URL: https://onedrive.live.com/embed?cid=3871B7BAD2D4FC0D&resid=3871B7BAD2D4FC0D%21131&authkey=ALIQU7HmYjAkkLs&em=2
Submission: On November 05 via manual from US

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 37 HTTP transactions. The main IP is 131.253.33.217, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is onedrive.live.com.
TLS certificate: Issued by Microsoft IT TLS CA 1 on August 2nd 2017. Valid for: 2 years.
This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 131.253.33.217 8068 (MICROSOFT...)
8 2.16.186.40 20940 (AKAMAI-ASN1)
11 2620:1ec:a92:... 8068 (MICROSOFT...)
2 2a02:26f0:f1:... 20940 (AKAMAI-ASN1)
7 2a02:26f0:f1:... 20940 (AKAMAI-ASN1)
6 2a02:26f0:f1:... 20940 (AKAMAI-ASN1)
1 2a02:26f0:f1:... 20940 (AKAMAI-ASN1)
1 104.109.84.135 20940 (AKAMAI-ASN1)
37 9
Domain Requested by
11 word-view.officeapps.live.com onedrive.live.com
word-view.officeapps.live.com
c1-officeapps-15.cdn.office.net
8 spoprod-a.akamaihd.net onedrive.live.com
7 c1-word-view-15.cdn.office.net word-view.officeapps.live.com
c1-officeapps-15.cdn.office.net
c1-word-view-15.cdn.office.net
6 c1-officeapps-15.cdn.office.net word-view.officeapps.live.com
c1-word-view-15.cdn.office.net
2 c.s-microsoft.com word-view.officeapps.live.com
1 js.live.net c1-word-view-15.cdn.office.net
1 uhf.microsoft.com word-view.officeapps.live.com
1 onedrive.live.com
37 8

This site contains no links.

Subject Issuer Validity Valid
onedrive.com
Microsoft IT TLS CA 1
2017-08-02 -
2019-08-02
2 years crt.sh
a248.e.akamai.net
DigiCert ECC Secure Server CA
2018-01-23 -
2019-01-19
a year crt.sh
officeapps.live.com
Microsoft IT TLS CA 5
2018-03-07 -
2019-09-07
2 years crt.sh
www.microsoft.com
Microsoft IT TLS CA 4
2018-01-16 -
2020-01-16
2 years crt.sh
*.cdn.office.net
Microsoft IT TLS CA 5
2017-11-13 -
2019-11-13
2 years crt.sh
unistore.www.microsoft.com
Microsoft IT TLS CA 5
2018-01-25 -
2020-01-25
2 years crt.sh
p.sfx.ms
Microsoft IT TLS CA 2
2018-03-30 -
2020-03-30
2 years crt.sh

This page contains 2 frames:

Primary Page: https://onedrive.live.com/embed?cid=3871B7BAD2D4FC0D&resid=3871B7BAD2D4FC0D%21131&authkey=ALIQU7HmYjAkkLs&em=2
Frame ID: 29355694371C0F48C6424E0FBC5FD9F0
Requests: 10 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Frame ID: EA4ACE2E28766B51C58A280CB1B29359
Requests: 31 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^requirejs$/i

Overall confidence: 100%
Detected patterns
  • env /^flight$/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
  • env /^flight$/i

Page Statistics

37
Requests

100 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

9
IPs

3
Countries

1114 kB
Transfer

3331 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request embed
onedrive.live.com/
57 KB
20 KB
Document
General
Full URL
https://onedrive.live.com/embed?cid=3871B7BAD2D4FC0D&resid=3871B7BAD2D4FC0D%21131&authkey=ALIQU7HmYjAkkLs&em=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
131.253.33.217 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
02ac77e49184b66a97ebff3620306aafcc3fe12069fd34d3afac9da2681c0d02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
onedrive.live.com
:scheme
https
:path
/embed?cid=3871B7BAD2D4FC0D&resid=3871B7BAD2D4FC0D%21131&authkey=ALIQU7HmYjAkkLs&em=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
set-cookie
E=P:FOAhs1JD1og=:vpB65rT+N9J/I/L5beffpoK1KG05YHJnFsBzVx2vXEo=:F; domain=.live.com; path=/ xid=cd8d569c-6169-47ed-b805-883d5313264f&&RD00155D9966BC&357; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ LD=; domain=.live.com; expires=Mon, 05-Nov-2018 17:32:59 GMT; path=/ wla42=; domain=live.com; expires=Mon, 12-Nov-2018 19:12:59 GMT; path=/
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-msnserver
RD00155D9966BC
x-odwebserver
eastus0-ODWebpl
x-msedge-ref
Ref A: 4DB82D9AB75A4D86A420A29D53724FB7 Ref B: AM3EDGE0906 Ref C: 2018-11-05T19:12:59Z
date
Mon, 05 Nov 2018 19:12:59 GMT
filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//
85 KB
16 KB
Stylesheet
General
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=3871B7BAD2D4FC0D&resid=3871B7BAD2D4FC0D%21131&authkey=ALIQU7HmYjAkkLs&em=2
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Nov 2018 19:12:59 GMT
content-encoding
gzip
content-md5
EesZadmsnx78d9ZWIKfswQ==
status
200
content-length
15784
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E53BE6E430
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
6d2753fc-501e-00e6-0ad5-eb0c22000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control
public, max-age=16189840
x-ms-version
2009-09-19
filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//
169 KB
30 KB
Stylesheet
General
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=3871B7BAD2D4FC0D&resid=3871B7BAD2D4FC0D%21131&authkey=ALIQU7HmYjAkkLs&em=2
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Nov 2018 19:12:59 GMT
content-encoding
gzip
content-md5
owOkAskXvYo3Ps40fhU7TQ==
status
200
content-length
30548
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E53C3A1C6F
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
45647edb-101e-00c8-61d5-eb8ce5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control
public, max-age=16189859
x-ms-version
2009-09-19
wlx_fonts-c7993ded.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//
123 KB
93 KB
Stylesheet
General
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//wlx_fonts-c7993ded.css
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=3871B7BAD2D4FC0D&resid=3871B7BAD2D4FC0D%21131&authkey=ALIQU7HmYjAkkLs&em=2
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
455be57e5ca76be462428c7b127d03d0245952b7e00ca14e8bcb3bfe7584c758

Request headers

Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Nov 2018 19:12:59 GMT
content-encoding
gzip
content-md5
x5k97ZNOTA+fsPCUPRp4Qw==
status
200
content-length
94644
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E5410A12E4
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
f3dbb10f-301e-011c-1ed8-eb8390000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control
public, max-age=16190780
x-ms-version
2009-09-19
wordviewerframe.aspx
word-view.officeapps.live.com/wv/ Frame EA4A
52 KB
53 KB
Document
General
Full URL
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=3871B7BAD2D4FC0D&resid=3871B7BAD2D4FC0D%21131&authkey=ALIQU7HmYjAkkLs&em=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
44e067736927c5791d657d6215a3e90fb4e2bd8cc9e2b642f3f8ffa955239109
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
POST
:authority
word-view.officeapps.live.com
:scheme
https
:path
/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
content-length
231
pragma
no-cache
cache-control
no-cache
origin
https://onedrive.live.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://onedrive.live.com/
accept-encoding
gzip, deflate
cookie
E=P:FOAhs1JD1og=:vpB65rT+N9J/I/L5beffpoK1KG05YHJnFsBzVx2vXEo=:F; xid=cd8d569c-6169-47ed-b805-883d5313264f&&RD00155D9966BC&357; xidseq=1; wla42=
Origin
https://onedrive.live.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://onedrive.live.com/

Response headers

status
200
cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
expires
-1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1033&data=1033; expires=Tue, 05-Feb-2019 19:13:00 GMT; path=/; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/
x-correlationid
29b67006-2184-44e0-a63b-2be38f1de6ec
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-ccr
true
x-officefe
a9143d33bb52
x-officeversion
16.0.11030.32653
x-officecluster
NL2
x-content-type-options
nosniff
content-security-policy-report-only
font-src data: c1-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com c.s-microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com c.s-microsoft.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' https:; child-src * https:; img-src * data: blob: https:; report-uri /reportcsp.ashx
x-officefd
7272918c75b0
x-msedge-ref
Ref A: 1A722FB153CB41CDA299B651B5688336 Ref B: VIEEDGE0709 Ref C: 2018-11-05T19:13:00Z
date
Mon, 05 Nov 2018 19:12:59 GMT
jquery-1.7.2-39eeb07e.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/
92 KB
33 KB
Script
General
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=3871B7BAD2D4FC0D&resid=3871B7BAD2D4FC0D%21131&authkey=ALIQU7HmYjAkkLs&em=2
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Nov 2018 19:12:59 GMT
content-encoding
gzip
content-md5
Oe6wfmgC4rV/XhCprZvKJA==
status
200
content-length
33335
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E53DB4CCFD
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
456481ad-101e-00c8-56d5-eb8ce5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control
public, max-age=16189817
x-ms-version
2009-09-19
embed_s_embed-212fe29f.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/
483 KB
133 KB
Script
General
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=3871B7BAD2D4FC0D&resid=3871B7BAD2D4FC0D%21131&authkey=ALIQU7HmYjAkkLs&em=2
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Nov 2018 19:12:59 GMT
content-encoding
gzip
content-md5
IS/in/g30QB+g7MVI79lXQ==
status
200
content-length
135707
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E533D8DD7F
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6d2755cd-501e-00e6-20d5-eb0c22000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control
public, max-age=16189843
x-ms-version
2009-09-19
truncated
/
34 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://onedrive.live.com

Response headers

Access-Control-Allow-Origin
*
Content-Type
font/woff;charset=utf-8
embed1-0986a9b4.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/
47 KB
14 KB
Script
General
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=3871B7BAD2D4FC0D&resid=3871B7BAD2D4FC0D%21131&authkey=ALIQU7HmYjAkkLs&em=2
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Nov 2018 19:13:00 GMT
content-encoding
gzip
content-md5
CYaptDz18cVXSIKt0vWKWA==
status
200
content-length
14119
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E5332E9B80
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
45648324-101e-00c8-0cd5-eb8ce5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control
public, max-age=16189756
x-ms-version
2009-09-19
embed2-8c600200.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/
203 KB
68 KB
Script
General
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=3871B7BAD2D4FC0D&resid=3871B7BAD2D4FC0D%21131&authkey=ALIQU7HmYjAkkLs&em=2
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Nov 2018 19:13:00 GMT
content-encoding
gzip
content-md5
jGACACXYYkvx7qKc5FskXg==
status
200
content-length
69276
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E5337DDB83
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6d2756be-501e-00e6-6fd5-eb0c22000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control
public, max-age=16189960
x-ms-version
2009-09-19
embed0-54f3ec81.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/
15 KB
6 KB
Script
General
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=3871B7BAD2D4FC0D&resid=3871B7BAD2D4FC0D%21131&authkey=ALIQU7HmYjAkkLs&em=2
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.40 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 05 Nov 2018 19:13:00 GMT
content-encoding
gzip
content-md5
VPPsgWGZk5RDzVgXZtU7Yg==
status
200
content-length
6057
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:53:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E532CDCC12
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b96f33ba-101e-0122-1fd5-eb35b1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control
public, max-age=16189895
x-ms-version
2009-09-19
mscc-0.4.1.min.css
c.s-microsoft.com/mscc/statics/ Frame EA4A
1 KB
934 B
Stylesheet
General
Full URL
https://c.s-microsoft.com/mscc/statics/mscc-0.4.1.min.css
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:296::356e , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880

Request headers

Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 05 Nov 2018 19:13:00 GMT
content-encoding
gzip
last-modified
Mon, 10 Sep 2018 17:42:23 GMT
content-md5
2MKxgMQLzH/8vixotX2Pog==
status
200
etag
0x8D61744C3ED0073
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
41f924a0-901e-0090-04fe-4986d4000000
x-ms-version
2009-09-19
content-length
627
WordViewer.css
c1-word-view-15.cdn.office.net/wv/s/161103032653_resources/1033/ Frame EA4A
192 KB
29 KB
Stylesheet
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/161103032653_resources/1033/WordViewer.css
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:28f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
afbdc2a273404bb86568f631449b294923cdd3a81e662435bd88af85fcf28ef1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"0cfd2fbb972d41:0"
X-OfficeCluster
NL2
X-CCR
true
X-OfficeVersion
16.0.11025.37775
X-OfficeFE
30edd69fbfd7
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
28915
Cache-Control
public,max-age=31536000
Last-Modified
Fri, 02 Nov 2018 14:40:22 GMT
X-OFFICEFD
f5c2c766d413
X-MSEdge-Ref
Ref A: B18ED9424DC44335810523B0BD07313E Ref B: AMS04EDGE0720 Ref C: 2018-11-02T14:40:21Z
X-UserSessionId
f52a03a0-a977-46fd-b61a-9c3c217d04ba
Date
Mon, 05 Nov 2018 19:13:00 GMT
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
X-CorrelationId
f52a03a0-a977-46fd-b61a-9c3c217d04ba
Accept-Ranges
bytes
Timing-Allow-Origin
*
MicrosoftAjax.js
c1-officeapps-15.cdn.office.net/wv/s/161103032653_App_Scripts/ Frame EA4A
105 KB
27 KB
Script
General
Full URL
https://c1-officeapps-15.cdn.office.net/wv/s/161103032653_App_Scripts/MicrosoftAjax.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
0472d2a94ae07ca63c9b7b6b7ed95419bb2da6ad34d01075b43f0f9287b30984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"80383afbb972d41:0"
X-OfficeCluster
NL2
X-CCR
true
X-OfficeVersion
16.0.11025.37775
X-OfficeFE
d2319df7460d
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
26964
Cache-Control
public,max-age=31536000
Last-Modified
Fri, 02 Nov 2018 14:40:21 GMT
X-OFFICEFD
1e13da00479e
X-MSEdge-Ref
Ref A: F403B19308E84B20BFC5CBD199E7207A Ref B: AM3EDGE0811 Ref C: 2018-11-02T14:40:21Z
X-UserSessionId
ade7573b-ca96-49e1-ad5e-b24064dac331
Date
Mon, 05 Nov 2018 19:13:00 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
ade7573b-ca96-49e1-ad5e-b24064dac331
Accept-Ranges
bytes
Timing-Allow-Origin
*
mscc-0.4.1.min.js
c.s-microsoft.com/mscc/statics/ Frame EA4A
3 KB
2 KB
Script
General
Full URL
https://c.s-microsoft.com/mscc/statics/mscc-0.4.1.min.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:296::356e , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 05 Nov 2018 19:13:00 GMT
content-encoding
gzip
last-modified
Mon, 10 Sep 2018 17:42:12 GMT
content-md5
XpofSqMdSqYPb4maLkXO+A==
status
200
etag
0x8D61744BD6EA9B6
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
9fc6c4bd-001e-003f-1afe-49a444000000
x-ms-version
2009-09-19
content-length
1588
cookiecompliance.js
c1-officeapps-15.cdn.office.net/wv/s/161103032653_App_Scripts/ Frame EA4A
9 KB
3 KB
Script
General
Full URL
https://c1-officeapps-15.cdn.office.net/wv/s/161103032653_App_Scripts/cookiecompliance.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
910f1f3ce687cfde1a12415fe73a4465e7a2f851177c33ca8e9f3b5c5f93c41c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"80a7eda0ba72d41:0"
X-OfficeCluster
NL2
X-CCR
true
X-OfficeVersion
16.0.11025.37775
X-OfficeFE
7cb65046c4c2
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
1945
Cache-Control
public,max-age=31536000
Last-Modified
Fri, 02 Nov 2018 14:44:59 GMT
X-OFFICEFD
38198d8c31de
X-MSEdge-Ref
Ref A: CE601E13CDDA471FAE6003B45E5DC23F Ref B: AM3EDGE0811 Ref C: 2018-11-02T14:44:59Z
X-UserSessionId
b8a016d6-c226-4019-a312-6e86660e82c1
Date
Mon, 05 Nov 2018 19:13:00 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
b8a016d6-c226-4019-a312-6e86660e82c1
Accept-Ranges
bytes
Timing-Allow-Origin
*
CommonIntl.js
c1-officeapps-15.cdn.office.net/wv/s/161103032653_App_Scripts/1033/ Frame EA4A
59 KB
19 KB
Script
General
Full URL
https://c1-officeapps-15.cdn.office.net/wv/s/161103032653_App_Scripts/1033/CommonIntl.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
5beb6b937f09a99d28e08863c0afa5f6011df0f017253a9789aefd2110f825fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"80383afbb972d41:0"
X-OfficeCluster
NL2
X-CCR
true
X-OfficeVersion
16.0.11025.37775
X-OfficeFE
5ff2c27c8b22
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
18087
Cache-Control
public,max-age=31536000
Last-Modified
Fri, 02 Nov 2018 14:40:21 GMT
X-OFFICEFD
52bcd85898e1
X-MSEdge-Ref
Ref A: 20506288E9924ED5BD6B2BF4BFD15051 Ref B: AMS04EDGE0107 Ref C: 2018-11-02T14:40:21Z
X-UserSessionId
a5ea8917-fb05-4453-aef9-fb3cee00b9cb
Date
Mon, 05 Nov 2018 19:13:00 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
a5ea8917-fb05-4453-aef9-fb3cee00b9cb
Accept-Ranges
bytes
Timing-Allow-Origin
*
Compat.js
c1-word-view-15.cdn.office.net/wv/s/161103032653_App_Scripts/ Frame EA4A
6 KB
2 KB
Script
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/161103032653_App_Scripts/Compat.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:28f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"8054889ba72d41:0"
X-OfficeCluster
NL2
X-CCR
true
X-OfficeVersion
16.0.11025.37775
X-OfficeFE
94c21aebf23c
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
1618
Cache-Control
public,max-age=31536000
Last-Modified
Fri, 02 Nov 2018 14:40:45 GMT
X-OFFICEFD
d5dc29600d67
X-MSEdge-Ref
Ref A: 4A10815560C14C2E892C97EA7ADCAFC9 Ref B: AMS04EDGE0720 Ref C: 2018-11-02T14:40:46Z
X-UserSessionId
e7bec3ae-a720-4a31-a416-2c051f8c9605
Date
Mon, 05 Nov 2018 19:13:00 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
e7bec3ae-a720-4a31-a416-2c051f8c9605
Accept-Ranges
bytes
Timing-Allow-Origin
*
WordViewerIntl.js
c1-word-view-15.cdn.office.net/wv/s/161103032653_App_Scripts/1033/ Frame EA4A
18 KB
5 KB
Script
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/161103032653_App_Scripts/1033/WordViewerIntl.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:28f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
668b05a31c3a0eeef02775404ede2782cda127f92569ae938f80601b44d011cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"80383afbb972d41:0"
X-OfficeCluster
NL2
X-CCR
true
X-OfficeVersion
16.0.11025.37775
X-OfficeFE
30edd69fbfd7
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
3962
Cache-Control
public,max-age=31536000
Last-Modified
Fri, 02 Nov 2018 14:40:21 GMT
X-OFFICEFD
4789d38c70cb
X-MSEdge-Ref
Ref A: 74611BFBAA2247919395A4BB07E2259C Ref B: AMS04EDGE0110 Ref C: 2018-11-02T14:40:21Z
X-UserSessionId
7d4ce8a0-1243-4915-bf51-e6e4d67129ac
Date
Mon, 05 Nov 2018 19:13:00 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
7d4ce8a0-1243-4915-bf51-e6e4d67129ac
Accept-Ranges
bytes
Timing-Allow-Origin
*
WordViewer.js
c1-word-view-15.cdn.office.net/wv/s/161103032653_App_Scripts/ Frame EA4A
906 KB
244 KB
Script
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/161103032653_App_Scripts/WordViewer.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:28f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
705747018d8907af8ecdb97a445cb5e4d7827f44212730a1e7a26e926efb4706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"0cfd2fbb972d41:0"
X-OfficeCluster
NL2
X-CCR
true
X-OfficeVersion
16.0.11025.37775
X-OfficeFE
449038f76df8
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
248553
Cache-Control
public,max-age=31536000
Last-Modified
Fri, 02 Nov 2018 14:40:22 GMT
X-OFFICEFD
38198d8c31de
X-MSEdge-Ref
Ref A: F95859705017461799DBE4688743ECD6 Ref B: AMS04EDGE0110 Ref C: 2018-11-02T14:40:22Z
X-UserSessionId
de2ace7e-9d3e-4a20-86ec-0f089a5d1d20
Date
Mon, 05 Nov 2018 19:13:00 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
de2ace7e-9d3e-4a20-86ec-0f089a5d1d20
Accept-Ranges
bytes
Timing-Allow-Origin
*
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame EA4A
0
292 B
XHR
General
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.11030.32653&waccluster=NL2
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:path
/wv/RemoteUls.ashx?build=16.0.11030.32653&waccluster=NL2
pragma
no-cache
cookie
E=P:FOAhs1JD1og=:vpB65rT+N9J/I/L5beffpoK1KG05YHJnFsBzVx2vXEo=:F; xid=cd8d569c-6169-47ed-b805-883d5313264f&&RD00155D9966BC&357; xidseq=1; wla42=; DcLcid=ui=1033&data=1033; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
origin
https://word-view.officeapps.live.com
accept-encoding
gzip, deflate
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
x-browserulsbeacon
[{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]
accept
*/*
cache-control
no-cache
:authority
word-view.officeapps.live.com
referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
:scheme
https
content-length
0
:method
POST
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Origin
https://word-view.officeapps.live.com
X-UserSessionId
29b67006-2184-44e0-a63b-2be38f1de6ec
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-BrowserUlsBeacon
[{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
NL2
x-officeversion
16.0.11030.32653
x-officefe
92416f6ad8d2
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
content-length
0
x-correlationid
6785e8d7-8f7d-4c7f-aae1-bc91f53cfeda
x-officefd
c0ba7aa6c698
x-ccr
true
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
date
Mon, 05 Nov 2018 19:12:59 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control
private
set-cookie
x-msedge-ref
Ref A: B8CCA4C0119F4BFFA82923DB7792EFB2 Ref B: VIEEDGE0709 Ref C: 2018-11-05T19:13:00Z
timing-allow-origin
*
truncated
/ Frame EA4A
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
223f620d31252cab8d99fba428b123b3ccc9fa705bfe3a43417e1d976c4a6221

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame EA4A
0
159 B
XHR
General
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.11030.32653&waccluster=NL2
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:path
/wv/RemoteUls.ashx?build=16.0.11030.32653&waccluster=NL2
pragma
no-cache
cookie
E=P:FOAhs1JD1og=:vpB65rT+N9J/I/L5beffpoK1KG05YHJnFsBzVx2vXEo=:F; xid=cd8d569c-6169-47ed-b805-883d5313264f&&RD00155D9966BC&357; xidseq=1; wla42=; DcLcid=ui=1033&data=1033; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
origin
https://word-view.officeapps.live.com
accept-encoding
gzip, deflate
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
x-browserulsbeacon
[{"Index":1,"MsSinceStart":112,"Value":"https://c1-word-view-15.cdn.office.net:443/wv/s/161103032653_resources/1033/WordViewer.css","Type":"ResourceDownloadSuccess"}]
accept
*/*
cache-control
no-cache
:authority
word-view.officeapps.live.com
referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
:scheme
https
content-length
0
:method
POST
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Origin
https://word-view.officeapps.live.com
X-UserSessionId
29b67006-2184-44e0-a63b-2be38f1de6ec
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-BrowserUlsBeacon
[{"Index":1,"MsSinceStart":112,"Value":"https://c1-word-view-15.cdn.office.net:443/wv/s/161103032653_resources/1033/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
NL2
x-officeversion
16.0.11030.32653
x-officefe
9217e78740ce
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
content-length
0
x-correlationid
7dafd4b6-93ec-4f5c-afe4-43d928a15af5
x-officefd
3e25b8bcb34a
x-ccr
true
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
date
Mon, 05 Nov 2018 19:12:59 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control
private
set-cookie
x-msedge-ref
Ref A: D5F2A7F6F3D54CDFBA625424CF93AE6F Ref B: VIEEDGE0709 Ref C: 2018-11-05T19:13:00Z
timing-allow-origin
*
truncated
/ Frame EA4A
60 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83f8c8c200f72e996a99b719fa97f1e588904baa0602a9347bf6ea342b909ac7

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif
truncated
/ Frame EA4A
60 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36f5a64c706e1ae129419a67790b4a99a8f8f0ba20210a9920e7b474914442b6

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame EA4A
61 KB
61 KB
Image
General
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&access_token=4wX2xpz9Cf99IAnZjpXaDDvSYLT8eMRzRxI4MKqENKmMv3YOxnFg5i%5F7PH0AE4ZfWJHstFXRMr%2Duwyr2%5FPgsnHUZ6w%5FB6uPZZZ%5F1wBOEErdLYEULBixIBhsuQNel85D6cOqByWK1m1JAWO2gvkgwjicw&access_token_ttl=1543259579766&z=aMzg3MUI3QkFEMkQ0RkMwRCExMzEuNw&v=00000000-0000-0000-0000-000000000802&usid=29b67006-2184-44e0-a63b-2be38f1de6ec&splashscreen=1&build=16.0.11030.32653&PdfMode=1&waccluster=NL2
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
3b2d75e97905c1d80049839f252c3e9828f375677860c538aa47ea51da3af539
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:path
/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&access_token=4wX2xpz9Cf99IAnZjpXaDDvSYLT8eMRzRxI4MKqENKmMv3YOxnFg5i%5F7PH0AE4ZfWJHstFXRMr%2Duwyr2%5FPgsnHUZ6w%5FB6uPZZZ%5F1wBOEErdLYEULBixIBhsuQNel85D6cOqByWK1m1JAWO2gvkgwjicw&access_token_ttl=1543259579766&z=aMzg3MUI3QkFEMkQ0RkMwRCExMzEuNw&v=00000000-0000-0000-0000-000000000802&usid=29b67006-2184-44e0-a63b-2be38f1de6ec&splashscreen=1&build=16.0.11030.32653&PdfMode=1&waccluster=NL2
pragma
no-cache
cookie
E=P:FOAhs1JD1og=:vpB65rT+N9J/I/L5beffpoK1KG05YHJnFsBzVx2vXEo=:F; xid=cd8d569c-6169-47ed-b805-883d5313264f&&RD00155D9966BC&357; xidseq=1; wla42=; DcLcid=ui=1033&data=1033; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
word-view.officeapps.live.com
referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
:scheme
https
:method
GET
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
NL2
x-officeversion
16.0.11030.32653
x-officefe
6e3df3b8f039
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
content-length
62454
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&access_token=4wX2xpz9Cf99IAnZjpXaDDvSYLT8eMRzRxI4MKqENKmMv3YOxnFg5i%5F7PH0AE4ZfWJHstFXRMr%2Duwyr2%5FPgsnHUZ6w%5FB6uPZZZ%5F1wBOEErdLYEULBixIBhsuQNel85D6cOqByWK1m1JAWO2gvkgwjicw&access_token_ttl=1543259579766&z=aMzg3MUI3QkFEMkQ0RkMwRCExMzEuNw00000000-0000-0000-0000-000000000802p1.img"
x-correlationid
d8e0461f-0fd6-4cff-a397-8f275bdb089f
x-officefd
dde2dc781c9b
x-ccr
true
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
date
Mon, 05 Nov 2018 19:13:01 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
set-cookie
x-msedge-ref
Ref A: C3F19E5C3BAF49F0968CE51F1BB56BAE Ref B: VIEEDGE0709 Ref C: 2018-11-05T19:13:01Z
timing-allow-origin
*
expires
Tue, 05 Nov 2019 19:13:01 GMT
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame EA4A
0
158 B
XHR
General
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.11030.32653&waccluster=NL2
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:path
/wv/RemoteUls.ashx?build=16.0.11030.32653&waccluster=NL2
pragma
no-cache
cookie
E=P:FOAhs1JD1og=:vpB65rT+N9J/I/L5beffpoK1KG05YHJnFsBzVx2vXEo=:F; xid=cd8d569c-6169-47ed-b805-883d5313264f&&RD00155D9966BC&357; xidseq=1; wla42=; DcLcid=ui=1033&data=1033; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
origin
https://word-view.officeapps.live.com
accept-encoding
gzip, deflate
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
x-browserulsbeacon
[{"Index":2,"MsSinceStart":378,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]
accept
*/*
cache-control
no-cache
:authority
word-view.officeapps.live.com
referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
:scheme
https
content-length
0
:method
POST
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Origin
https://word-view.officeapps.live.com
X-UserSessionId
29b67006-2184-44e0-a63b-2be38f1de6ec
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-BrowserUlsBeacon
[{"Index":2,"MsSinceStart":378,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
NL2
x-officeversion
16.0.11030.32653
x-officefe
c9499e30d84e
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
content-length
0
x-correlationid
ac30d403-1a9d-4766-977a-6e6b00237a4c
x-officefd
f5c2c766d413
x-ccr
true
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
date
Mon, 05 Nov 2018 19:12:59 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control
private
set-cookie
x-msedge-ref
Ref A: 1D8ABD2B41974D10B146D169BE465149 Ref B: VIEEDGE0709 Ref C: 2018-11-05T19:13:00Z
timing-allow-origin
*
segoeui.woff
c1-word-view-15.cdn.office.net/wv/s/161103032653_resources/1033/ Frame EA4A
22 KB
23 KB
Font
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/161103032653_resources/1033/segoeui.woff
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/161103032653_App_Scripts/MicrosoftAjax.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:28f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://c1-word-view-15.cdn.office.net/wv/s/161103032653_resources/1033/WordViewer.css
Origin
https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"1f81caccba72d41:0"
X-OfficeCluster
NL2
X-CCR
true
X-OfficeVersion
16.0.11025.37775
X-OfficeFE
30da44a6b236
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
22720
Cache-Control
public,max-age=31536000
Last-Modified
Fri, 02 Nov 2018 14:46:12 GMT
X-OFFICEFD
9dd6b92c2371
X-MSEdge-Ref
Ref A: E0FD9F609185441AB1D08FC77E6F2201 Ref B: AM3EDGE0811 Ref C: 2018-11-02T14:46:12Z
X-UserSessionId
6c93073b-0492-4f7f-9289-b16b525962dd
Date
Mon, 05 Nov 2018 19:13:00 GMT
Content-Type
font/x-woff
Access-Control-Allow-Origin
*
X-CorrelationId
6c93073b-0492-4f7f-9289-b16b525962dd
Accept-Ranges
bytes
Timing-Allow-Origin
*
docdatahandler.ashx
word-view.officeapps.live.com/wv/ Frame EA4A
356 B
604 B
XHR
General
Full URL
https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&access_token=4wX2xpz9Cf99IAnZjpXaDDvSYLT8eMRzRxI4MKqENKmMv3YOxnFg5i%5F7PH0AE4ZfWJHstFXRMr%2Duwyr2%5FPgsnHUZ6w%5FB6uPZZZ%5F1wBOEErdLYEULBixIBhsuQNel85D6cOqByWK1m1JAWO2gvkgwjicw&access_token_ttl=1543259579766&z=aMzg3MUI3QkFEMkQ0RkMwRCExMzEuNw&type=png&o15=1&ui=en-US&PdfMode=1
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/161103032653_App_Scripts/MicrosoftAjax.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
abc5ceb6474b2747197b9c9e7e15398b3d1f15c6c0ed9f4d424e463698a09b09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

cookie
E=P:FOAhs1JD1og=:vpB65rT+N9J/I/L5beffpoK1KG05YHJnFsBzVx2vXEo=:F; xid=cd8d569c-6169-47ed-b805-883d5313264f&&RD00155D9966BC&357; xidseq=1; wla42=; DcLcid=ui=1033&data=1033; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
accept-encoding
gzip, deflate
x-officeversion
16.0.11030.32653
x-key
4IDV1ceBAtLj255kPe82qUmnWx5rkarMvehLCdyyFxk=,636770419800271292
x-requested-with
XMLHttpRequest
x-xhr
1
:path
/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&access_token=4wX2xpz9Cf99IAnZjpXaDDvSYLT8eMRzRxI4MKqENKmMv3YOxnFg5i%5F7PH0AE4ZfWJHstFXRMr%2Duwyr2%5FPgsnHUZ6w%5FB6uPZZZ%5F1wBOEErdLYEULBixIBhsuQNel85D6cOqByWK1m1JAWO2gvkgwjicw&access_token_ttl=1543259579766&z=aMzg3MUI3QkFEMkQ0RkMwRCExMzEuNw&type=png&o15=1&ui=en-US&PdfMode=1
pragma
no-cache
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
word-view.officeapps.live.com
referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
:scheme
https
x-usertype
WOPI
x-waccluster
NL2
:method
GET
X-UserSessionId
29b67006-2184-44e0-a63b-2be38f1de6ec
X-OfficeVersion
16.0.11030.32653
X-Key
4IDV1ceBAtLj255kPe82qUmnWx5rkarMvehLCdyyFxk=,636770419800271292
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
NL2

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
NL2
x-officeversion
16.0.11030.32653
x-officefe
523445bd7b7f
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
content-length
352
x-correlationid
17b4850c-ccbf-4b2e-a99a-edbe33b937d2
x-officefd
089c1558573a
x-ccr
true
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
date
Mon, 05 Nov 2018 19:13:00 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
cache-control
private
set-cookie
x-msedge-ref
Ref A: FFC216731A64416F8E106479544CB16A Ref B: VIEEDGE0709 Ref C: 2018-11-05T19:13:00Z
timing-allow-origin
*
expires
Tue, 05 Nov 2019 19:13:00 GMT
wacairspaceanimationlibrary.js
c1-officeapps-15.cdn.office.net/wv/s/161103032653_App_Scripts/ Frame EA4A
40 KB
7 KB
Script
General
Full URL
https://c1-officeapps-15.cdn.office.net/wv/s/161103032653_App_Scripts/wacairspaceanimationlibrary.js
Requested by
Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161103032653_App_Scripts/WordViewer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
458d704b9bfcd0c284aa3a76db26dfce870f7537f2913937aec2a6b9d0c969ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"80383afbb972d41:0"
X-OfficeCluster
NL2
X-CCR
true
X-OfficeVersion
16.0.11025.37775
X-OfficeFE
e8a60f8e3e37
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
6728
Cache-Control
public,max-age=31536000
Last-Modified
Fri, 02 Nov 2018 14:40:21 GMT
X-OFFICEFD
4789d38c70cb
X-MSEdge-Ref
Ref A: F6FA21B6A6E449FB9507CFEAA2D3483A Ref B: AMS04EDGE0318 Ref C: 2018-11-02T14:40:22Z
X-UserSessionId
24911f37-a888-4875-8c40-ab506902e854
Date
Mon, 05 Nov 2018 19:13:00 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
24911f37-a888-4875-8c40-ab506902e854
Accept-Ranges
bytes
Timing-Allow-Origin
*
wapsw.png
c1-officeapps-15.cdn.office.net/wv/s/161103032653_resources/1033/ Frame EA4A
6 KB
7 KB
Image
General
Full URL
https://c1-officeapps-15.cdn.office.net/wv/s/161103032653_resources/1033/wapsw.png?b=1601103032653
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"347a35abc72d41:0"
X-OfficeCluster
NL2
X-CCR
true
X-OfficeVersion
16.0.11025.37775
X-OfficeFE
90d2162fc192
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
5884
Cache-Control
public,max-age=31536000
Last-Modified
Fri, 02 Nov 2018 14:57:20 GMT
X-OFFICEFD
7272918c75b0
X-MSEdge-Ref
Ref A: 5FDD23887E9F48DAAA1574363AEE15E3 Ref B: AMS04EDGE0913 Ref C: 2018-11-02T14:57:20Z
X-UserSessionId
77b59032-4d50-450c-8ad1-4957ac9db2e4
Date
Mon, 05 Nov 2018 19:13:00 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
77b59032-4d50-450c-8ad1-4957ac9db2e4
Accept-Ranges
bytes
Timing-Allow-Origin
*
wv.png
c1-word-view-15.cdn.office.net/wv/s/161103032653_resources/1033/ Frame EA4A
33 KB
34 KB
Image
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/161103032653_resources/1033/wv.png
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:28f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
7e3a4bd4ad002fdadef0d886c9d238ae093e371b61b8a40c64a37c2b8c9a8e56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"388ebbfbb972d41:0"
X-OfficeCluster
NL2
X-CCR
true
X-OfficeVersion
16.0.11025.37775
X-OfficeFE
16f97a03a4b4
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
33586
Cache-Control
public,max-age=31536000
Last-Modified
Fri, 02 Nov 2018 14:40:21 GMT
X-OFFICEFD
b7e7b175ea1b
X-MSEdge-Ref
Ref A: F316389C33D346D8A9B895584F1E8D41 Ref B: AMS04EDGE0107 Ref C: 2018-11-02T14:40:21Z
X-UserSessionId
1646048d-06be-4a3c-b5d2-3961a60ebf07
Date
Mon, 05 Nov 2018 19:13:00 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
1646048d-06be-4a3c-b5d2-3961a60ebf07
Accept-Ranges
bytes
Timing-Allow-Origin
*
_log
uhf.microsoft.com/ Frame EA4A
0
128 B
Image
General
Full URL
https://uhf.microsoft.com/_log?o=mscc&s=officeapps.live.com&m=show&nv=aspnet-3.1.4&sv=0.1.2
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:298::2b57 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Nov 2018 19:13:00 GMT
status
204
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
0
expires
Mon, 05 Nov 2018 19:13:00 GMT
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame EA4A
0
243 B
XHR
General
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.11030.32653&waccluster=NL2
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:path
/wv/RemoteUls.ashx?build=16.0.11030.32653&waccluster=NL2
pragma
no-cache
cookie
E=P:FOAhs1JD1og=:vpB65rT+N9J/I/L5beffpoK1KG05YHJnFsBzVx2vXEo=:F; xid=cd8d569c-6169-47ed-b805-883d5313264f&&RD00155D9966BC&357; xidseq=1; wla42=; DcLcid=ui=1033&data=1033; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
origin
https://word-view.officeapps.live.com
accept-encoding
gzip, deflate
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
x-browserulsbeacon
[{"Index":3,"MsSinceStart":704,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]
accept
*/*
cache-control
no-cache
:authority
word-view.officeapps.live.com
referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
:scheme
https
content-length
0
:method
POST
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Origin
https://word-view.officeapps.live.com
X-UserSessionId
29b67006-2184-44e0-a63b-2be38f1de6ec
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-BrowserUlsBeacon
[{"Index":3,"MsSinceStart":704,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
NL2
x-officeversion
16.0.11030.32653
x-officefe
0601bc8334ad
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
content-length
0
x-correlationid
0664a596-59ae-4399-84cd-db5b1825880a
x-officefd
089c1558573a
x-ccr
true
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
date
Mon, 05 Nov 2018 19:13:00 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control
private
set-cookie
x-msedge-ref
Ref A: F54D6A6725874F61A79FA30D5CF1C7BA Ref B: VIEEDGE0709 Ref C: 2018-11-05T19:13:00Z
timing-allow-origin
*
WordViewer.dll1.js
c1-word-view-15.cdn.office.net/wv/s/161103032653_App_Scripts/ Frame EA4A
403 KB
101 KB
Script
General
Full URL
https://c1-word-view-15.cdn.office.net/wv/s/161103032653_App_Scripts/WordViewer.dll1.js
Requested by
Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161103032653_App_Scripts/WordViewer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:28f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
16d08a5b8596420a9537aae4111835abbbd38512bd4aebd51b0915e478080c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"8081b9aba72d41:0"
X-OfficeCluster
NL2
X-CCR
true
X-OfficeVersion
16.0.11025.37775
X-OfficeFE
4917c5f189fa
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
102404
Cache-Control
public,max-age=31536000
Last-Modified
Fri, 02 Nov 2018 14:40:47 GMT
X-OFFICEFD
7deb6bcfc7e8
X-MSEdge-Ref
Ref A: 13FB2235EEAA49169CF6CA709DF55770 Ref B: AMS04EDGE0810 Ref C: 2018-11-02T14:40:47Z
X-UserSessionId
e0618d06-0a69-48f1-9ad3-e52dfb88c8f3
Date
Mon, 05 Nov 2018 19:13:00 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
e0618d06-0a69-48f1-9ad3-e52dfb88c8f3
Accept-Ranges
bytes
Timing-Allow-Origin
*
progress.gif
c1-officeapps-15.cdn.office.net/wv/s/161103032653_resources/1033/ Frame EA4A
695 B
1 KB
Image
General
Full URL
https://c1-officeapps-15.cdn.office.net/wv/s/161103032653_resources/1033/progress.gif
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:29f::1c24 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"ed4a58fbb972d41:0"
X-OfficeCluster
NL2
X-CCR
true
X-OfficeVersion
16.0.11025.37775
X-OfficeFE
59c80032179a
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
695
Cache-Control
public,max-age=31536000
Last-Modified
Fri, 02 Nov 2018 14:40:21 GMT
X-OFFICEFD
65e6940e8a46
X-MSEdge-Ref
Ref A: 6A9B60DFF82248868769F126C59EB946 Ref B: AMS04EDGE0814 Ref C: 2018-11-02T14:40:21Z
X-UserSessionId
1f3c4b39-e02a-4cba-8b66-80d8802df9ef
Date
Mon, 05 Nov 2018 19:13:00 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-CorrelationId
1f3c4b39-e02a-4cba-8b66-80d8802df9ef
Accept-Ranges
bytes
Timing-Allow-Origin
*
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame EA4A
61 KB
62 KB
Image
General
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=29b67006-2184-44e0-a63b-2be38f1de6ec&build=16.0.11030.32653&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&access_token=4wX2xpz9Cf99IAnZjpXaDDvSYLT8eMRzRxI4MKqENKmMv3YOxnFg5i%5F7PH0AE4ZfWJHstFXRMr%2Duwyr2%5FPgsnHUZ6w%5FB6uPZZZ%5F1wBOEErdLYEULBixIBhsuQNel85D6cOqByWK1m1JAWO2gvkgwjicw&access_token_ttl=1543259579766&z=aMzg3MUI3QkFEMkQ0RkMwRCExMzEuNw&waccluster=NL2&PdfMode=1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
3b2d75e97905c1d80049839f252c3e9828f375677860c538aa47ea51da3af539
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:path
/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=29b67006-2184-44e0-a63b-2be38f1de6ec&build=16.0.11030.32653&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&access_token=4wX2xpz9Cf99IAnZjpXaDDvSYLT8eMRzRxI4MKqENKmMv3YOxnFg5i%5F7PH0AE4ZfWJHstFXRMr%2Duwyr2%5FPgsnHUZ6w%5FB6uPZZZ%5F1wBOEErdLYEULBixIBhsuQNel85D6cOqByWK1m1JAWO2gvkgwjicw&access_token_ttl=1543259579766&z=aMzg3MUI3QkFEMkQ0RkMwRCExMzEuNw&waccluster=NL2&PdfMode=1
pragma
no-cache
cookie
E=P:FOAhs1JD1og=:vpB65rT+N9J/I/L5beffpoK1KG05YHJnFsBzVx2vXEo=:F; xid=cd8d569c-6169-47ed-b805-883d5313264f&&RD00155D9966BC&357; xidseq=1; wla42=; DcLcid=ui=1033&data=1033; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
word-view.officeapps.live.com
referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
:scheme
https
:method
GET
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
NL2
x-officeversion
16.0.11030.32653
x-officefe
06c7a51d2965
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
content-length
62454
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&access_token=4wX2xpz9Cf99IAnZjpXaDDvSYLT8eMRzRxI4MKqENKmMv3YOxnFg5i%5F7PH0AE4ZfWJHstFXRMr%2Duwyr2%5FPgsnHUZ6w%5FB6uPZZZ%5F1wBOEErdLYEULBixIBhsuQNel85D6cOqByWK1m1JAWO2gvkgwjicw&access_token_ttl=1543259579766&z=aMzg3MUI3QkFEMkQ0RkMwRCExMzEuNw00000000-0000-0000-0000-000000000802p1.img"
x-correlationid
6b9b2468-53a6-4463-9441-ad834305e93a
x-officefd
c0ba7aa6c698
x-ccr
true
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
date
Mon, 05 Nov 2018 19:13:00 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
set-cookie
x-msedge-ref
Ref A: C0F66E7859BE48A98968FFA8E25CCB3E Ref B: VIEEDGE0709 Ref C: 2018-11-05T19:13:01Z
timing-allow-origin
*
expires
Tue, 05 Nov 2019 19:13:00 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame EA4A
848 B
1 KB
XHR
General
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=29b67006-2184-44e0-a63b-2be38f1de6ec&build=16.0.11030.32653&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&access_token=4wX2xpz9Cf99IAnZjpXaDDvSYLT8eMRzRxI4MKqENKmMv3YOxnFg5i%5F7PH0AE4ZfWJHstFXRMr%2Duwyr2%5FPgsnHUZ6w%5FB6uPZZZ%5F1wBOEErdLYEULBixIBhsuQNel85D6cOqByWK1m1JAWO2gvkgwjicw&access_token_ttl=1543259579766&z=aMzg3MUI3QkFEMkQ0RkMwRCExMzEuNw&waccluster=NL2&PdfMode=1
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/161103032653_App_Scripts/MicrosoftAjax.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
a901ab0c626ea22c4a1c1cbc26359120cc713ab238d39d899d453b38dc00fa53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

cookie
E=P:FOAhs1JD1og=:vpB65rT+N9J/I/L5beffpoK1KG05YHJnFsBzVx2vXEo=:F; xid=cd8d569c-6169-47ed-b805-883d5313264f&&RD00155D9966BC&357; xidseq=1; wla42=; DcLcid=ui=1033&data=1033; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
accept-encoding
gzip, deflate
x-officeversion
16.0.11030.32653
x-key
4IDV1ceBAtLj255kPe82qUmnWx5rkarMvehLCdyyFxk=,636770419800271292
x-requested-with
XMLHttpRequest
x-xhr
1
:path
/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=29b67006-2184-44e0-a63b-2be38f1de6ec&build=16.0.11030.32653&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&access_token=4wX2xpz9Cf99IAnZjpXaDDvSYLT8eMRzRxI4MKqENKmMv3YOxnFg5i%5F7PH0AE4ZfWJHstFXRMr%2Duwyr2%5FPgsnHUZ6w%5FB6uPZZZ%5F1wBOEErdLYEULBixIBhsuQNel85D6cOqByWK1m1JAWO2gvkgwjicw&access_token_ttl=1543259579766&z=aMzg3MUI3QkFEMkQ0RkMwRCExMzEuNw&waccluster=NL2&PdfMode=1
pragma
no-cache
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
word-view.officeapps.live.com
referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
:scheme
https
x-usertype
WOPI
x-waccluster
NL2
:method
GET
X-UserSessionId
29b67006-2184-44e0-a63b-2be38f1de6ec
X-OfficeVersion
16.0.11030.32653
X-Key
4IDV1ceBAtLj255kPe82qUmnWx5rkarMvehLCdyyFxk=,636770419800271292
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
NL2

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
NL2
x-officeversion
16.0.11030.32653
x-officefe
803741fa74ee
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
content-length
526
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&access_token=4wX2xpz9Cf99IAnZjpXaDDvSYLT8eMRzRxI4MKqENKmMv3YOxnFg5i%5F7PH0AE4ZfWJHstFXRMr%2Duwyr2%5FPgsnHUZ6w%5FB6uPZZZ%5F1wBOEErdLYEULBixIBhsuQNel85D6cOqByWK1m1JAWO2gvkgwjicw&access_token_ttl=1543259579766&z=aMzg3MUI3QkFEMkQ0RkMwRCExMzEuNw00000000-0000-0000-0000-000000000802p_1_10.xml"
x-correlationid
384db772-9e4d-44f5-b858-39156bfcb963
x-officefd
76ed676f90f1
x-ccr
true
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
date
Mon, 05 Nov 2018 19:13:00 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
cache-control
private
set-cookie
x-msedge-ref
Ref A: A6723BBC38944A0CB856DCDADF45CA30 Ref B: VIEEDGE0709 Ref C: 2018-11-05T19:13:01Z
timing-allow-origin
*
expires
Tue, 05 Nov 2019 19:13:01 GMT
wl.ms.js
js.live.net/v5.0/ Frame EA4A
42 KB
16 KB
Script
General
Full URL
https://js.live.net/v5.0/wl.ms.js
Requested by
Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161103032653_App_Scripts/WordViewer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
104.109.84.135 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-84-135.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com

Response headers

Date
Mon, 05 Nov 2018 19:13:01 GMT
X-MSNServer
RD0003FF1D9677
Last-Modified
Mon, 13 Aug 2018 18:19:14 GMT
Server
Microsoft-IIS/10.0
ETag
"03da5233233d41:0"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=58892
X-ODWebServer
westeurope0-ODWebp
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
16199
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame EA4A
0
292 B
XHR
General
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.11030.32653&waccluster=NL2
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:path
/wv/RemoteUls.ashx?build=16.0.11030.32653&waccluster=NL2
pragma
no-cache
cookie
origin
https://word-view.officeapps.live.com
accept-encoding
gzip, deflate
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
x-browserulsbeacon
[{"Index":4,"MsSinceStart":1010,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]
accept
*/*
cache-control
no-cache
:authority
word-view.officeapps.live.com
referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
:scheme
https
content-length
0
:method
POST
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
Origin
https://word-view.officeapps.live.com
X-UserSessionId
29b67006-2184-44e0-a63b-2be38f1de6ec
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-BrowserUlsBeacon
[{"Index":4,"MsSinceStart":1010,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
NL2
x-officeversion
16.0.11030.32653
x-officefe
108758907c88
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
content-length
0
x-correlationid
f2eda687-8be4-4c9b-94d5-32af1a933f6e
x-officefd
c9c26f94c5a8
x-ccr
true
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
date
Mon, 05 Nov 2018 19:13:00 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control
private
set-cookie
x-msedge-ref
Ref A: E34B2BFA26024C9F99575C63E28708AA Ref B: VIEEDGE0709 Ref C: 2018-11-05T19:13:01Z
timing-allow-origin
*
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame EA4A
0
158 B
XHR
General
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.11030.32653&waccluster=NL2
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/wv/s/161103032653_App_Scripts/MicrosoftAjax.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

cookie
origin
https://word-view.officeapps.live.com
accept-encoding
gzip, deflate
x-officeversion
16.0.11030.32653
x-key
4IDV1ceBAtLj255kPe82qUmnWx5rkarMvehLCdyyFxk=,636770419800271292
x-accesstokenttl
1543259579766
x-requested-with
XMLHttpRequest
content-length
4911
:path
/wv/RemoteUls.ashx?build=16.0.11030.32653&waccluster=NL2
pragma
no-cache
x-accesstoken
4wX2xpz9Cf99IAnZjpXaDDvSYLT8eMRzRxI4MKqENKmMv3YOxnFg5i_7PH0AE4ZfWJHstFXRMr-uwyr2_PgsnHUZ6w_B6uPZZZ_1wBOEErdLYEULBixIBhsuQNel85D6cOqByWK1m1JAWO2gvkgwjicw
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
word-view.officeapps.live.com
referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
:scheme
https
x-usertype
WOPI
x-xhr
1
x-waccluster
NL2
:method
POST
Origin
https://word-view.officeapps.live.com
X-AccessToken
4wX2xpz9Cf99IAnZjpXaDDvSYLT8eMRzRxI4MKqENKmMv3YOxnFg5i_7PH0AE4ZfWJHstFXRMr-uwyr2_PgsnHUZ6w_B6uPZZZ_1wBOEErdLYEULBixIBhsuQNel85D6cOqByWK1m1JAWO2gvkgwjicw
X-UserSessionId
29b67006-2184-44e0-a63b-2be38f1de6ec
X-OfficeVersion
16.0.11030.32653
X-Key
4IDV1ceBAtLj255kPe82qUmnWx5rkarMvehLCdyyFxk=,636770419800271292
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=MXS12+rww0aHCE8tdw/MYw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F3871B7BAD2D4FC0D%21131&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-AccessTokenTtl
1543259579766
X-WacCluster
NL2

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
NL2
x-officeversion
16.0.11030.32653
x-officefe
0c7627997c26
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
content-length
0
x-correlationid
341519b9-023c-442a-afa6-8ac824c8e284
x-officefd
c0ba7aa6c698
x-ccr
true
x-usersessionid
29b67006-2184-44e0-a63b-2be38f1de6ec
date
Mon, 05 Nov 2018 19:13:00 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey
cache-control
private
set-cookie
x-msedge-ref
Ref A: 2945BA9BB28F4D65ADE653E8EA77F211 Ref B: VIEEDGE0709 Ref C: 2018-11-05T19:13:01Z
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Css_Start function| Css_Load function| Css_Error object| cssQos1 object| cssQos2 object| cssQos3 object| $Do object| $B object| $CJ object| Flight function| requirejs function| require function| define function| JSUnhandledError function| JSCaughtError object| Log function| LogReporterEvent function| RequireJSError function| JSPerformanceData function| RequireJSOnFirstRequireEvent function| RequireDeps object| $BSI object| $CSIPerf object| _d object| _dh function| _ge object| $U object| formElement object| fields object| $Config object| FilesConfig function| $ function| jQuery function| GetString object| FilesIS32 object| FilesIS8 object| SharingIS object| HeaderIS function| Dashling object| BrowserStorage object| $Utility object| $Beacon function| $CD function| $CC object| $WebWatson object| jQuery17204380485606989051 function| getId function| getKey function| defineNamespace function| defineClass function| defineSubClass function| appendFunction function| mix function| bind object| SkyDrive object| Trace object| Debug object| JBase object| Qos function| addListener function| removeListener function| registerStyle function| DashMonitor function| safeRequestAnimationFrame function| doOnRenderFrame function| doOnRenderFrameEveryXFrames function| stopDoOnRenderFrame function| doOnEndOfRenderFrame function| stopDoOnEndOfRenderFrame string| c_doOnRenderFrameTraceCategory boolean| c_nativeRequestAnimationFrameSupport function| setText function| getText function| setHtml function| getHtml function| getRect function| byClass function| byId function| ce function| isInputElement function| generateAttributesString function| generateClassAttribute function| generateStyleAttribute function| processStyleAttribute function| closest function| closestWithClass function| hasClass function| toggleClass function| htmlEncode function| htmlAttributeEncode object| Shared function| raiseEvent function| hasObservers function| raiseEventWithProcessing function| change function| sutraAttribute function| getSutraValue function| processAnnotations function| registerNamespace object| Sys object| wLive object| requests object| domUpdates object| $Cookie function| sutra function| unsutra object| $css string| $Version string| CompatVersion object| $Debug function| _ce function| _$ge function| _get function| $Flags function| $Enum function| smartSetTimeout object| $HelpContext object| $Network object| $LightNetwork object| $ScenarioQoS object| $f object| $edh object| $IS function| $menu object| $pwc object| $icm object| $ssl function| ObservableArray function| Observable object| $header object| $MeControl object| $footer object| $leftNav function| CollapsingMenu object| $CommandBar function| $Trie object| $Logout object| $Preload object| $baseMaster object| $Flextag object| Silverlight function| getSilverlightVersion number| s_infiniteScrollBuffer object| org number| c_pulseFadeInSpeed object| _quickViewControlItem

4 Cookies

Domain/Path Name / Value
.live.com/ Name: wla42
Value:
.live.com/ Name: xidseq
Value: 1
.live.com/ Name: xid
Value: cd8d569c-6169-47ed-b805-883d5313264f&&RD00155D9966BC&357
.live.com/ Name: E
Value: P:FOAhs1JD1og=:vpB65rT+N9J/I/L5beffpoK1KG05YHJnFsBzVx2vXEo=:F

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.s-microsoft.com
c1-officeapps-15.cdn.office.net
c1-word-view-15.cdn.office.net
js.live.net
onedrive.live.com
spoprod-a.akamaihd.net
uhf.microsoft.com
word-view.officeapps.live.com
104.109.84.135
131.253.33.217
2.16.186.40
2620:1ec:a92::171
2a02:26f0:f1:28f::1c24
2a02:26f0:f1:296::356e
2a02:26f0:f1:298::2b57
2a02:26f0:f1:29f::1c24
02ac77e49184b66a97ebff3620306aafcc3fe12069fd34d3afac9da2681c0d02
0472d2a94ae07ca63c9b7b6b7ed95419bb2da6ad34d01075b43f0f9287b30984
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0
07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
16d08a5b8596420a9537aae4111835abbbd38512bd4aebd51b0915e478080c8f
223f620d31252cab8d99fba428b123b3ccc9fa705bfe3a43417e1d976c4a6221
35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880
36f5a64c706e1ae129419a67790b4a99a8f8f0ba20210a9920e7b474914442b6
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3b2d75e97905c1d80049839f252c3e9828f375677860c538aa47ea51da3af539
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
44e067736927c5791d657d6215a3e90fb4e2bd8cc9e2b642f3f8ffa955239109
455be57e5ca76be462428c7b127d03d0245952b7e00ca14e8bcb3bfe7584c758
458d704b9bfcd0c284aa3a76db26dfce870f7537f2913937aec2a6b9d0c969ca
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
5beb6b937f09a99d28e08863c0afa5f6011df0f017253a9789aefd2110f825fa
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
668b05a31c3a0eeef02775404ede2782cda127f92569ae938f80601b44d011cb
705747018d8907af8ecdb97a445cb5e4d7827f44212730a1e7a26e926efb4706
7e3a4bd4ad002fdadef0d886c9d238ae093e371b61b8a40c64a37c2b8c9a8e56
83f8c8c200f72e996a99b719fa97f1e588904baa0602a9347bf6ea342b909ac7
910f1f3ce687cfde1a12415fe73a4465e7a2f851177c33ca8e9f3b5c5f93c41c
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a901ab0c626ea22c4a1c1cbc26359120cc713ab238d39d899d453b38dc00fa53
abc5ceb6474b2747197b9c9e7e15398b3d1f15c6c0ed9f4d424e463698a09b09
afbdc2a273404bb86568f631449b294923cdd3a81e662435bd88af85fcf28ef1
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855