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.26.74 , Germany, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-26-74.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Sep 2020 00:58:06 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
status: 200
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e22e0127-001e-011f-364f-ff8097000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15075976
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 203 KB
68 KB 78ms
77ms Script
application/javascript 2.21.26.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=47AC05370C8D6AEE&resid=47AC05370C8D6AEE%21118&authkey=ADka2iqX5oVlSi8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.26.74 , Germany, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-26-74.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Sep 2020 00:58:06 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
status: 200
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 11a3ff62-e01e-0038-734f-ff5c8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15075986
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 15 KB
6 KB 89ms
89ms Script
application/javascript 2.21.26.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=47AC05370C8D6AEE&resid=47AC05370C8D6AEE%21118&authkey=ADka2iqX5oVlSi8&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.26.74 , Germany, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-26-74.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Sep 2020 00:58:06 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
status: 200
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 11a3ff9f-e01e-0038-284f-ff5c8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15076000
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 mscc-0.4.2.min.css
c.s-microsoft.com/mscc/statics/ Frame 808B 1 KB
934 B 41ms
12ms Stylesheet
text/css 2a02:26f0:6c00:28e::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/mscc/statics/mscc-0.4.2.min.css
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28e::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 66c5d9882a954332c4aebef2386c7713a226fa617ddcd08d22f24e53ba5ec066

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 25 Sep 2020 00:58:06 GMT
content-encoding: gzip
last-modified: Fri, 10 Jan 2020 15:56:23 GMT
content-md5: QLyM0qNPDXd6ayzd1iIoLA==
status: 200
etag: 0x8D795E5A424E059
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a3a91312-801e-0025-4efc-c78b2b000000
x-ms-version: 2009-09-19
content-length: 626

GET
H/1.1 200
OK WordViewer.css
c1-word-view-15.cdn.office.net/wv/s/hBF3D4E4B559AB635_resources/1033/ Frame 808B 221 KB
27 KB 58ms
7ms Stylesheet
text/css 2a02:26f0:f1:28c::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/hBF3D4E4B559AB635_resources/1033/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:28c::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

bf3d4e4b559ab635aad4a1d957f9e82cade9eeee8d1617596177b89f07c336d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "d35fab453c91d61:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.13321.41006
X-OfficeFE: AM4PEPF00006A03
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 26634
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Tue, 22 Sep 2020 23:58:30 GMT
X-OFFICEFD: AM4PEPF000068B0
X-UserSessionId: ddcd58d4-4f14-42c2-ab8b-ed4241ba136d
Date: Fri, 25 Sep 2020 00:58:06 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: ddcd58d4-4f14-42c2-ab8b-ed4241ba136d
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjax.js Show response
c1-officeapps-15.cdn.office.net/wv/s/hEC3E0FECD8521498_App_Scripts/ Frame 808B 106 KB
24 KB 32ms
6ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/hEC3E0FECD8521498_App_Scripts/MicrosoftAjax.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

ec3e0fecd8521498aca392912219497d50c10ee21fcd8e670f04b86bd7d7b225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "90956ebe9b88d61:0"
X-OfficeCluster: US3C
X-OfficeVersion: 16.0.13310.41000
X-OfficeFE: DM3PEPF00012E90
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: qx9=tasmigration015,1pnr=afd_wordcapacity_2
Content-Length: 23639
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_wordcapacity_2
Last-Modified: Sat, 12 Sep 2020 00:29:15 GMT
X-OFFICEFD: DM3PEPF000132E2
X-MSEdge-Ref: Ref A: 77AB0050BA02488387C6164EF2A11D53 Ref B: AM3EDGE0120 Ref C: 2020-09-15T22:23:14Z
X-UserSessionId: 4eff01b5-2a22-4dea-978e-148b2932b44c
Date: Fri, 25 Sep 2020 00:58:06 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 4eff01b5-2a22-4dea-978e-148b2932b44c
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 mscc-0.4.2.min.js Show response
c.s-microsoft.com/mscc/statics/ Frame 808B 4 KB
2 KB 37ms
8ms Script
text/javascript 2a02:26f0:6c00:28e::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/mscc/statics/mscc-0.4.2.min.js
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28e::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a188e6c4c6729c3abbe6a34e45b5c3d7d65ffc659e1baa46632ffb1c876e815c

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 25 Sep 2020 00:58:06 GMT
content-encoding: gzip
last-modified: Fri, 10 Jan 2020 15:56:14 GMT
content-md5: AO6kLOW8s6NiicKEPl74tA==
status: 200
etag: 0x8D795E59EC908A0
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 1a05ae20-f01e-0080-7bfc-c7b032000000
x-ms-version: 2009-09-19
content-length: 2017

GET
H/1.1 200
OK cookiecompliance.js Show response
c1-officeapps-15.cdn.office.net/wv/s/h910F1F3CE687CFDE_App_Scripts/ Frame 808B 9 KB
3 KB 40ms
11ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/h910F1F3CE687CFDE_App_Scripts/cookiecompliance.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

910f1f3ce687cfde1a12415fe73a4465e7a2f851177c33ca8e9f3b5c5f93c41c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "ed21f4e19288d61:0"
X-OfficeCluster: IE3
X-CCR: true
X-OfficeVersion: 16.0.13310.41000
X-OfficeFE: DB5PEPF00004D4D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1jd0=afd_visioslice
Content-Length: 1704
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_visioslice
Last-Modified: Fri, 11 Sep 2020 23:25:49 GMT
X-OFFICEFD: DB5PEPF000040B6
X-MSEdge-Ref: Ref A: 63F94FAA05CD4494B9C1AD2B74D78902 Ref B: AMS04EDGE0812 Ref C: 2020-09-13T06:42:41Z
X-UserSessionId: 2471ded7-7b34-4378-bc67-b8a681fcce6f
Date: Fri, 25 Sep 2020 00:58:06 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 2471ded7-7b34-4378-bc67-b8a681fcce6f
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK CommonIntl.js Show response
c1-officeapps-15.cdn.office.net/wv/s/h53C1B6C800383599_App_Scripts/1033/ Frame 808B 86 KB
21 KB 33ms
7ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/h53C1B6C800383599_App_Scripts/1033/CommonIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

53c1b6c80038359986460660b1ac32dca80863fd0368fe0f8a431910532d380a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"e06487188e90d61:0"
X-OfficeCluster: PNL1
X-CCR: true
X-OfficeVersion: 16.0.13316.41008
X-OfficeFE: AM4PEPF00006A1C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1tt8=afd_visiocapacitytest
Content-Length: 20536
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_visiocapacitytest
Last-Modified: Tue, 22 Sep 2020 03:11:42 GMT
X-OFFICEFD: AM4PEPF000068AC
X-MSEdge-Ref: Ref A: C6C8432801ED4D76ADF2E63F1ACA6A75 Ref B: AM3EDGE0805 Ref C: 2020-09-22T03:11:42Z
X-UserSessionId: dc0a8f73-f979-4567-b1ff-f643d9c6407c
Date: Fri, 25 Sep 2020 00:58:06 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: dc0a8f73-f979-4567-b1ff-f643d9c6407c
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Compat.js Show response
c1-word-view-15.cdn.office.net/wv/s/h06FE78141D1F3A43_App_Scripts/ Frame 808B 6 KB
2 KB 55ms
6ms Script
application/javascript 2a02:26f0:f1:28c::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h06FE78141D1F3A43_App_Scripts/Compat.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:28c::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "b6e3c348ed61:0"
X-OfficeCluster: PNL1
X-CCR: true
X-OfficeVersion: 16.0.13316.41008
X-OfficeFE: AM4PEPF000069EF
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1q8w=afd_pptcapacity_control
Content-Length: 1365
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_pptcapacity_control
Last-Modified: Fri, 18 Sep 2020 21:43:35 GMT
X-OFFICEFD: AM4PEPF000068AD
X-MSEdge-Ref: Ref A: 1824BA90F1E74C1AB8DD893E73D41496 Ref B: AMS04EDGE0207 Ref C: 2020-09-20T09:03:58Z
X-UserSessionId: b1114e5d-4630-4879-8bba-c89ed246fde8
Date: Fri, 25 Sep 2020 00:58:06 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: b1114e5d-4630-4879-8bba-c89ed246fde8
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WordViewerIntl.js Show response
c1-word-view-15.cdn.office.net/wv/s/h1479B52BACE821FC_App_Scripts/1033/ Frame 808B 19 KB
4 KB 56ms
8ms Script
application/javascript 2a02:26f0:f1:28c::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h1479B52BACE821FC_App_Scripts/1033/WordViewerIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:28c::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

1479b52bace821fc604e7ded0f67b139808c4fe3fc21623c3cbe420e092ecc0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "792915d7ff8dd61:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.13316.41008
X-OfficeFE: AM4PEPF0000728A
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1tt8=afd_visiocapacitytest
Content-Length: 3310
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_visiocapacitytest
Last-Modified: Fri, 18 Sep 2020 21:08:21 GMT
X-OFFICEFD: AM4PEPF000068AB
X-MSEdge-Ref: Ref A: 1D64392198774E2DAC151DDB2A91E535 Ref B: AMS04EDGE0710 Ref C: 2020-09-19T04:25:28Z
X-UserSessionId: 6c589d79-a2cd-4712-a052-058ff17119e9
Date: Fri, 25 Sep 2020 00:58:06 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 6c589d79-a2cd-4712-a052-058ff17119e9
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WordViewer.js Show response
c1-word-view-15.cdn.office.net/wv/s/h43600CDC283BA9D5_App_Scripts/ Frame 808B 1 MB
291 KB 55ms
7ms Script
application/javascript 2a02:26f0:f1:28c::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h43600CDC283BA9D5_App_Scripts/WordViewer.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:28c::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

43600cdc283ba9d5688507cee72b07f5c00b79afea96a0c50b434a79488ae908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"e61ee15c8e90d61:0"
X-OfficeCluster: IE3
X-OfficeVersion: 16.0.13316.41008
X-OfficeFE: DB5PEPF00004089
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1tt8=afd_visiocapacitytest
Content-Length: 296742
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_visiocapacitytest
Last-Modified: Tue, 22 Sep 2020 03:13:37 GMT
X-OFFICEFD: DB5PEPF000040AD
X-MSEdge-Ref: Ref A: DAB6704C668E409BAF10B3AF398B1019 Ref B: AM3EDGE0319 Ref C: 2020-09-22T03:13:36Z
X-UserSessionId: 85afd796-7907-4dfc-a873-7f1b36fc3c2c
Date: Fri, 25 Sep 2020 00:58:06 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 85afd796-7907-4dfc-a873-7f1b36fc3c2c
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 0
539 B 58ms
57ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13321.41006&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF00006A3D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-officefdproxy: DB5PEPF0000409F
x-msedge-flight: 1jcx=afd_powerpointslice_control,1tt8=afd_visiocapacitytest
content-length: 0
x-msedge-features: typeheadertest,afd_powerpointslice_control,afd_visiocapacitytest
x-correlationid: 66f48998-8cab-4d50-adfc-757230d5d946
x-officefd: DB5PEPF0000409F
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
x-powered-by: ARR/3.0
date: Fri, 25 Sep 2020 00:58:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://PNL1dso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: FAF01250A3C34932A720784354361C8F Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:06Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 0
380 B 20ms
19ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13321.41006&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":40,"Value":"https://c.s-microsoft.com/mscc/statics/mscc-0.4.2.min.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF000069ED
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1i78=afd_wordcapacity,1pnr=afd_wordcapacity_2_control,1tt8=afd_visiocapacitytest
content-length: 0
x-msedge-features: typeheadertest,afd_wordcapacity,afd_wordcapacity_2_control,afd_visiocapacitytest
x-correlationid: 85f4645e-ebd4-4c96-94ba-2ba12df43038
x-officefd: AM4PEPF00007454
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
date: Fri, 25 Sep 2020 00:58:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 44887E2C1BAA4DFF90FC4F946A27118D Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:06Z
timing-allow-origin: *

GET
H2 404 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 808B 1 KB
1 KB 112ms
111ms Image
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&access_token=4w%5F7mwBWw6X%2DNvUUfcz9LuTH%5FXuzTB1Cnu86UxLtSxueOxBUnUXiM5nRS6NqUcx42psnTpSgVG%5FlDnPSIquFXrtBEWabuUQlCmSeUXMxhjCh8AASMwEV9KrQyxiZuMXakG4Tx9QCP3OkYAnNB1t6QdrQ&access_token_ttl=1602809885454&z=aNDdBQzA1MzcwQzhENkFFRSExMTguNDY&v=00000000-0000-0000-0000-000000000802&usid=9ef8c2a7-433b-432c-a10c-8b35338f1db4&splashscreen=1&build=16.0.13321.41006&PdfMode=1&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF00006A3A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 404
content-disposition: attachment
x-msedge-flight: 1tt8=afd_visiocapacitytest
content-length: 1245
pragma: no-cache
x-msedge-features: typeheadertest,afd_visiocapacitytest
x-correlationid: 5c53862b-445e-4f31-bd8d-40381b5c6ab7
x-officefd: AM4PEPF000068AD
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
date: Fri, 25 Sep 2020 00:58:06 GMT
x-download-options: noopen
content-type: text/html
cache-control: no-cache
x-msedge-ref: Ref A: 216F42B14A2B47C597EFD8EE257DCD2F Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:06Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 0
235 B 43ms
42ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h43600CDC283BA9D5_App_Scripts/WordViewer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: DB5PEPF00004092
x-officeversion: 16.0.13321.41006
x-officefe: DB5PEPF00004D5A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1tt8=afd_visiocapacitytest
content-length: 0
x-msedge-features: typeheadertest,afd_visiocapacitytest
x-correlationid: bbb5ac82-c5c2-491b-b2d0-ed63c70b41d9
x-officecluster: IE3
x-ccr: true
x-usersessionid: bbb5ac82-c5c2-491b-b2d0-ed63c70b41d9
date: Fri, 25 Sep 2020 00:58:06 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: D5FAEF7BB84742B99ECD2DAE89AE2381 Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:06Z
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 0
266 B 23ms
23ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h43600CDC283BA9D5_App_Scripts/WordViewer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF000068B7
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF00006A31
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1tt8=afd_visiocapacitytest
content-length: 0
x-msedge-features: typeheadertest,afd_visiocapacitytest
x-correlationid: 3c85373c-73cd-472a-ab6b-610b2b3e61e6
x-officecluster: PNL1
x-ccr: true
x-usersessionid: 3c85373c-73cd-472a-ab6b-610b2b3e61e6
date: Fri, 25 Sep 2020 00:58:06 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 4FFF082617364BDFA79D2872472A7B88 Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:06Z
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 0
194 B 24ms
23ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h43600CDC283BA9D5_App_Scripts/WordViewer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF000068A2
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF00006A22
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1tt8=afd_visiocapacitytest
content-length: 0
x-msedge-features: typeheadertest,afd_visiocapacitytest
x-correlationid: b568a51d-afc3-4b82-8510-59f5cb835bd4
x-officecluster: PNL1
x-ccr: true
x-usersessionid: b568a51d-afc3-4b82-8510-59f5cb835bd4
date: Fri, 25 Sep 2020 00:58:06 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 351AC8971EFB47BCA43D09A686CAF5D8 Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:06Z
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 0
227 B 23ms
22ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h43600CDC283BA9D5_App_Scripts/WordViewer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF000068C8
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF000069EE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1tt8=afd_visiocapacitytest
content-length: 0
x-msedge-features: typeheadertest,afd_visiocapacitytest
x-correlationid: de308316-702f-462c-9874-b608dabf948c
x-officecluster: PNL1
x-ccr: true
x-usersessionid: de308316-702f-462c-9874-b608dabf948c
date: Fri, 25 Sep 2020 00:58:06 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 4C687970BF494BDD96D6DAFECD54E5E1 Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:06Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 0
346 B 19ms
19ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13321.41006&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":222,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF000069EF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1jcz=afd_onenoteslice_control,1tt8=afd_visiocapacitytest
content-length: 0
x-msedge-features: typeheadertest,afd_onenoteslice_control,afd_visiocapacitytest
x-correlationid: 0560ba80-f166-4f24-b99b-ad3592b959bb
x-officefd: AM4PEPF000068C8
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
date: Fri, 25 Sep 2020 00:58:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 1DBABBBBA9F94C78B7454B3EAB2E5237 Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:06Z
timing-allow-origin: *

GET
H/1.1 200
OK segoeui.woff
c1-word-view-15.cdn.office.net/wv/s/hBF3D4E4B559AB635_resources/1033/ Frame 808B 22 KB
23 KB 7ms
7ms Font
font/x-woff 2a02:26f0:f1:28c::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/hBF3D4E4B559AB635_resources/1033/segoeui.woff

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hBF3D4E4B559AB635_resources/1033/WordViewer.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:28c::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://c1-word-view-15.cdn.office.net/wv/s/hBF3D4E4B559AB635_resources/1033/WordViewer.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"bcc4f0967e91d61:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.13321.41006
X-OfficeFE: AM4PEPF00006A0B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 22720
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Wed, 23 Sep 2020 07:53:13 GMT
X-OFFICEFD: AM4PEPF000068B0
X-CCR: true
X-UserSessionId: 2c76bb85-e3d2-457d-b7f4-a0d94a6dca0e
Date: Fri, 25 Sep 2020 00:58:06 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: 2c76bb85-e3d2-457d-b7f4-a0d94a6dca0e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 328 B
765 B 171ms
171ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&access_token=4w%5F7mwBWw6X%2DNvUUfcz9LuTH%5FXuzTB1Cnu86UxLtSxueOxBUnUXiM5nRS6NqUcx42psnTpSgVG%5FlDnPSIquFXrtBEWabuUQlCmSeUXMxhjCh8AASMwEV9KrQyxiZuMXakG4Tx9QCP3OkYAnNB1t6QdrQ&access_token_ttl=1602809885454&z=aNDdBQzA1MzcwQzhENkFFRSExMTguNDY&type=png&o15=1&ui=en-US&PdfMode=1

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/hEC3E0FECD8521498_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1535325442267a57eb72a0793c4b91838e2e55489f315d986855af90c63de86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-UserSessionId: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
X-OfficeVersion: 16.0.13321.41006
X-Key: hOrI5gUE2Lpxe9D4ymqspb84KMDnURC/rW6Bpw7CPmI=,637365922861490941
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF000069FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1i78=afd_wordcapacity,1tt8=afd_visiocapacitytest
content-length: 378
pragma: no-cache
x-msedge-features: typeheadertest,afd_wordcapacity,afd_visiocapacitytest
x-correlationid: 6b3f64de-b376-4d91-b04e-52ea3db3df6c
x-officefd: AM4PEPF000068C7
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
date: Fri, 25 Sep 2020 00:58:06 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: no-cache
x-msedge-ref: Ref A: 713DC56DC42A45C5A7A7EAE354705176 Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:06Z
timing-allow-origin: *
expires: -1

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
c1-officeapps-15.cdn.office.net/wv/s/161332141006_App_Scripts/ Frame 808B 40 KB
7 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161332141006_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h43600CDC283BA9D5_App_Scripts/WordViewer.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"f66dfed8d90d61:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.13316.41008
X-OfficeFE: AM4PEPF00006FE7
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: qx9=tasmigration015,1jcz=afd_onenoteslice,1tt8=afd_visiocapacitytest
Content-Length: 5997
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_onenoteslice,afd_visiocapacitytest
Last-Modified: Tue, 22 Sep 2020 03:10:30 GMT
X-OFFICEFD: AM4PEPF000068C1
X-MSEdge-Ref: Ref A: C4D9E97A7A214368897112E17A74D25E Ref B: AM3EDGE1016 Ref C: 2020-09-22T03:10:30Z
X-UserSessionId: beae1308-a8ad-448d-a3e3-2a015a114d8a
Date: Fri, 25 Sep 2020 00:58:06 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: beae1308-a8ad-448d-a3e3-2a015a114d8a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wapsw.png
c1-officeapps-15.cdn.office.net/wv/s/161332141006_resources/1033/ Frame 808B 6 KB
7 KB 22ms
6ms Image
image/png 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161332141006_resources/1033/wapsw.png?b=1601332141006

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"f01ea9efbf90d61:0"
X-OfficeCluster: PNL1
X-CCR: true
X-OfficeVersion: 16.0.13316.41008
X-OfficeFE: AM4PEPF00006A1C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: qx9=tasmigration015,1tt8=afd_visiocapacitytest
Content-Length: 5884
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_visiocapacitytest
Last-Modified: Tue, 22 Sep 2020 09:08:28 GMT
X-OFFICEFD: AM4PEPF000068A8
X-MSEdge-Ref: Ref A: C043CEFD4A494CDCBB66A049E9C35603 Ref B: AM3EDGE0419 Ref C: 2020-09-22T09:08:28Z
X-UserSessionId: c85639d1-cbd3-4638-9389-2740e6c6a768
Date: Fri, 25 Sep 2020 00:58:06 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: c85639d1-cbd3-4638-9389-2740e6c6a768
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wv.png
c1-word-view-15.cdn.office.net/wv/s/161332141006_resources/1033/ Frame 808B 34 KB
35 KB 8ms
8ms Image
image/png 2a02:26f0:f1:28c::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161332141006_resources/1033/wv.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:28c::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"41bbc1ee8d90d61:0"
X-OFFICEFD: DB5PEPF000040A0
X-OfficeVersion: 16.0.13316.41008
X-OfficeFE: DB5PEPF000054EB
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1i78=afd_wordcapacity_control,1tt8=afd_visiocapacitytest
Content-Length: 35196
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity_control,afd_visiocapacitytest
Last-Modified: Tue, 22 Sep 2020 03:10:32 GMT
X-OfficeCluster: IE3
X-MSEdge-Ref: Ref A: D2DC90B272F8404AAF13D7744C0D351C Ref B: AM3EDGE0621 Ref C: 2020-09-22T03:10:32Z
X-UserSessionId: 9d79bcba-7083-442a-81c5-ee574d126869
Date: Fri, 25 Sep 2020 00:58:06 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 9d79bcba-7083-442a-81c5-ee574d126869
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 204 _log
uhf.microsoft.com/ Frame 808B 0
128 B 34ms
6ms Image
text/html 2a02:26f0:6c00:286::2b57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uhf.microsoft.com/_log?o=mscc&s=officeapps.live.com&m=show&nv=aspnet-3.1.4&sv=0.1.2
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:286::2b57 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 00:58:06 GMT
status: 204
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 0
expires: Fri, 25 Sep 2020 00:58:06 GMT

GET
H2 404 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 808B 1 KB
1 KB 247ms
247ms Image
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF00006A03
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 404
content-disposition: attachment
x-msedge-flight: 1i78=afd_wordcapacity,1jcy=afd_excelslice_control,1tt8=afd_visiocapacitytest
content-length: 1245
pragma: no-cache
x-msedge-features: typeheadertest,afd_wordcapacity,afd_excelslice_control,afd_visiocapacitytest
x-correlationid: ad4f9f40-d576-46da-b43a-a1b736086972
x-officefd: AM4PEPF000068AB
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
date: Fri, 25 Sep 2020 00:58:06 GMT
x-download-options: noopen
content-type: text/html
cache-control: no-cache
x-msedge-ref: Ref A: 123305752D5544C5B5679AE45EA1BD60 Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:07Z
timing-allow-origin: *
expires: -1

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 328 B
692 B 114ms
113ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/hEC3E0FECD8521498_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e5528aba73c716ee34651414b696a323d88bd474838714df23a579d83052c64e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-UserSessionId: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
X-OfficeVersion: 16.0.13321.41006
X-Key: hOrI5gUE2Lpxe9D4ymqspb84KMDnURC/rW6Bpw7CPmI=,637365922861490941
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF000069F2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1tt8=afd_visiocapacitytest
content-length: 377
pragma: no-cache
x-msedge-features: typeheadertest,afd_visiocapacitytest
x-correlationid: b0852630-9248-4151-b9d7-6475c33a9bfe
x-officefd: AM4PEPF000068C8
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
date: Fri, 25 Sep 2020 00:58:07 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: no-cache
x-msedge-ref: Ref A: 17BDFC9C3C26443FA377B0E27ED1A4C0 Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:07Z
timing-allow-origin: *
expires: -1

GET
H2 404 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 808B 1 KB
1 KB 116ms
116ms Image
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF000069F3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 404
content-disposition: attachment
x-msedge-flight: qx9=tasmigration015,1tt8=afd_visiocapacitytest
content-length: 1245
pragma: no-cache
x-msedge-features: tasmigration015,typeheadertest,afd_visiocapacitytest
x-correlationid: a8964cd9-3b09-4702-9237-257676e6563b
x-officefd: AM4PEPF000068C8
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
date: Fri, 25 Sep 2020 00:58:07 GMT
x-download-options: noopen
content-type: text/html
cache-control: no-cache
x-msedge-ref: Ref A: 0932C7193527416BBD318F9CC98782CF Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:07Z
timing-allow-origin: *
expires: -1

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 356 B
602 B 136ms
136ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/hEC3E0FECD8521498_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9caa1009b93630783baf948889200565caab53235a610e462e70552e89c3154a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-UserSessionId: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
X-OfficeVersion: 16.0.13321.41006
X-Key: hOrI5gUE2Lpxe9D4ymqspb84KMDnURC/rW6Bpw7CPmI=,637365922861490941
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF000069F5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1tt8=afd_visiocapacitytest
content-length: 352
x-msedge-features: typeheadertest,afd_visiocapacitytest
x-correlationid: ec2854b5-4ee4-4694-a582-36ac2c56bcbb
x-officefd: AM4PEPF000068C8
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
date: Fri, 25 Sep 2020 00:58:09 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 50DFB0E1E3B74799B1D9A4C83B0407C9 Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:09Z
timing-allow-origin: *
expires: Sat, 25 Sep 2021 00:58:09 GMT

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 0
392 B 19ms
19ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13321.41006&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":3712,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF00006FE4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1g3n=afd_wordslice_control,1tt8=afd_visiocapacitytest
content-length: 0
x-msedge-features: typeheadertest,afd_wordslice_control,afd_visiocapacitytest
x-correlationid: ee918141-69da-4b77-b2da-c451c0f90e91
x-officefd: AM4PEPF000068B7
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
date: Fri, 25 Sep 2020 00:58:09 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 14FC4B5DC4324383A9278C5EB51133E2 Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:09Z
timing-allow-origin: *

GET
H/1.1 200
OK WordViewer.dll1.js Show response
c1-word-view-15.cdn.office.net/wv/s/161332141006_App_Scripts/ Frame 808B 450 KB
115 KB 7ms
7ms Script
application/javascript 2a02:26f0:f1:28c::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161332141006_App_Scripts/WordViewer.dll1.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h43600CDC283BA9D5_App_Scripts/WordViewer.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:28c::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

ae0f7449525d50493195cd3368e29f80c9a76fd868f3406aa9f33c8c7edb26ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"80dde0f08f90d61:0"
X-OfficeCluster: IE3
X-OfficeVersion: 16.0.13316.41008
X-OfficeFE: DB5PEPF000054F8
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1tt8=afd_visiocapacitytest
Content-Length: 116436
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_visiocapacitytest
Last-Modified: Tue, 22 Sep 2020 03:24:55 GMT
X-OFFICEFD: DB5PEPF0000409B
X-MSEdge-Ref: Ref A: DBE6E03F7D7E478BA6813FFF9E578537 Ref B: AMS04EDGE0618 Ref C: 2020-09-22T03:24:54Z
X-UserSessionId: 97eab126-5a74-4d86-a7e7-d0d0f311a429
Date: Fri, 25 Sep 2020 00:58:09 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 97eab126-5a74-4d86-a7e7-d0d0f311a429
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK officebrowserfeedback_floodgate.js Show response
c1-officeapps-15.cdn.office.net/wv/s/161332141006_App_Scripts/Feedback/latest/ Frame 808B 419 KB
82 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161332141006_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h43600CDC283BA9D5_App_Scripts/WordViewer.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

6b2e0d681aa3096520c07b5fdb451ca73df5c8726b8a137c59f259392a2274e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"608e541a8e90d61:0"
X-OfficeCluster: PNL1
X-CCR: true
X-OfficeVersion: 16.0.13316.41008
X-OfficeFE: AM4PEPF0000728B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1tt8=afd_visiocapacitytest
Content-Length: 83507
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_visiocapacitytest
Last-Modified: Tue, 22 Sep 2020 03:11:45 GMT
X-OFFICEFD: AM4PEPF0000601B
X-MSEdge-Ref: Ref A: 482AC24EF8AB410D9202A4F36E1C8F6A Ref B: AMS04EDGE0713 Ref C: 2020-09-22T03:11:45Z
X-UserSessionId: 3f493247-f66c-46f1-b729-e67608e414db
Date: Fri, 25 Sep 2020 00:58:09 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 3f493247-f66c-46f1-b729-e67608e414db
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/wv/s/161332141006_resources/1033/ Frame 808B 695 B
2 KB 10ms
9ms Image
image/gif 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161332141006_resources/1033/progress.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"a92c1dee8d90d61:0"
X-OFFICEFD: DB5PEPF0000409A
X-OfficeVersion: 16.0.13316.41008
X-OfficeFE: DB5PEPF00004179
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: qx9=tasmigration015,1tt8=afd_visiocapacitytest
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_visiocapacitytest
Last-Modified: Tue, 22 Sep 2020 03:10:31 GMT
X-OfficeCluster: IE3
X-MSEdge-Ref: Ref A: 052A1608A71F4D6A8D106763799D06F1 Ref B: AM3EDGE0508 Ref C: 2020-09-22T03:10:31Z
X-UserSessionId: ed29368a-8644-4ce8-8bc2-74debd092309
Date: Fri, 25 Sep 2020 00:58:09 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: ed29368a-8644-4ce8-8bc2-74debd092309
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 808B 54 KB
54 KB 125ms
124ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=9ef8c2a7-433b-432c-a10c-8b35338f1db4&build=16.0.13321.41006&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&access_token=4w_7mwBWw6X-NvUUfcz9LuTH_XuzTB1Cnu86UxLtSxueOxBUnUXiM5nRS6NqUcx42psnTpSgVG_lDnPSIquFXrtBEWabuUQlCmSeUXMxhjCh8AASMwEV9KrQyxiZuMXakG4Tx9QCP3OkYAnNB1t6QdrQ&access_token_ttl=1602809885630&z=aNDdBQzA1MzcwQzhENkFFRSExMTguNDY&waccluster=PNL1&PdfMode=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d2e3f06cf57bf94eaec6e89dca7e8b42e4d0c9269a2997bd0a32a49a0182b0a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF000069F6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1tt8=afd_visiocapacitytest
content-length: 54948
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&access_token=4w%5F7mwBWw6X%2DNvUUfcz9LuTH%5FXuzTB1Cnu86UxLtSxueOxBUnUXiM5nRS6NqUcx42psnTpSgVG%5FlDnPSIquFXrtBEWabuUQlCmSeUXMxhjCh8AASMwEV9KrQyxiZuMXakG4Tx9QCP3OkYAnNB1t6QdrQ&access_token_ttl=1602809885630&z=aNDdBQzA1MzcwQzhENkFFRSExMTguNDY00000000-0000-0000-0000-000000000802p1.img"
x-msedge-features: typeheadertest,afd_visiocapacitytest
x-correlationid: 92bacb12-5f28-4e77-8a76-4f4c1bf2f6ad
x-officefd: AM4PEPF000068C8
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
date: Fri, 25 Sep 2020 00:58:09 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 16AB4D007BE342A1AC10102D00C51AC1 Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:09Z
timing-allow-origin: *
expires: Sat, 25 Sep 2021 00:58:10 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 1 KB
1 KB 128ms
127ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=9ef8c2a7-433b-432c-a10c-8b35338f1db4&build=16.0.13321.41006&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&access_token=4w%5F7mwBWw6X%2DNvUUfcz9LuTH%5FXuzTB1Cnu86UxLtSxueOxBUnUXiM5nRS6NqUcx42psnTpSgVG%5FlDnPSIquFXrtBEWabuUQlCmSeUXMxhjCh8AASMwEV9KrQyxiZuMXakG4Tx9QCP3OkYAnNB1t6QdrQ&access_token_ttl=1602809885454&z=aNDdBQzA1MzcwQzhENkFFRSExMTguNDY&waccluster=PNL1&PdfMode=1

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/hEC3E0FECD8521498_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e261746fe4701ada54a7c7fceda98513f61225b4b83d8669fdfe65e2f686df10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-UserSessionId: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
X-OfficeVersion: 16.0.13321.41006
X-Key: hOrI5gUE2Lpxe9D4ymqspb84KMDnURC/rW6Bpw7CPmI=,637365922861490941
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF00006A26
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1q8w=afd_pptcapacity_control,1tt8=afd_visiocapacitytest
content-length: 655
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&access_token=4w%5F7mwBWw6X%2DNvUUfcz9LuTH%5FXuzTB1Cnu86UxLtSxueOxBUnUXiM5nRS6NqUcx42psnTpSgVG%5FlDnPSIquFXrtBEWabuUQlCmSeUXMxhjCh8AASMwEV9KrQyxiZuMXakG4Tx9QCP3OkYAnNB1t6QdrQ&access_token_ttl=1602809885454&z=aNDdBQzA1MzcwQzhENkFFRSExMTguNDY00000000-0000-0000-0000-000000000802p_1_10.xml"
x-msedge-features: typeheadertest,afd_pptcapacity_control,afd_visiocapacitytest
x-correlationid: d44d0e93-ed07-4dc3-99df-52989bcd06a9
x-officefd: AM4PEPF000068A2
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
date: Fri, 25 Sep 2020 00:58:09 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 473C411699D540E5993340CAD8E4504A Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:09Z
timing-allow-origin: *
expires: Sat, 25 Sep 2021 00:58:10 GMT

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 808B 42 KB
16 KB 243ms
55ms Script
application/javascript 104.111.233.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h43600CDC283BA9D5_App_Scripts/WordViewer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.111.233.232 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-232.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 00:58:10 GMT
X-MSNServer: RD0003FF241969
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=25237, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H/1.1 200
OK officebrowserfeedback.css
c1-officeapps-15.cdn.office.net/wv/s/161332141006_App_Scripts/Feedback/latest/ Frame 808B 17 KB
4 KB 7ms
6ms Stylesheet
text/css 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161332141006_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/161332141006_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

04d3333e0ca8d3b71242be1dec6a5a8dd61a9491ca769f86940b4427c0260a8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"84c9161b8e90d61:0"
X-OfficeCluster: US2C
X-CCR: true
X-OfficeVersion: 16.0.13316.41008
X-OfficeFE: DM3PEPF0000471C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1i78=afd_wordcapacity,1tt8=afd_visiocapacitytest
Content-Length: 2604
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_wordcapacity,afd_visiocapacitytest
Last-Modified: Tue, 22 Sep 2020 03:11:46 GMT
X-OFFICEFD: DM3PEPF00001D64
X-MSEdge-Ref: Ref A: 98162A9B3B3A43648155477D40AD82B5 Ref B: AMS04EDGE0420 Ref C: 2020-09-22T03:11:46Z
X-UserSessionId: 6791dcdf-6d87-4780-b4a8-db1337ceaec5
Date: Fri, 25 Sep 2020 00:58:10 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 6791dcdf-6d87-4780-b4a8-db1337ceaec5
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK officebrowserfeedbackstrings.js Show response
c1-officeapps-15.cdn.office.net/wv/s/161332141006_App_Scripts/Feedback/latest/Intl/en/ Frame 808B 5 KB
2 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/wv/s/161332141006_App_Scripts/Feedback/latest/Intl/en/officebrowserfeedbackstrings.js

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/161332141006_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

4fc9f94a11aa5b233c884d4fac3640e30bb34c61a732588c413d604b0cc9d42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"d21e31b8e90d61:0"
X-OfficeCluster: PNL1
X-CCR: true
X-OfficeVersion: 16.0.13316.41008
X-OfficeFE: AM4PEPF00006A0B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1tt8=afd_visiocapacitytest
Content-Length: 1206
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_visiocapacitytest
Last-Modified: Tue, 22 Sep 2020 03:11:46 GMT
X-OFFICEFD: AM4PEPF000068A0
X-MSEdge-Ref: Ref A: 59D4308ED7284979819AA3C9D589722B Ref B: AM3EDGE0621 Ref C: 2020-09-22T03:11:46Z
X-UserSessionId: 8e11b931-7934-4e0c-b836-b38e168ba5a3
Date: Fri, 25 Sep 2020 00:58:10 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 8e11b931-7934-4e0c-b836-b38e168ba5a3
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 0
482 B 56ms
56ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13321.41006&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":3874,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF00007284
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-officefdproxy: DB5PEPF0000409F
x-msedge-flight: 1jcz=afd_onenoteslice_control,1tt8=afd_visiocapacitytest
content-length: 0
x-msedge-features: typeheadertest,afd_onenoteslice_control,afd_visiocapacitytest
x-correlationid: 45277e98-813f-4cfc-824e-9abde9e22dd6
x-officefd: DB5PEPF0000409F
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
x-powered-by: ARR/3.0
date: Fri, 25 Sep 2020 00:58:09 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://PNL1dso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 4C461F7C539A4B968FF76948E0434D17 Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:10Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 0
462 B 54ms
54ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.13321.41006&waccluster=PNL1

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/hEC3E0FECD8521498_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_7mwBWw6X-NvUUfcz9LuTH_XuzTB1Cnu86UxLtSxueOxBUnUXiM5nRS6NqUcx42psnTpSgVG_lDnPSIquFXrtBEWabuUQlCmSeUXMxhjCh8AASMwEV9KrQyxiZuMXakG4Tx9QCP3OkYAnNB1t6QdrQ
X-UserSessionId: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
X-OfficeVersion: 16.0.13321.41006
X-Key: hOrI5gUE2Lpxe9D4ymqspb84KMDnURC/rW6Bpw7CPmI=,637365922861490941
X-bULS-SuppressionETag: 7DD8F5D390D6EF459C8D65DDD82F641224B8C7FD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1602809885454
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF00006A12
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
x-buls-suppressionetag: 7DD8F5D390D6EF459C8D65DDD82F641224B8C7FD
content-disposition: attachment
x-officefdproxy: DB5PEPF00004092
x-msedge-flight: 1jcy=afd_excelslice,1tt8=afd_visiocapacitytest
content-length: 0
x-msedge-features: typeheadertest,afd_excelslice,afd_visiocapacitytest
x-correlationid: efa543a0-e02c-435d-9ecd-d7434736eff0
x-officefd: DB5PEPF00004092
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
x-powered-by: ARR/3.0
date: Fri, 25 Sep 2020 00:58:09 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://PNL1dso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 5631E164AC8C4F9AA875F82C510EFC4B Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:10Z
timing-allow-origin: *

OPTIONS
H2 200 CampaignMetadataAggregator
messaging.office.com/lifecycle/ Frame 0
0 286ms
93ms Other 52.109.76.78
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=US&locale=en-US&app=2155&platform=Web&version=16.0.13321.41006&campaignParams=hasStorage%3Dtrue%26pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26AppHostName%3DOneDriveWOPI%26AppMode%3DPDF-EMBED_VIEW%26Datacenter%3DPNL1%26UpsellMode%3DShowNothing%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwacfloodgateflight3treatment%3Bwacfloodgateflight5treatment%3Bwacfloodgateflight9treatment%26&contentType=CampaignContent&puid=&OFC_FLIGHTS=wac-floodgateflight3-treatment%3Bwac-floodgateflight5-treatment%3Bwac-floodgateflight9-treatment%3B

Protocol

Server

52.109.76.78 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors

Response headers

status: 200
cache-control: private
server
x-correlationid: 9e19615b-930e-45f9-ba55-723dfe5601ae
x-usersessionid: 9e19615b-930e-45f9-ba55-723dfe5601ae
x-officefe: OmexMessagingStorefront_IN_0
x-officeversion: 20.4.10806.10001
x-officecluster: neu-000.omexmessaging.osi.office.net
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-machine: neu-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_0
x-gateids: AirTrafficControl.GovernanceRule
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000
x-frame-options: deny
access-control-max-age: 86400
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type
x-powered-by: ASP.NET
date: Fri, 25 Sep 2020 00:58:10 GMT
content-length: 0

GET
H2 200 CampaignMetadataAggregator Show response
messaging.office.com/lifecycle/ Frame 808B 6 KB
2 KB 179ms
178ms Fetch
application/json 52.109.76.78
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/161332141006_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.76.78 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

9f4f69e300387c46bd42cf9c1b1e50b141a2865151085ef88177f54766f54af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://word-view.officeapps.live.com/
x-correlationid: a11cc1e1-a5bd-45ec-c470-f886c3a83309
x-usersessionid: de07dedd-bc6e-4797-edd2-5678386f2e22
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: neu-000.omexmessaging.osi.office.net
x-gateids: AirTrafficControl.GovernanceRule
x-powered-by: ASP.NET
x-officefe: OmexMessagingStorefront_IN_0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
vary: Accept-Encoding
content-length: 1961
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
x-correlationid: 5793d552-87f6-428f-9631-8b7a17699594
server
x-usersessionid: de07dedd-bc6e-4797-edd2-5678386f2e22
date: Fri, 25 Sep 2020 00:58:10 GMT
x-frame-options: deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private, no-store
x-machine: neu-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_0
access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type
x-officeversion: 20.4.10806.10001

GET
H2 200 dime.js Show response
content.lifecycle.office.net/dime/v1/ Frame 808B 158 KB
46 KB 88ms
9ms Script
text/javascript 2620:1ec:bdf::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://content.lifecycle.office.net/dime/v1/dime.js
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h43600CDC283BA9D5_App_Scripts/WordViewer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e265ebb78c5e27ebf3f023f1ba27ef866334bdf7e0ae53b7e3125b9031b9d2a1

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Sep 2020 00:58:09 GMT
content-encoding: br
x-azure-ref-originshield: 0QTttXwAAAAD6f6tze5Q1Sbl1WGn+hvb2TE9OMjFFREdFMDIxNwA3MjljZDE3NS02MWNlLTQyNzktODljNy1mZjRlN2RhZDg3N2Q=
content-md5: KjiWa/kVs+UiIDNupGj51w==
x-cache: TCP_HIT
status: 200
x-ms-lease-status: unlocked
last-modified: Tue, 15 Sep 2020 23:19:40 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D859CDD2236FB3
x-azure-ref: 0okBtXwAAAAAvRtCbO69nRL1DN+5SElNjRlJBRURHRTEwMDcANzI5Y2QxNzUtNjFjZS00Mjc5LTg5YzctZmY0ZTdkYWQ4Nzdk
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: d4fedcda-701e-0084-30ce-9221f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=3600
x-ms-version: 2009-09-19

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 0
328 B 23ms
22ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h43600CDC283BA9D5_App_Scripts/WordViewer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF000068AD
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF00007284
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1jcz=afd_onenoteslice_control,1q8w=afd_pptcapacity,1tt8=afd_visiocapacitytest
content-length: 0
x-msedge-features: typeheadertest,afd_onenoteslice_control,afd_pptcapacity,afd_visiocapacitytest
x-correlationid: 7acf935f-40d9-4ef2-a45c-749527f8302a
x-officecluster: PNL1
x-ccr: true
x-usersessionid: 7acf935f-40d9-4ef2-a45c-749527f8302a
date: Fri, 25 Sep 2020 00:58:09 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 0F30E0789CB34E228E0F61AD24E84DDB Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:10Z
timing-allow-origin: *

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 1 KB
924 B 23ms
23ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/hEC3E0FECD8521498_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e261746fe4701ada54a7c7fceda98513f61225b4b83d8669fdfe65e2f686df10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-UserSessionId: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
X-OfficeVersion: 16.0.13321.41006
X-Key: hOrI5gUE2Lpxe9D4ymqspb84KMDnURC/rW6Bpw7CPmI=,637365922861490941
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF00006A03
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
content-disposition: attachment
x-msedge-flight: 1tt8=afd_visiocapacitytest
content-length: 655
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&access_token=4w%5F7mwBWw6X%2DNvUUfcz9LuTH%5FXuzTB1Cnu86UxLtSxueOxBUnUXiM5nRS6NqUcx42psnTpSgVG%5FlDnPSIquFXrtBEWabuUQlCmSeUXMxhjCh8AASMwEV9KrQyxiZuMXakG4Tx9QCP3OkYAnNB1t6QdrQ&access_token_ttl=1602809885454&z=aNDdBQzA1MzcwQzhENkFFRSExMTguNDY00000000-0000-0000-0000-000000000802p_1_10.xml"
x-msedge-features: typeheadertest,afd_visiocapacitytest
x-correlationid: 4422953b-d347-4dd9-883a-cb177f57dd04
x-officefd: AM4PEPF000068C7
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
date: Fri, 25 Sep 2020 00:58:09 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 6C509175C1454D91B7309B67442008EB Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:10Z
timing-allow-origin: *
expires: Sat, 25 Sep 2021 00:58:10 GMT

GET
H/1.1 200
OK otelFull.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161332141006_App_Scripts/ Frame 808B 174 KB
48 KB 7ms
6ms Script
application/javascript 2a02:26f0:f1:28c::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161332141006_App_Scripts/otelFull.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h43600CDC283BA9D5_App_Scripts/WordViewer.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:28c::4b36 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

9494720694da30b898c50f5cb525c342bbb73f4d0758f14cd75e9932465dcdb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"80dde0f08f90d61:0"
X-OfficeCluster: IE3
X-OfficeVersion: 16.0.13316.41008
X-OfficeFE: DB5PEPF000054EC
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
X-MSEdge-Flight: 1tt8=afd_visiocapacitytest
Content-Length: 47833
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_visiocapacitytest
Last-Modified: Tue, 22 Sep 2020 03:24:55 GMT
X-OFFICEFD: DB5PEPF00000569
X-MSEdge-Ref: Ref A: 64261C1A90B44203A70D32D5B0AC7956 Ref B: AMS04EDGE0714 Ref C: 2020-09-22T03:24:55Z
X-UserSessionId: 7eb1ca74-e363-4e08-82f4-af84e3156ffb
Date: Fri, 25 Sep 2020 00:58:10 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 7eb1ca74-e363-4e08-82f4-af84e3156ffb
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 808B 4 B
333 B 661ms
164ms XHR
application/json 52.114.128.74
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161332141006_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.128.74 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 00:58:10 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 1.0.0.0 Show response
config.edge.skype.com/config/v1/Dime/ Frame 808B 1 KB
821 B 182ms
166ms Fetch
application/json 2620:1ec:21::23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://config.edge.skype.com/config/v1/Dime/1.0.0.0?PartnerId=OfficeOnlineWord&Version=1.8.0.5741932&ClientId=d7b38dd0-238a-4eef-ad88-401d99366b8f&Browser=other

Requested by

Host: content.lifecycle.office.net
URL: https://content.lifecycle.office.net/dime/v1/dime.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:21::23 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c5932ae92d38634e515020046c7d721e31d4c36090404d54a0c5899367ff49d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-msedge-ref: Ref A: 6AAF8896F1884166BFD4DD2773F277B0 Ref B: FRAEDGE1310 Ref C: 2020-09-25T00:58:10Z
status: 200
etag: "PhJXozHNkvACQ9CSqHzdA6tV8lOw5RDjtkT/vG1wpYs="
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: ETag, Date
cache-control: no-cache,max-age=3600
date: Fri, 25 Sep 2020 00:58:10 GMT
content-length: 453
expires: Fri, 25 Sep 2020 01:58:10 GMT

GET
H2 200 translation.ashx Show response
word-view.officeapps.live.com/wv/ Frame 808B 1 KB
1 KB 125ms
124ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&access_token=4w%5F7mwBWw6X%2DNvUUfcz9LuTH%5FXuzTB1Cnu86UxLtSxueOxBUnUXiM5nRS6NqUcx42psnTpSgVG%5FlDnPSIquFXrtBEWabuUQlCmSeUXMxhjCh8AASMwEV9KrQyxiZuMXakG4Tx9QCP3OkYAnNB1t6QdrQ&access_token_ttl=1602809885454&z=aNDdBQzA1MzcwQzhENkFFRSExMTguNDY&uilang=en-US

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/hEC3E0FECD8521498_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8cf0756513872fdc5267c8654fd15303d526738cbad4a73086c79847b60eb20a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-UserSessionId: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
X-OfficeVersion: 16.0.13321.41006
X-Key: hOrI5gUE2Lpxe9D4ymqspb84KMDnURC/rW6Bpw7CPmI=,637365922861490941
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=P2KMeOZ9mkGm8Wlb9Azx3w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F47AC05370C8D6AEE%21118&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.13321.41006
x-officefe: AM4PEPF000069F4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status: 200
x-msedge-flight: 1tt8=afd_visiocapacitytest
content-length: 1059
pragma: no-cache
x-msedge-features: typeheadertest,afd_visiocapacitytest
x-correlationid: 48d03692-0545-4f7c-b5ec-137b402e5183
x-officefd: AM4PEPF00007454
x-ccr: true
x-usersessionid: 9ef8c2a7-433b-432c-a10c-8b35338f1db4
date: Fri, 25 Sep 2020 00:58:10 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 27717390677840F991EE82AB62E2FDA7 Ref B: AMS04EDGE0216 Ref C: 2020-09-25T00:58:10Z
timing-allow-origin: *
expires: -1

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 808B 0
397 B 661ms
165ms XHR
application/json 52.114.128.74
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by: Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/161332141006_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.128.74 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 00:58:11 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 570
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 808B 24 B
380 B 895ms
409ms XHR
application/json 52.114.128.74
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.3.5&apikey=e064ef4d9cdb454d9eddb2f7f7a94c83-89a6d9df-7218-4efd-bcd4-16ea059deea2-7672,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045,79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407&upload-time=1600995492233&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161332141006_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.128.74 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: f4ce35331abe9a6735c904a3f76fbcbfb547702a7a73ccb2fc135b5abef90b8f

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 25 Sep 2020 00:58:12 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 560
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 808B 24 B
380 B 654ms
162ms XHR
application/json 52.114.128.74
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.3.5&apikey=70ed233fa6a34865898dfc05cb334775-d0c23781-8b3d-4ae5-a58e-c62c606659a4-7051&upload-time=1600995492242&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: content.lifecycle.office.net
URL: https://content.lifecycle.office.net/dime/v1/dime.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.128.74 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: d0c3e6c8d25e655f19d3788bbf4982f52cba3498833d7d44ccf64e7e3f3de5a2

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 25 Sep 2020 00:58:12 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 566
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

POST
H2 404 log Show response
onedrive.live.com/ 77 KB
77 KB 148ms
148ms XHR
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/log

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=47AC05370C8D6AEE&resid=47AC05370C8D6AEE%21118&authkey=ADka2iqX5oVlSi8&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f61d093fe41401a6901bb49aaef41af8b9af5c45e9c1dfd1e18cc0e4c426e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/embed?cid=47AC05370C8D6AEE&resid=47AC05370C8D6AEE%21118&authkey=ADka2iqX5oVlSi8&em=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
x-msnserver: RD00155D999519
x-content-type-options: nosniff
x-msedge-ref: Ref A: B203446CF44C493CA00D80305CF9DD39 Ref B: WAW01EDGE0307 Ref C: 2020-09-25T00:58:16Z
x-odwebserver: eastus0-odwebpl
content-type: text/html; charset=utf-8
status: 404
cache-control: no-cache, no-store
date: Fri, 25 Sep 2020 00:58:16 GMT
content-length: 78497
expires: -1

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.live.com/	1970-01-19 12:53:20	Name: wla42 Value:
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 1
.live.com/	1969-12-31 23:59:59	Name: xid Value: 6185096c-bcb2-46e0-b893-8093e89d51f4&&RD00155D9989B5&313
.live.com/	1969-12-31 23:59:59	Name: E Value: P:1xU0De5g2Ig=:YGkhiXYI+01atXbYNGEh6QuI/TCWjGMKNLJP0Rz28lo=:F

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.s-microsoft.com
c1-officeapps-15.cdn.office.net
c1-word-view-15.cdn.office.net
config.edge.skype.com
content.lifecycle.office.net
js.live.net
messaging.office.com
onedrive.live.com
spoprod-a.akamaihd.net
uhf.microsoft.com
word-view.officeapps.live.com
104.111.233.232
13.107.42.13
2.21.26.74
2620:1ec:21::23
2620:1ec:a92::171
2620:1ec:bdf::10
2a02:26f0:6c00:286::2b57
2a02:26f0:6c00:28e::356e
2a02:26f0:6c00:294::4b36
2a02:26f0:f1:28c::4b36
52.109.76.78
52.114.128.74
013829bf7a223a664419855de85b543d06f79c80fac2ac84de3fa3ae5b7ff48b
04d3333e0ca8d3b71242be1dec6a5a8dd61a9491ca769f86940b4427c0260a8c
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
1479b52bace821fc604e7ded0f67b139808c4fe3fc21623c3cbe420e092ecc0e
1535325442267a57eb72a0793c4b91838e2e55489f315d986855af90c63de86c
16de55f00f90ee48244c3e60f25fefc61ff1d1eac8abccabcfe25d75048437be
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
43600cdc283ba9d5688507cee72b07f5c00b79afea96a0c50b434a79488ae908
455be57e5ca76be462428c7b127d03d0245952b7e00ca14e8bcb3bfe7584c758
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
4f61d093fe41401a6901bb49aaef41af8b9af5c45e9c1dfd1e18cc0e4c426e1e
4fc9f94a11aa5b233c884d4fac3640e30bb34c61a732588c413d604b0cc9d42a
53c1b6c80038359986460660b1ac32dca80863fd0368fe0f8a431910532d380a
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
621444729b901edd79a8ac4fd06bb553901fdf84b7be631b7e1efbf31037b13c
66c5d9882a954332c4aebef2386c7713a226fa617ddcd08d22f24e53ba5ec066
6b2e0d681aa3096520c07b5fdb451ca73df5c8726b8a137c59f259392a2274e7
8cf0756513872fdc5267c8654fd15303d526738cbad4a73086c79847b60eb20a
910f1f3ce687cfde1a12415fe73a4465e7a2f851177c33ca8e9f3b5c5f93c41c
9494720694da30b898c50f5cb525c342bbb73f4d0758f14cd75e9932465dcdb4
9caa1009b93630783baf948889200565caab53235a610e462e70552e89c3154a
9f4f69e300387c46bd42cf9c1b1e50b141a2865151085ef88177f54766f54af9
a188e6c4c6729c3abbe6a34e45b5c3d7d65ffc659e1baa46632ffb1c876e815c
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
ae0f7449525d50493195cd3368e29f80c9a76fd868f3406aa9f33c8c7edb26ba
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
bf3d4e4b559ab635aad4a1d957f9e82cade9eeee8d1617596177b89f07c336d6
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c5932ae92d38634e515020046c7d721e31d4c36090404d54a0c5899367ff49d6
d0c3e6c8d25e655f19d3788bbf4982f52cba3498833d7d44ccf64e7e3f3de5a2
d2e3f06cf57bf94eaec6e89dca7e8b42e4d0c9269a2997bd0a32a49a0182b0a4
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e261746fe4701ada54a7c7fceda98513f61225b4b83d8669fdfe65e2f686df10
e265ebb78c5e27ebf3f023f1ba27ef866334bdf7e0ae53b7e3125b9031b9d2a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5528aba73c716ee34651414b696a323d88bd474838714df23a579d83052c64e
ec3e0fecd8521498aca392912219497d50c10ee21fcd8e670f04b86bd7d7b225
f4ce35331abe9a6735c904a3f76fbcbfb547702a7a73ccb2fc135b5abef90b8f

onedrive.live.com Open in urlscan Pro 13.107.42.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

61 Requests

100 %HTTPS

58 %IPv6

8 Domains

13 Subdomains

13 IPs

5 Countries

1463 kBTransfer

4779 kBSize

4 Cookies

0 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

58 %
IPv6

8
Domains

13
Subdomains

13
IPs

5
Countries

1463 kB
Transfer

4779 kB
Size

4
Cookies

61 HTTP transactions
1 data transactions