mrbannerspsychology.weebly.com Open in urlscan Pro
199.34.228.54 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mrbannerspsychology.weebly.com/
Submission: On June 18 via manual (June 18th 2021, 12:32:43 pm UTC) from GB

Summary HTTP 91 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 10 domains to perform 91 HTTP transactions. The main IP is 199.34.228.54, located in United States and belongs to WEEBLY, US. The main domain is mrbannerspsychology.weebly.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on October 4th 2019. Valid for: 2 years.

This is the only time mrbannerspsychology.weebly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	199.34.228.54 199.34.228.54	27647 (WEEBLY) (WEEBLY)
12	2a04:4e42:1b:... 2a04:4e42:1b::302	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	52.43.249.183 52.43.249.183	16509 (AMAZON-02) (AMAZON-02)
7	2.16.186.40 2.16.186.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
17	2a02:26f0:6c0... 2a02:26f0:6c00:299::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.67.139.82 23.67.139.82	16625 (AKAMAI-AS) (AKAMAI-AS)
3	168.62.57.154 168.62.57.154	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
91	14

20 199.34.228.54 (United States)

ASN27647 (WEEBLY, US)

mrbannerspsychology.weebly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a04:4e42:1b::302 (United States)

ASN54113 (FASTLY, US)

cdn2.editmysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.43.249.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-249-183.us-west-2.compute.amazonaws.com

ec.editmysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.186.40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:26f0:6c00:299::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.67.139.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-139-82.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 168.62.57.154 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	live.com onedrive.live.com word-view.officeapps.live.com	911 KB
20	weebly.com mrbannerspsychology.weebly.com	7 MB
17	office.net c1-word-view-15.cdn.office.net	956 KB
14	editmysite.com cdn2.editmysite.com ec.editmysite.com	431 KB
7	akamaihd.net spoprod-a.akamaihd.net	302 KB
3	microsoft.com browser.events.data.microsoft.com browser.pipe.aria.microsoft.com	1 KB
3	gstatic.com fonts.gstatic.com	82 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
1	live.net js.live.net	16 KB
1	google-analytics.com ssl.google-analytics.com	17 KB
91	10

	Domain	Requested by
20	mrbannerspsychology.weebly.com	mrbannerspsychology.weebly.com ajax.googleapis.com
19	word-view.officeapps.live.com	mrbannerspsychology.weebly.com word-view.officeapps.live.com c1-word-view-15.cdn.office.net
17	c1-word-view-15.cdn.office.net	word-view.officeapps.live.com c1-word-view-15.cdn.office.net
12	cdn2.editmysite.com	mrbannerspsychology.weebly.com ajax.googleapis.com cdn2.editmysite.com
7	spoprod-a.akamaihd.net	onedrive.live.com
3	fonts.gstatic.com	fonts.googleapis.com
2	browser.events.data.microsoft.com	c1-word-view-15.cdn.office.net
2	ec.editmysite.com	cdn2.editmysite.com
2	onedrive.live.com	mrbannerspsychology.weebly.com onedrive.live.com
2	fonts.googleapis.com	mrbannerspsychology.weebly.com
1	browser.pipe.aria.microsoft.com	c1-word-view-15.cdn.office.net
1	js.live.net	c1-word-view-15.cdn.office.net
1	ssl.google-analytics.com	mrbannerspsychology.weebly.com
1	ajax.googleapis.com	mrbannerspsychology.weebly.com
91	14

This site contains links to these domains. Also see Links.

Domain
www.weebly.com

Subject Issuer	Validity	Valid
*.weebly.com RapidSSL RSA CA 2018	`2019-10-04` - `2021-12-02`	2 years	crt.sh
*.editmysite.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
onedrive.com Microsoft RSA TLS CA 02	`2020-10-13` - `2021-10-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
ec.editmysite.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2021-01-26` - `2022-01-26`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 02	`2020-09-28` - `2021-09-28`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2020-09-14` - `2021-09-09`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://mrbannerspsychology.weebly.com/
Frame ID: CF708F270988584EE2A0FD1818DE7B04
Requests: 40 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=8241303702682EDF&resid=8241303702682EDF%2122564&authkey=ANQFF1613w0ZL34&em=2
Frame ID: 5E2624FF6653DBDE24D3B355F18A62B1
Requests: 9 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
Frame ID: 3F82154348B8278253C1DB75A6B30078
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Weebly (CMS) Expand

Overall confidence: 100%
Detected patterns

script /cdn\d+\.editmysite\.com/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /cdn\d+\.editmysite\.com/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /cdn\d+\.editmysite\.com/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

91
Requests

99 %
HTTPS

54 %
IPv6

10
Domains

14
Subdomains

14
IPs

2
Countries

9835 kB
Transfer

15973 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.weebly.com/signup?utm_source=internal&utm_medium=footer
Title: Powered by Create your own unique website with customizable templates. Get Started

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

91 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
mrbannerspsychology.weebly.com/ 48 KB
11 KB 629ms
226ms Document
text/html 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 92aa2ae4628ab2d54971bfcaf93fed1818371e6ee2e11a30de2f8a1f33225026

Request headers

Host: mrbannerspsychology.weebly.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:10 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=mrbannerspsychology.weebly.com language=en; expires=Fri, 02-Jul-2021 12:32:10 GMT; Max-Age=1209600; path=/
Vary: X-W-SSL,Accept-Encoding,User-Agent
Cache-Control: private
ETag: W/"87885b817143e2e91da65e710b8d1200-gzip"
Content-Encoding: gzip
X-Host: pages45.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 10199
Keep-Alive: timeout=10, max=65
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 sites.css
cdn2.editmysite.com/css/ 210 KB
29 KB 6ms
5ms Stylesheet
text/css 2a04:4e42:1b::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1623951755
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 004224d90390c7cd683c2b1911c8ff02da3c2f1dd84db133333f3d704adb7355

Request headers

Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:32:10 GMT
via: 1.1 varnish, 1.1 varnish
age: 67772
x-cache: HIT, HIT
x-cache-hits: 2, 736
content-encoding: gzip
content-length: 29746
x-served-by: cache-sjc10045-SJC, cache-hhn4083-HHN
last-modified: Thu, 17 Jun 2021 17:31:48 GMT
server: nginx
x-timer: S1624019531.711797,VS0,VE0
etag: W/"60cb8704-347ac"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 01 Jul 2021 17:42:39 GMT

GET
H2 200 fancybox.css
cdn2.editmysite.com/css/old/ 4 KB
1 KB 9ms
6ms Stylesheet
text/css 2a04:4e42:1b::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/old/fancybox.css?1623951755
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a

Request headers

Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:32:10 GMT
via: 1.1 varnish, 1.1 varnish
age: 67756
x-cache: HIT, HIT
x-cache-hits: 3, 276
content-encoding: gzip
content-length: 1218
x-served-by: cache-sjc10039-SJC, cache-hhn4083-HHN
last-modified: Thu, 17 Jun 2021 17:31:48 GMT
server: nginx
x-timer: S1624019531.714259,VS0,VE0
etag: "60cb8704-f47"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 01 Jul 2021 17:42:55 GMT

GET
H2 200 social-icons.css
cdn2.editmysite.com/css/ 13 KB
2 KB 8ms
6ms Stylesheet
text/css 2a04:4e42:1b::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/social-icons.css?buildtime=1623951755
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7e5bfab5caea363372dddcb0aeb094b89656bfa15257110072800a69296eebf

Request headers

Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:32:10 GMT
via: 1.1 varnish, 1.1 varnish
age: 67761
x-cache: HIT, HIT
x-cache-hits: 2, 264
content-encoding: gzip
content-length: 1640
x-served-by: cache-sjc10054-SJC, cache-hhn4083-HHN
last-modified: Thu, 17 Jun 2021 17:31:48 GMT
server: nginx
x-timer: S1624019531.714248,VS0,VE0
etag: W/"60cb8704-3319"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 01 Jul 2021 17:42:50 GMT

GET
H/1.1 200
OK main_style.css
mrbannerspsychology.weebly.com/files/ 44 KB
8 KB 196ms
195ms Stylesheet
text/css 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mrbannerspsychology.weebly.com/files/main_style.css?1624016386
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f092ce3f26729c49f0477894d638e87827f9901aedbdbae000272b71f7833795

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://mrbannerspsychology.weebly.com/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:10 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
X-Host: grn29.sf2p.intern.weebly.net
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type

GET
H2 200 css
fonts.googleapis.com/ 3 KB
671 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext

Requested by

Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34489ae45b8749aa518a888ad417089b659ef6d87bb41dcfdf520a5876bd4da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 12:00:15 GMT
server: ESF
date: Fri, 18 Jun 2021 12:32:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Jun 2021 12:32:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
656 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:400,700,400italic,700italic&subset=latin,latin-ext

Requested by

Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5db62aa458a6809ed23deafe8d857fc56b35c622b348fc6fc1fb656ef4ecb8b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 12:27:47 GMT
server: ESF
date: Fri, 18 Jun 2021 12:32:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Jun 2021 12:32:10 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
33 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 11:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jun 2022 11:37:05 GMT

GET
H2 200 stl.js Show response
cdn2.editmysite.com/js/lang/en/ 168 KB
30 KB 10ms
9ms Script
application/x-javascript 2a04:4e42:1b::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1623951755&
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ad5da5d4ac7232271b6e05309f0f1e32478ccf9c94db1f39600f68c24cd1e62

Request headers

Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:32:10 GMT
via: 1.1 varnish, 1.1 varnish
age: 67772
x-cache: HIT, HIT
x-cache-hits: 1, 452
content-encoding: gzip
content-length: 30721
x-served-by: cache-sjc10054-SJC, cache-hhn4083-HHN
last-modified: Thu, 17 Jun 2021 17:31:48 GMT
server: nginx
x-timer: S1624019531.714572,VS0,VE0
etag: W/"60cb8704-2a10c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 01 Jul 2021 17:42:39 GMT

GET
H2 200 main.js Show response
cdn2.editmysite.com/js/site/ 466 KB
143 KB 12ms
11ms Script
application/x-javascript 2a04:4e42:1b::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/main.js?buildTime=1623951755
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba97504b136b447bea2ecc59111ba5a63200d2662f92936d0f7c206492b989d8

Request headers

Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:32:10 GMT
via: 1.1 varnish, 1.1 varnish
age: 67772
x-cache: HIT, HIT
x-cache-hits: 2, 1
content-encoding: gzip
content-length: 146166
x-served-by: cache-sjc10083-SJC, cache-hhn4083-HHN
last-modified: Thu, 17 Jun 2021 17:31:48 GMT
server: nginx
x-timer: S1624019531.714607,VS0,VE1
etag: W/"60cb8704-74804"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 01 Jul 2021 17:42:39 GMT

GET
H/1.1 200
OK alwaysfresh_7.png
mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/ 10 KB
10 KB 608ms
234ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/alwaysfresh_7.png
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7aaed48b38bb098b1e9793b2b9b79a4d675524d9633c71d8a493d1ea041107b4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mrbannerspsychology.weebly.com/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:11 GMT
X-Storage-Object: 7aaed48b38bb098b1e9793b2b9b79a4d675524d9633c71d8a493d1ea041107b4
Last-Modified: Thu, 06 Dec 2018 07:14:04 GMT
Server: nginx
x-amz-request-id: tx000000000000183e1e9f2-00608bfdfc-131dd7c-las
ETag: "1902ec0055435cc66830555f7e577884"
Content-Type: image/png
Connection: keep-alive
X-Host: blu8.sf2p.intern.weebly.net
X-Storage-Bucket: z7aae
Accept-Ranges: bytes
Content-Length: 9807

GET
H/1.1 200
OK icon-1_1_orig.png
mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/ 3 KB
4 KB 602ms
212ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/icon-1_1_orig.png
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 839adaf9cb38e9717af566d9ee9b45d7aae1f053d263016f25781d33835c8f75

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mrbannerspsychology.weebly.com/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:11 GMT
X-Storage-Object: 839adaf9cb38e9717af566d9ee9b45d7aae1f053d263016f25781d33835c8f75
Last-Modified: Sat, 15 Jun 2019 22:30:40 GMT
Server: nginx
x-amz-request-id: tx00000000000007c5ec95f-005f7a1eb8-1317d41-las
ETag: "8517e774aed49dae2c8e9dfd56562841"
Content-Type: image/png
Connection: keep-alive
X-Host: blu20.sf2p.intern.weebly.net
X-Storage-Bucket: z839a
Accept-Ranges: bytes
Content-Length: 3547

GET
H/1.1 200
OK img-content_1_orig.png
mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/ 380 KB
381 KB 603ms
211ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/img-content_1_orig.png
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7cfa5bbd0b5eab0328ed5c820c45c8d2a957a875b6645f48621200730956ed38

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mrbannerspsychology.weebly.com/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:11 GMT
X-Storage-Object: 7cfa5bbd0b5eab0328ed5c820c45c8d2a957a875b6645f48621200730956ed38
Last-Modified: Sun, 16 Jun 2019 20:18:36 GMT
Server: nginx
x-amz-request-id: tx000000000000095594ddd-00606edfcd-177c75c-las
ETag: "cceecdcb2129449d0ccb06c6e4c23b93"
Content-Type: image/png
Connection: keep-alive
X-Host: blu23.sf2p.intern.weebly.net
X-Storage-Bucket: z7cfa
Accept-Ranges: bytes
Content-Length: 389569

GET
H/1.1 200
OK icon-2_1_orig.png
mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/ 4 KB
5 KB 749ms
197ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/icon-2_1_orig.png
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 225f89c2ea498b938eebe62483dcaa2857781e0d2c99306de9c8a1e15d6041b2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mrbannerspsychology.weebly.com/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:11 GMT
X-Storage-Object: 225f89c2ea498b938eebe62483dcaa2857781e0d2c99306de9c8a1e15d6041b2
Last-Modified: Sat, 15 Jun 2019 22:30:40 GMT
Server: nginx
x-amz-request-id: tx00000000000012b65f347-0060b2713d-15b3dc2-las
ETag: "5f8592f477b992775a9f4688685f98b6"
Content-Type: image/png
Connection: keep-alive
X-Host: blu22.sf2p.intern.weebly.net
X-Storage-Bucket: z225f
Accept-Ranges: bytes
Content-Length: 4296

GET
H/1.1 200
OK icon-3_1_orig.png
mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/ 5 KB
5 KB 201ms
201ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/icon-3_1_orig.png
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b46c27dab08a7ec57d93f5e88b459a653b41bccee4b5d3879cf8c4362ebf1600

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mrbannerspsychology.weebly.com/
Connection: keep-alive
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:11 GMT
X-Storage-Object: b46c27dab08a7ec57d93f5e88b459a653b41bccee4b5d3879cf8c4362ebf1600
Last-Modified: Sat, 15 Jun 2019 22:30:40 GMT
Server: nginx
x-amz-request-id: tx0000000000001a704b887-0060b1aa94-131dd7c-las
ETag: "3f0294fac95f7a50ad3c9a1a778e432d"
Content-Type: image/png
Connection: keep-alive
X-Host: blu22.sf2p.intern.weebly.net
X-Storage-Bucket: zb46c
Accept-Ranges: bytes
Content-Length: 4647

GET
H/1.1 200
OK icon-service-1_1_orig.png
mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/ 1 KB
2 KB 198ms
197ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/icon-service-1_1_orig.png
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d27529b03950926d7ca577684b16cd5bb6a582b24ac9ee98a5d069a0170900a0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mrbannerspsychology.weebly.com/
Connection: keep-alive
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:11 GMT
X-Storage-Object: d27529b03950926d7ca577684b16cd5bb6a582b24ac9ee98a5d069a0170900a0
Last-Modified: Sat, 15 Jun 2019 22:30:41 GMT
Server: nginx
x-amz-request-id: tx0000000000000b6351e16-006092f259-177c75c-las
ETag: "23019200cff635e2996f9d2df10bd2f8"
Content-Type: image/png
Connection: keep-alive
X-Host: blu12.sf2p.intern.weebly.net
X-Storage-Bucket: zd275
Accept-Ranges: bytes
Content-Length: 1362

GET
H/1.1 200
OK icon-service-2_1_orig.png
mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/ 1 KB
2 KB 204ms
204ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/icon-service-2_1_orig.png
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6cf218958d64f246283b5f47aba1d1b8e6a63ceef532b4a61699016fb2ff539b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mrbannerspsychology.weebly.com/
Cookie: _snow_ses.7eb4=*; _snow_id.7eb4=0139b4df-e9de-45a9-bd18-3d374bafcd11.1624019532.1.1624019532.1624019532.a62d6ad9-5802-4732-bcba-3aa662a65ab2
Connection: keep-alive
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:11 GMT
X-Storage-Object: 6cf218958d64f246283b5f47aba1d1b8e6a63ceef532b4a61699016fb2ff539b
Last-Modified: Sat, 15 Jun 2019 22:30:41 GMT
Server: nginx
x-amz-request-id: tx000000000000189f3e491-006092e880-131dd7c-las
ETag: "e1ebdcdada21a55302502d702c0c295f"
Content-Type: image/png
Connection: keep-alive
X-Host: grn32.sf2p.intern.weebly.net
X-Storage-Bucket: z6cf2
Accept-Ranges: bytes
Content-Length: 1305

GET
H/1.1 200
OK icon-service-3_1_orig.png
mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/ 2 KB
2 KB 196ms
195ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/icon-service-3_1_orig.png
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cd90fcced90b8a01c2676e83a598e4ac36c7ff2395e283f6aff12a0ec13aa65a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mrbannerspsychology.weebly.com/
Cookie: _snow_ses.7eb4=*; _snow_id.7eb4=0139b4df-e9de-45a9-bd18-3d374bafcd11.1624019532.1.1624019532.1624019532.a62d6ad9-5802-4732-bcba-3aa662a65ab2
Connection: keep-alive
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:11 GMT
X-Storage-Object: cd90fcced90b8a01c2676e83a598e4ac36c7ff2395e283f6aff12a0ec13aa65a
Last-Modified: Sat, 15 Jun 2019 22:30:42 GMT
Server: nginx
x-amz-request-id: tx000000000000137b9bf94-0060c02fd7-15b3dc2-las
ETag: "022499d62b64a56eebd65ca27ca0524f"
Content-Type: image/png
Connection: keep-alive
X-Host: blu22.sf2p.intern.weebly.net
X-Storage-Bucket: zcd90
Accept-Ranges: bytes
Content-Length: 1674

GET
H2 200 footer-toast-published-image-1.png
cdn2.editmysite.com/images/site/footer/ 9 KB
10 KB 7ms
6ms Image
image/png 2a04:4e42:1b::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd

Request headers

Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:32:10 GMT
via: 1.1 varnish
age: 213597
x-guploader-uploadid: ABg5-Uzhc1f1fpndU73ZrQ6J6DH_9WjPD9bBm3zwnozCBevi7qJwFr-RZiQzghmUPVeqETPKc20h82I1lFI8iWSnmDn4WHH4hA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-length: 9677
x-served-by: cache-hhn4083-HHN
last-modified: Tue, 12 Feb 2019 18:19:08 GMT
server: UploadServer
x-timer: S1624019531.963642,VS0,VE0
etag: "6e0f7ad31bf187e0d88fc5787573ba71"
x-goog-hash: crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
x-goog-generation: 1549995548326466
access-control-allow-origin: *
expires: Sun, 13 Jun 2021 01:12:09 GMT
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 9677
accept-ranges: bytes
content-type: image/png
x-cache-hits: 7471

GET
H2 200 footerSignup.js Show response
cdn2.editmysite.com/js/site/ 4 KB
2 KB 6ms
6ms Script
application/x-javascript 2a04:4e42:1b::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1623951755
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e06baca13f25df9c7d684fc1b1fdfbbbb95070a1d5a9cd648632da7bccc90b96

Request headers

Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:32:10 GMT
via: 1.1 varnish, 1.1 varnish
age: 67772
x-cache: HIT, HIT
x-cache-hits: 1, 2543
content-encoding: gzip
content-length: 1372
x-served-by: cache-sjc10059-SJC, cache-hhn4083-HHN
last-modified: Thu, 17 Jun 2021 17:31:48 GMT
server: nginx
x-timer: S1624019531.745250,VS0,VE0
etag: "60cb8704-e10"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 01 Jul 2021 17:42:38 GMT

GET
H/1.1 200
OK plugins.js Show response
mrbannerspsychology.weebly.com/files/theme/ 66 KB
16 KB 360ms
198ms Script
application/javascript 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mrbannerspsychology.weebly.com/files/theme/plugins.js?1565969634
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://mrbannerspsychology.weebly.com/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:11 GMT
Content-Encoding: gzip
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
Last-Modified: Sun, 29 Mar 2020 20:44:11 GMT
Server: nginx
x-amz-request-id: tx000000000000000001ae4-005ea35a17-10e20e2-las
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Transfer-Encoding: chunked
X-Host: grn17.sf2p.intern.weebly.net
X-Storage-Bucket: zb635

GET
H/1.1 200
OK custom.js Show response
mrbannerspsychology.weebly.com/files/theme/ 6 KB
2 KB 598ms
210ms Script
application/javascript 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mrbannerspsychology.weebly.com/files/theme/custom.js?1565969634
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0567021bc3973d113c6b0b6e68d0e9a8b53f38a7f60716c83214a133cc00139a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://mrbannerspsychology.weebly.com/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:11 GMT
Content-Encoding: gzip
X-Storage-Object: 0567021bc3973d113c6b0b6e68d0e9a8b53f38a7f60716c83214a133cc00139a
Last-Modified: Mon, 06 Apr 2020 20:25:55 GMT
Server: nginx
x-amz-request-id: tx000000000000000001814-005ea35a17-10e20e2-las
ETag: W/"48e887857aec23f184b0aa49c18d2445"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Transfer-Encoding: chunked
X-Host: blu20.sf2p.intern.weebly.net
X-Storage-Bucket: z0567

GET
H2 200 main-customer-accounts-site.js Show response
cdn2.editmysite.com/js/site/ 520 KB
155 KB 9ms
6ms Script
application/x-javascript 2a04:4e42:1b::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1623951755
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 52e3e4a8c55bc3e562ec8ae059e2c8790999db6f366fcc70aa16501183ba4b4e

Request headers

Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:32:10 GMT
via: 1.1 varnish, 1.1 varnish
age: 67772
x-cache: HIT, HIT
x-cache-hits: 1, 2
content-encoding: gzip
content-length: 158255
x-served-by: cache-sjc10073-SJC, cache-hhn4083-HHN
last-modified: Thu, 17 Jun 2021 17:31:48 GMT
server: nginx
x-timer: S1624019531.963876,VS0,VE0
etag: W/"60cb8704-821e7"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 01 Jul 2021 17:42:39 GMT

GET
H2 200 embed Show response
onedrive.live.com/ Frame 5E26 60 KB
21 KB 5656ms
5571ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=8241303702682EDF&resid=8241303702682EDF%2122564&authkey=ANQFF1613w0ZL34&em=2

Requested by

Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

882997052ffa8cde78ce075386cfd9a449397dbc3dcd28a25d4b9c3a12f5f053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onedrive.live.com
:scheme: https
:path: /embed?cid=8241303702682EDF&resid=8241303702682EDF%2122564&authkey=ANQFF1613w0ZL34&em=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mrbannerspsychology.weebly.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mrbannerspsychology.weebly.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: E=P:USxpGlUy2Yg=:EGAHjvnoG5OsNXi90c36u3n3cTovmSA1Fa0FSUD2lls=:F; domain=.live.com; path=/ xid=930c02c3-a11a-49b1-852d-0100660bbc7f&&RD0003FFA507CA&210; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ LD=; domain=.live.com; expires=Fri, 18-Jun-2021 10:52:14 GMT; path=/ wla42=; domain=live.com; expires=Fri, 25-Jun-2021 12:32:16 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD0003FFA507CA
x-odwebserver: centralus0-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A2DDDAA5E32843CEB7A598F893B9E0DD Ref B: STOEDGE0718 Ref C: 2021-06-18T12:32:14Z
date: Fri, 18 Jun 2021 12:32:16 GMT

GET
H/1.1 200
OK 996738875.jpg
mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/background-images/ 445 KB
446 KB 332ms
202ms Image
image/jpeg 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/background-images/996738875.jpg
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e48469422f2399af86a193ad057708aa809ae5ad050b607660ae21e8adb6940f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mrbannerspsychology.weebly.com/
Cookie: is_mobile=0; language=en
Connection: keep-alive
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:11 GMT
X-Storage-Object: e48469422f2399af86a193ad057708aa809ae5ad050b607660ae21e8adb6940f
Last-Modified: Mon, 07 Jan 2019 12:59:15 GMT
Server: nginx
x-amz-request-id: tx00000000000010531d957-006088f5fb-15b3dc2-las
ETag: "bbf65339f9862361f508b626c945f581"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: grn32.sf2p.intern.weebly.net
X-Storage-Bucket: ze484
Accept-Ranges: bytes
Content-Length: 455998

GET
H/1.1 200
OK 738657424.png
mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/background-images/ 1 MB
1 MB 195ms
194ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/background-images/738657424.png
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b45d4969ed551094fb4371ce3993f1b521eba757126b0590ce4d0555c00eccb8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mrbannerspsychology.weebly.com/
Cookie: _snow_ses.7eb4=*; _snow_id.7eb4=0139b4df-e9de-45a9-bd18-3d374bafcd11.1624019532.1.1624019532.1624019532.a62d6ad9-5802-4732-bcba-3aa662a65ab2
Connection: keep-alive
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:12 GMT
X-Storage-Object: b45d4969ed551094fb4371ce3993f1b521eba757126b0590ce4d0555c00eccb8
Last-Modified: Fri, 30 Apr 2021 05:35:07 GMT
Server: nginx
x-amz-request-id: tx000000000000108d0bef8-00608d4e98-15b3dc2-las
ETag: "5fe6e71af192c5167a05108c8488e337"
Content-Type: image/png; charset=binary
Connection: keep-alive
X-Host: blu12.sf2p.intern.weebly.net
X-Storage-Bucket: zb45d
Accept-Ranges: bytes
Content-Length: 1470557

GET
H/1.1 200
OK 854131082.png
mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/background-images/ 2 MB
2 MB 201ms
201ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/background-images/854131082.png
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 35cdc7b5a73fc2f331a119a059ecd51b343d25ed792bd40f7c07f831f6825e06

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mrbannerspsychology.weebly.com/
Cookie: _snow_ses.7eb4=*; _snow_id.7eb4=0139b4df-e9de-45a9-bd18-3d374bafcd11.1624019532.1.1624019532.1624019532.a62d6ad9-5802-4732-bcba-3aa662a65ab2
Connection: keep-alive
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:12 GMT
X-Storage-Object: 35cdc7b5a73fc2f331a119a059ecd51b343d25ed792bd40f7c07f831f6825e06
Last-Modified: Sat, 22 Feb 2020 08:23:04 GMT
Server: nginx
x-amz-request-id: tx00000000000000004743b-005ea35b41-10e20e2-las
ETag: "1f98d981e71f2f7319eae592e02cf3b9"
Content-Type: image/png
Connection: keep-alive
X-Host: grn28.sf2p.intern.weebly.net
X-Storage-Bucket: z35cd
Accept-Ranges: bytes
Content-Length: 2098603

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mrbannerspsychology.weebly.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:37:01 GMT
x-content-type-options: nosniff
age: 543309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:37:01 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mrbannerspsychology.weebly.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:39:53 GMT
x-content-type-options: nosniff
age: 514337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:39:53 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 44 KB
44 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v22/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,700,400italic,700italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mrbannerspsychology.weebly.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:52:49 GMT
x-content-type-options: nosniff
age: 545961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:29:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:52:49 GMT

GET
H/1.1 200
OK 2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2
mrbannerspsychology.weebly.com/files/theme/fonts/ 16 KB
17 KB 348ms
198ms Font
font/woff2 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mrbannerspsychology.weebly.com/files/theme/fonts/2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2?1624016386
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/files/main_style.css?1624016386
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 83f8b8932766826c1dd3a228b48f4072586ca09f781d64e2950d9f0e235c00a0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://mrbannerspsychology.weebly.com
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://mrbannerspsychology.weebly.com/files/main_style.css?1624016386
Cookie: is_mobile=0; language=en
Connection: keep-alive
Origin: https://mrbannerspsychology.weebly.com
Referer: https://mrbannerspsychology.weebly.com/files/main_style.css?1624016386
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:11 GMT
X-Storage-Object: 83f8b8932766826c1dd3a228b48f4072586ca09f781d64e2950d9f0e235c00a0
Last-Modified: Fri, 30 Aug 2019 08:25:03 GMT
Server: nginx
x-amz-request-id: tx0000000000000004c8072-005eaa6c22-1100fc6-las
ETag: "27958408325380d903e67d87768563b8"
Content-Type: font/woff2
Connection: keep-alive
X-Host: blu20.sf2p.intern.weebly.net
X-Storage-Bucket: z83f8
Accept-Ranges: bytes
Content-Length: 16561

GET
H/1.1 200
OK 1180849163.png
mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/background-images/ 3 MB
3 MB 212ms
212ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrbannerspsychology.weebly.com/uploads/7/0/6/4/70645577/background-images/1180849163.png
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 98c860c9b7ad348fa4c71815d9240b4906517a1016e9c3690642b46c1e0d6c33

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://mrbannerspsychology.weebly.com/
Cookie: _snow_ses.7eb4=*; _snow_id.7eb4=0139b4df-e9de-45a9-bd18-3d374bafcd11.1624019532.1.1624019532.1624019532.a62d6ad9-5802-4732-bcba-3aa662a65ab2
Connection: keep-alive
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:12 GMT
X-Storage-Object: 98c860c9b7ad348fa4c71815d9240b4906517a1016e9c3690642b46c1e0d6c33
Last-Modified: Sat, 22 Feb 2020 08:23:04 GMT
Server: nginx
x-amz-request-id: tx0000000000000016c5ddc-005ea41a97-10e20e2-las
ETag: "9807d877e077cf17af5b3751f5af11ae"
Content-Type: image/png
Connection: keep-alive
X-Host: blu19.sf2p.intern.weebly.net
X-Storage-Bucket: z98c8
Accept-Ranges: bytes
Content-Length: 2692195

GET
H/1.1 200
OK 1e9892c0-6927-4412-9874-1b82801ba47a.woff
mrbannerspsychology.weebly.com/files/theme/fonts/ 20 KB
21 KB 221ms
206ms Font
font/woff 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mrbannerspsychology.weebly.com/files/theme/fonts/1e9892c0-6927-4412-9874-1b82801ba47a.woff?1624016386
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/files/main_style.css?1624016386
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d887fc553f2b9a6488c8bbdeb38d0e70e2da58d5bb34161d32f683af096fdb8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://mrbannerspsychology.weebly.com
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://mrbannerspsychology.weebly.com/files/main_style.css?1624016386
Cookie: is_mobile=0; language=en
Connection: keep-alive
Origin: https://mrbannerspsychology.weebly.com
Referer: https://mrbannerspsychology.weebly.com/files/main_style.css?1624016386
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:11 GMT
X-Storage-Object: 0d887fc553f2b9a6488c8bbdeb38d0e70e2da58d5bb34161d32f683af096fdb8
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
Server: nginx
x-amz-request-id: tx0000000000000004ce57f-005eaa6c4e-1100fc6-las
ETag: "9df5efadcd24b83511f3c339178210d8"
Content-Type: font/woff
Connection: keep-alive
X-Host: blu13.sf2p.intern.weebly.net
X-Storage-Bucket: z0d88
Accept-Ranges: bytes
Content-Length: 20710

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1279
date: Fri, 18 Jun 2021 12:10:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 18 Jun 2021 14:10:52 GMT

GET
H2 200 snowday262.js Show response
cdn2.editmysite.com/js/wsnbn/ 73 KB
25 KB 6ms
6ms Script
application/x-javascript 2a04:4e42:1b::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/wsnbn/snowday262.js
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3

Request headers

Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:32:11 GMT
via: 1.1 varnish, 1.1 varnish
age: 870941
x-cache: HIT, HIT
x-cache-hits: 2331, 72465
content-encoding: gzip
content-length: 25723
x-served-by: cache-sjc10052-SJC, cache-hhn4083-HHN
last-modified: Mon, 07 Jun 2021 23:23:35 GMT
server: nginx
x-timer: S1624019532.572821,VS0,VE0
etag: W/"60beaa77-124fe"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 22 Jun 2021 10:36:29 GMT

GET
H2 200 free-footer-v3.css
cdn2.editmysite.com/css/ 3 KB
1 KB 6ms
6ms Stylesheet
text/css 2a04:4e42:1b::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1623951755
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 251a983a1b4b2cc76542aa398ae6b3499978a788860b54a8081d35d7a843303c

Request headers

Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:32:11 GMT
via: 1.1 varnish, 1.1 varnish
age: 67772
x-cache: HIT, HIT
x-cache-hits: 1, 2296
content-encoding: gzip
content-length: 886
x-served-by: cache-sjc10080-SJC, cache-hhn4083-HHN
last-modified: Thu, 17 Jun 2021 17:31:48 GMT
server: nginx
x-timer: S1624019532.593536,VS0,VE0
etag: "60cb8704-a49"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 01 Jul 2021 17:42:38 GMT

POST
H/1.1 200
OK / Show response
mrbannerspsychology.weebly.com/ajax/api/JsonRPC/CustomerAccounts/ 348 B
629 B 330ms
219ms XHR
application/json 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mrbannerspsychology.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: Apache /
Resource Hash: adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49

Request headers

Sec-Fetch-Mode: cors
Origin: https://mrbannerspsychology.weebly.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Content-Length: 83
Pragma: no-cache
Host: mrbannerspsychology.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Referer: https://mrbannerspsychology.weebly.com/
Sec-Fetch-Site: same-origin
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mrbannerspsychology.weebly.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Fri, 18 Jun 2021 12:32:11 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Content-Type: application/json
X-Host: pages7.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=71
Content-Length: 348
X-UA-Compatible: IE=edge,chrome=1

OPTIONS
H2 200 tp2
ec.editmysite.com/com.snowplowanalytics.snowplow/ Frame 0
0 194ms
194ms Preflight 52.43.249.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Server: 52.43.249.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-249-183.us-west-2.compute.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://mrbannerspsychology.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Jun 2021 12:32:11 GMT
content-length: 0
access-control-allow-origin: https://mrbannerspsychology.weebly.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

GET
H2 200 sqmarket-medium.woff2
cdn2.editmysite.com/fonts/SQ_Market/ 30 KB
30 KB 20ms
6ms Font
application/octet-stream 2a04:4e42:1b::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/SQ_Market/sqmarket-medium.woff2
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7

Request headers

Origin: https://mrbannerspsychology.weebly.com
Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:32:11 GMT
via: 1.1 varnish, 1.1 varnish
age: 870915
x-cache: HIT, HIT
x-cache-hits: 419, 10507
content-length: 30768
x-served-by: cache-sjc10078-SJC, cache-hhn4026-HHN
last-modified: Mon, 07 Jun 2021 23:23:35 GMT
server: nginx
x-timer: S1624019532.631883,VS0,VE0
etag: "60beaa77-7830"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 22 Jun 2021 10:36:56 GMT

GET
H2 200 logotype.svg
cdn2.editmysite.com/images/landing-pages/global/ 3 KB
2 KB 16ms
16ms Image
image/svg+xml 2a04:4e42:1b::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/landing-pages/global/logotype.svg
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1623951755
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e8fce53e602b22e525d06ba31b166bb4ff461319bc9ae53caad095d185a4d15b

Request headers

Referer: https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1623951755
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 12:32:11 GMT
content-encoding: gzip
age: 217027
x-guploader-uploadid: ABg5-UxgvH7llSx2Qan-Gqq2Acm9JqrmgxAygGVSScublvsJd5ibjdIA_nlI6_2Otxgg8dPt2146vH8B7s9bodSiwo2gB-VMiQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-length: 1488
via: 1.1 varnish
x-served-by: cache-hhn4083-HHN
last-modified: Wed, 10 Oct 2018 21:37:00 GMT
server: UploadServer
x-timer: S1624019532.625021,VS0,VE0
etag: "bc61dcb431a14c508075eeff4f74523a"
vary: Accept-Encoding
x-goog-hash: crc32c=vgUlyw==, md5=vGHctDGhTFCAde7/T3RSOg==
x-goog-generation: 1539207420450301
access-control-allow-origin: *
expires: Sun, 13 Jun 2021 00:15:03 GMT
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 3507
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 6379

POST
H2 200 tp2 Show response
ec.editmysite.com/com.snowplowanalytics.snowplow/ 2 B
339 B 195ms
195ms XHR
text/plain 52.43.249.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/wsnbn/snowday262.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.249.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-249-183.us-west-2.compute.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://mrbannerspsychology.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://mrbannerspsychology.weebly.com
date: Fri, 18 Jun 2021 12:32:11 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK 46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf
mrbannerspsychology.weebly.com/files/theme/fonts/ 38 KB
39 KB 249ms
198ms Font
font/ttf 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mrbannerspsychology.weebly.com/files/theme/fonts/46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf?1624016386
Requested by: Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/files/main_style.css?1624016386
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 65032d5699bf3d4deb4313aa4d1bb8375053ac7e93dfb4bf631ce9261da20c2b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://mrbannerspsychology.weebly.com
Accept-Encoding: gzip, deflate, br
Host: mrbannerspsychology.weebly.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://mrbannerspsychology.weebly.com/files/main_style.css?1624016386
Cookie: _snow_ses.7eb4=*; _snow_id.7eb4=0139b4df-e9de-45a9-bd18-3d374bafcd11.1624019532.1.1624019532.1624019532.a62d6ad9-5802-4732-bcba-3aa662a65ab2
Connection: keep-alive
Origin: https://mrbannerspsychology.weebly.com
Referer: https://mrbannerspsychology.weebly.com/files/main_style.css?1624016386
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:11 GMT
X-Storage-Object: 65032d5699bf3d4deb4313aa4d1bb8375053ac7e93dfb4bf631ce9261da20c2b
Last-Modified: Wed, 11 Dec 2019 02:22:44 GMT
Server: nginx
x-amz-request-id: tx00000000000000923ac6d-005eaa5768-10e2649-las
ETag: "98f6dacde86ebbaac7cc62b34a6e54cf"
Content-Type: font/ttf
Connection: keep-alive
X-Host: blu8.sf2p.intern.weebly.net
X-Storage-Bucket: z6503
Accept-Ranges: bytes
Content-Length: 39185

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 5E26 85 KB
16 KB 173ms
56ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=8241303702682EDF&resid=8241303702682EDF%2122564&authkey=ANQFF1613w0ZL34&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 18 Jun 2021 12:32:16 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6d2753fc-501e-00e6-0ad5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=5351667
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 5E26 169 KB
30 KB 207ms
90ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=8241303702682EDF&resid=8241303702682EDF%2122564&authkey=ANQFF1613w0ZL34&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 18 Jun 2021 12:32:16 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 45647edb-101e-00c8-61d5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=16025246
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 119 KB
121 KB 204ms
170ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem

Requested by

Host: mrbannerspsychology.weebly.com
URL: https://mrbannerspsychology.weebly.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c615e34ad4947b7b8b71138d27fffc6b29d126522adbda2a18e4c0ead22d9f54

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: POST
:authority: word-view.officeapps.live.com
:scheme: https
:path: /wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
content-length: 231
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://onedrive.live.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onedrive.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://onedrive.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Sat, 18-Sep-2021 12:32:17 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure; httponly US3C-ARRAffinity=306cfeb6b78dd58886e9fcb9a2ea2c7c77aa79a7f64f17979679ea9a11a8b16c;Path=/;Domain=word-view.officeapps.live.com; samesite=none; secure; httponly
x-correlationid: cbc7df00-81d7-4d34-80b1-8867f51f9093
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: DM3PEPF000137AC
x-officeversion: 16.0.14214.41014
x-officecluster: US3C
x-content-type-options: nosniff
content-security-policy: font-src data: c1-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
origin-trial: Au4zhK5JVMb0jrGWoC/nSFX17KhgFgS9nCdRcMtWy7tARQA0jPaVfF3zzCT4DaZq4448HkzVzqI80llMvhQrbA4AAAB2eyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJFeHBlcmltZW50YWxKU1Byb2ZpbGVyIiwiZXhwaXJ5IjoxNjEzMzkzNTg3fQ== Arrz952Yxnelyt7ahmUhv/aFLxoVtZgV2sT0LiYNhRgGugeJ8zwea4uy5Wo6TS1LzTpZWx8roBGDr6QYEcWWZgkAAACAeyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjA1MDUyNzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
report-to: { "group": "coop_report", "max_age": 86400, "endpoints": [{ "url": '"/wv/reportcoop.ashx"'}]} { "group": "coep_report","max_age": 86400, "endpoints": [{ "url": '"/wv/reportcoep.ashx"'}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_report"
cross-origin-embedder-policy-report-only: require-corp; report-to="coep_report"
document-policy: js-profiling
x-officefd: DM3PEPF000132E2
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: EA5CD172190B467A9242A73E242CC959 Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:17Z

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 5E26 92 KB
33 KB 161ms
54ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=8241303702682EDF&resid=8241303702682EDF%2122564&authkey=ANQFF1613w0ZL34&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 18 Jun 2021 12:32:17 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 456481ad-101e-00c8-56d5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=11360793
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 5E26 483 KB
133 KB 213ms
107ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=8241303702682EDF&resid=8241303702682EDF%2122564&authkey=ANQFF1613w0ZL34&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 18 Jun 2021 12:32:17 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d2755cd-501e-00e6-20d5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=27173425
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H/1.1 200
OK WordViewer.css
c1-word-view-15.cdn.office.net/wv/s/h28AFA73D8F39C9B3_resources/1033/ Frame 3F82 221 KB
40 KB 33ms
6ms Stylesheet
text/css 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h28AFA73D8F39C9B3_resources/1033/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28afa73d8f39c9b3715f72ece2946cc24d28639ae7108c4b42026d080a7bdbcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"56844479525dd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14207.41013
X-OfficeFE: AM4PEPF000069EA
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 40340
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Jun 2021 17:11:23 GMT
X-OFFICEFD: AM4PEPF000068C2
X-MSEdge-Ref: Ref A: C14640E645CF4C48A883B332B0B1788C Ref B: AMS04EDGE0918 Ref C: 2021-06-09T17:11:23Z
X-UserSessionId: 6228afd4-fbe2-4135-b0fa-d874714cd5ba
Date: Fri, 18 Jun 2021 12:32:17 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 6228afd4-fbe2-4135-b0fa-d874714cd5ba
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjaxDS.js Show response
c1-word-view-15.cdn.office.net/wv/s/h0DB98CE8C736E136_App_Scripts/ Frame 3F82 105 KB
24 KB 33ms
7ms Script
application/javascript 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h0DB98CE8C736E136_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0db98ce8c736e136938dbacd3b2eb09e144fb5884c2f331290b36639ead2a94d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"ef6932d662d71:0"
X-OfficeCluster: PUS3
X-OfficeVersion: 16.0.14210.41001
X-OfficeFE: BN3PEPF000036E5
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 23532
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 15 Jun 2021 16:47:50 GMT
X-OFFICEFD: BN3PEPF00001E05
X-MSEdge-Ref: Ref A: 374DBF0E154C47F0A9FDA89124D51F95 Ref B: AM3EDGE0211 Ref C: 2021-06-15T16:47:49Z
X-UserSessionId: 35248138-5688-4407-99d9-61b0850a3018
Date: Fri, 18 Jun 2021 12:32:17 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 35248138-5688-4407-99d9-61b0850a3018
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK CommonIntl.js Show response
c1-word-view-15.cdn.office.net/wv/s/h4C62E0A839514771_App_Scripts/1033/ Frame 3F82 100 KB
23 KB 30ms
8ms Script
application/javascript 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h4C62E0A839514771_App_Scripts/1033/CommonIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c62e0a839514771f36734881bfbaf14e3aaddfcf2b5426cc0c30f6a794292a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "50bf20f0e461d71:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.14214.41001
X-OfficeFE: AM4PEPF0000B023
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 22864
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 15 Jun 2021 12:49:53 GMT
X-OFFICEFD: AM4PEPF00006035
X-MSEdge-Ref: Ref A: EF8621145FC44A39BDA47D3237C3909F Ref B: AM3EDGE0113 Ref C: 2021-06-16T10:23:13Z
X-UserSessionId: ac776ef0-ceb8-4413-ba61-763501feeb8b
Date: Fri, 18 Jun 2021 12:32:17 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: ac776ef0-ceb8-4413-ba61-763501feeb8b
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Compat.js Show response
c1-word-view-15.cdn.office.net/wv/s/h06FE78141D1F3A43_App_Scripts/ Frame 3F82 6 KB
2 KB 35ms
11ms Script
application/javascript 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h06FE78141D1F3A43_App_Scripts/Compat.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "d7a723e3962d71:0"
X-OfficeCluster: US4C
X-OfficeVersion: 16.0.14214.41001
X-OfficeFE: DM3PEPF000132BD
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1365
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 15 Jun 2021 22:52:02 GMT
X-OFFICEFD: DM3PEPF00012E9B
X-MSEdge-Ref: Ref A: 4B3E09AA3E844B2DA9D595611CCB4430 Ref B: AM3EDGE0412 Ref C: 2021-06-16T06:50:37Z
X-UserSessionId: 57541bb3-65ab-404d-a3ac-46a2f8ac221d
Date: Fri, 18 Jun 2021 12:32:17 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 57541bb3-65ab-404d-a3ac-46a2f8ac221d
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WordViewerIntl.js Show response
c1-word-view-15.cdn.office.net/wv/s/h49AFD3FB5E69B631_App_Scripts/1033/ Frame 3F82 19 KB
5 KB 36ms
12ms Script
application/javascript 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h49AFD3FB5E69B631_App_Scripts/1033/WordViewerIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

49afd3fb5e69b631b949d25dfaf224c6532309563ca55d3aa9f59e4ee821dcd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: "fad8a9357a59d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14202.41005
X-OfficeFE: DB5PEPF00008425
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 4514
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 04 Jun 2021 19:45:45 GMT
X-OFFICEFD: DB5PEPF000082A7
X-MSEdge-Ref: Ref A: EB7D3929025A418B9008003D5632B14B Ref B: AMS04EDGE0912 Ref C: 2021-06-06T21:31:21Z
X-UserSessionId: f1cd3b83-2514-49f6-ac58-fbee817a0920
Date: Fri, 18 Jun 2021 12:32:17 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: f1cd3b83-2514-49f6-ac58-fbee817a0920
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK word-app-intl.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/h16322D20E21C7078_App_Scripts/1033/ Frame 3F82 333 KB
80 KB 33ms
7ms Script
application/javascript 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h16322D20E21C7078_App_Scripts/1033/word-app-intl.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

16322d20e21c707892990a326eefbfd90af27fcbe79dc871e4ec78806e28bf62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"cc51686cd62d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14214.41001
X-OfficeFE: AM4PEPF0000C139
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 81319
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 16 Jun 2021 16:34:48 GMT
X-OFFICEFD: AM4PEPF000068A6
X-MSEdge-Ref: Ref A: 23B02E9C125749AF99492FBEDDF939B5 Ref B: AM3EDGE0807 Ref C: 2021-06-16T16:34:48Z
X-UserSessionId: 36db7f73-020f-4625-8117-f76853a0eadf
Date: Fri, 18 Jun 2021 12:32:17 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 36db7f73-020f-4625-8117-f76853a0eadf
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WordViewerDS.js Show response
c1-word-view-15.cdn.office.net/wv/s/hF540E008959ACA62_App_Scripts/ Frame 3F82 2 MB
431 KB 10ms
9ms Script
application/javascript 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/hF540E008959ACA62_App_Scripts/WordViewerDS.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f540e008959aca62c1edfa8c6546a47c0c8ef5203ab76c9ddaf6d1dc2c2294f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"93e9593acd62d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14214.41001
X-OfficeFE: AM4PEPF00006A19
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 440348
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 16 Jun 2021 16:32:41 GMT
X-OFFICEFD: AM4PEPF000068C3
X-MSEdge-Ref: Ref A: B1A33EA7BFD24EDAB38B5ED2D2F01DE8 Ref B: AM3EDGE0810 Ref C: 2021-06-16T16:32:41Z
X-UserSessionId: a02952c0-4ab1-4084-b2b4-80914b3ae0bf
Date: Fri, 18 Jun 2021 12:32:17 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: a02952c0-4ab1-4084-b2b4-80914b3ae0bf
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 0
505 B 137ms
136ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14214.41014&waccluster=US3C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":1,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-officefdproxy: AM4PEPF000068BF
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: af87943f-f13a-4390-b3da-ade63acfdb51
x-officefd: AM4PEPF000068BF
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
x-powered-by: ARR/3.0
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://US3Cdso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: DCEB512DD10741738AC45903BF1F25C3 Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:17Z
timing-allow-origin: *

GET
H2 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 5E26 47 KB
14 KB 59ms
58ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=8241303702682EDF&resid=8241303702682EDF%2122564&authkey=ANQFF1613w0ZL34&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 18 Jun 2021 12:32:17 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 45648324-101e-00c8-0cd5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=15644674
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 5E26 203 KB
68 KB 59ms
59ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=8241303702682EDF&resid=8241303702682EDF%2122564&authkey=ANQFF1613w0ZL34&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 18 Jun 2021 12:32:17 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d2756be-501e-00e6-6fd5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=17927941
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 5E26 15 KB
6 KB 64ms
63ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=8241303702682EDF&resid=8241303702682EDF%2122564&authkey=ANQFF1613w0ZL34&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 18 Jun 2021 12:32:17 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b96f33ba-101e-0122-1fd5-eb35b1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=26437580
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 0
552 B 139ms
138ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14214.41014&waccluster=US3C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":49,"Value":"https://c1-word-view-15.cdn.office.net:443/wv/s/h28AFA73D8F39C9B3_resources/1033/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-officefdproxy: DB5PEPF000082E4
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: 167b4eff-1502-4e00-a049-42358ebc34ec
x-officefd: DB5PEPF000082E4
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
x-powered-by: ARR/3.0
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://US3Cdso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: C3EB575E7CC94CB792D21A42E38A9883 Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:17Z
timing-allow-origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 3F82 91 KB
92 KB 1070ms
1070ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&access_token=4wk1NQ7vk%2DRdyR7SXwcpk7KHqBbsDDze8%5Fce%2DpxtZ%2DHOKN4MxVlIOOURrwaMbhnqmJhNOyPXP%5F85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l%2Ducq9ldA%2DhcLpRedTE5K5sOIa8vFCJj4jhsog&access_token_ttl=1625833936599&z=aODI0MTMwMzcwMjY4MkVERiEyMjU2NC42&v=00000000-0000-0000-0000-000000000802&usid=cbc7df00-81d7-4d34-80b1-8867f51f9093&splashscreen=1&build=16.0.14214.41014&PdfMode=1&waccluster=US3C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7ca04ebe7c50022cac09e9feaae9c80cae54c006c92b270f42bcbd066aaa355b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 93057
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: f209f0f9-ce23-436a-856e-af7b6112fb5a
x-officefd: DM3PEPF000132E0
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&access_token=4wk1NQ7vk%2DRdyR7SXwcpk7KHqBbsDDze8%5Fce%2DpxtZ%2DHOKN4MxVlIOOURrwaMbhnqmJhNOyPXP%5F85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l%2Ducq9ldA%2DhcLpRedTE5K5sOIa8vFCJj4jhsog&access_token_ttl=1625833936599&z=aODI0MTMwMzcwMjY4MkVERiEyMjU2NC4200000000-0000-0000-0000-000000000802p1.img"
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 9DB254873E224EC58552198295B90BB1 Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:17Z
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:32:18 GMT

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 0
420 B 37ms
36ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hF540E008959ACA62_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000D7C8
x-officeversion: 16.0.14214.41014
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: c73d48a4-d526-4871-a8bf-93ed24de19c0
x-officecluster: GEU1C
x-usersessionid: c73d48a4-d526-4871-a8bf-93ed24de19c0
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 0ABEAEB9F0B74535B9CCD15442778DBF Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:17Z
timing-allow-origin: *
x-officefe: AM4PEPF0000CAB9

GET
H/1.1 200
OK segoeui.woff
c1-word-view-15.cdn.office.net/wv/s/h28AFA73D8F39C9B3_resources/1033/ Frame 3F82 22 KB
23 KB 7ms
7ms Font
font/x-woff 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h28AFA73D8F39C9B3_resources/1033/segoeui.woff

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h28AFA73D8F39C9B3_resources/1033/WordViewer.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://c1-word-view-15.cdn.office.net/wv/s/h28AFA73D8F39C9B3_resources/1033/WordViewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"2cdacc34535dd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14207.41013
X-OfficeFE: AM4PEPF0000C14D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 22720
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Jun 2021 17:16:38 GMT
X-OFFICEFD: AM4PEPF000068C2
X-MSEdge-Ref: Ref A: 1857EE3ADBFA4B4F9FE4449D23C486D7 Ref B: AM3EDGE0519 Ref C: 2021-06-09T17:16:37Z
X-UserSessionId: bdc2db66-da09-4331-93f4-00b222a6712a
Date: Fri, 18 Jun 2021 12:32:17 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: bdc2db66-da09-4331-93f4-00b222a6712a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 356 B
620 B 746ms
745ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&access_token=4wk1NQ7vk%2DRdyR7SXwcpk7KHqBbsDDze8%5Fce%2DpxtZ%2DHOKN4MxVlIOOURrwaMbhnqmJhNOyPXP%5F85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l%2Ducq9ldA%2DhcLpRedTE5K5sOIa8vFCJj4jhsog&access_token_ttl=1625833936599&z=aODI0MTMwMzcwMjY4MkVERiEyMjU2NC42&type=png&o15=1&ui=en-US&PdfMode=1

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h0DB98CE8C736E136_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

418a7ef9fc5954229ddc5f9f582a65598b4200e1dc4e8bbeceb64a6d5b602535

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DM3PEPF000137AC
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
X-OfficeVersion: 16.0.14214.41014
X-Key: IvvfC99sooDA77Bb+NdjnLw9hbDZkOvP5YWqc2HS28E=,637596163370966674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: US3C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 354
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 67e0bd0c-f811-4518-adec-c52df19ef66d
x-officefd: DM3PEPF000132E2
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: A0D0B09A5DDD4C999F00ECF16F77DAA7 Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:17Z
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:32:18 GMT

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
c1-word-view-15.cdn.office.net/wv/s/161421441014_App_Scripts/ Frame 3F82 40 KB
7 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161421441014_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hF540E008959ACA62_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"ceaca33bcd62d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14214.41001
X-OfficeFE: AM4PEPF00006A32
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5997
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 16 Jun 2021 16:32:43 GMT
X-OFFICEFD: AM4PEPF000068B0
X-MSEdge-Ref: Ref A: 05F9C8FB16314DB982838F8804963001 Ref B: AM3EDGE0519 Ref C: 2021-06-16T16:32:43Z
X-UserSessionId: 1f67171b-4d3f-4521-b99e-0850f5f9a964
Date: Fri, 18 Jun 2021 12:32:17 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 1f67171b-4d3f-4521-b99e-0850f5f9a964
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wapsw.png
c1-word-view-15.cdn.office.net/wv/s/161421441014_resources/1033/ Frame 3F82 6 KB
7 KB 34ms
34ms Image
image/png 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161421441014_resources/1033/wapsw.png?b=1601421441014

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"f744e96dd562d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14214.41001
X-OfficeFE: AM4PEPF0000728E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5884
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 16 Jun 2021 17:31:24 GMT
X-OFFICEFD: AM4PEPF000068B1
X-MSEdge-Ref: Ref A: A415DE4B7FA04EB389818C9201D6B6A6 Ref B: AMS04EDGE0415 Ref C: 2021-06-16T17:31:24Z
X-UserSessionId: 3e62e041-16b5-4b09-9f2f-11d66228f9c0
Date: Fri, 18 Jun 2021 12:32:17 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 3e62e041-16b5-4b09-9f2f-11d66228f9c0
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wv.png
c1-word-view-15.cdn.office.net/wv/s/161421441014_resources/1033/ Frame 3F82 34 KB
35 KB 19ms
6ms Image
image/png 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161421441014_resources/1033/wv.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"eb3f2a7bcd62d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14214.41001
X-OfficeFE: DB5PEPF000083DB
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 35196
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 16 Jun 2021 16:34:30 GMT
X-OFFICEFD: DB5PEPF000082D9
X-MSEdge-Ref: Ref A: 0D3A6ECA7F874B44BA2A4376A4D501F2 Ref B: AMS04EDGE0314 Ref C: 2021-06-16T16:34:30Z
X-UserSessionId: 17754ae6-8e50-499f-91c5-3ebaf9dbd779
Date: Fri, 18 Jun 2021 12:32:17 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 17754ae6-8e50-499f-91c5-3ebaf9dbd779
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 0
141 B 138ms
138ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14214.41014&waccluster=US3C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":381,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-officefdproxy: DB5PEPF000082E4
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: f6055327-2c35-47c2-8d87-345689e32de8
x-officefd: DB5PEPF000082E4
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
x-powered-by: ARR/3.0
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://US3Cdso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 15E1595D2A764DF785D1594BDEF65761 Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:17Z
timing-allow-origin: *

GET
BLOB 200
OK f86021b6-e9f9-4228-b2f4-8be9176e4954
https://word-view.officeapps.live.com/ Frame 3F82 224 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/f86021b6-e9f9-4228-b2f4-8be9176e4954
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf394c5b419639e1ba6d31509887addf54526117869c7ed912fc054c4effcc5b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 224
Content-Type: application/javascript

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 0
159 B 138ms
138ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14214.41014&waccluster=US3C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":1182,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-officefdproxy: DB5PEPF000082E4
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 1da2d5fa-c2f8-4c53-82ac-7354239846d1
x-officefd: DB5PEPF000082E4
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
x-powered-by: ARR/3.0
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://US3Cdso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 41F789FE9BDF4EA1A7F8DE41ADAAD928 Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:18Z
timing-allow-origin: *

GET
H/1.1 200
OK WordViewerDS.dll1.js Show response
c1-word-view-15.cdn.office.net/wv/s/hF540E008959ACA62_App_Scripts/ Frame 3F82 790 KB
132 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/hF540E008959ACA62_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hF540E008959ACA62_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1957112f0b0786b248a0047e6a244d43140a640f814f918dd468a9466009330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"8882b43bcd62d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14214.41001
X-OfficeFE: AM4PEPF00007293
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 133669
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 16 Jun 2021 16:32:44 GMT
X-OFFICEFD: AM4PEPF000068A3
X-MSEdge-Ref: Ref A: 33883B4CE0894ECB8C79BD61C92609D6 Ref B: AM3EDGE0721 Ref C: 2021-06-16T16:32:43Z
X-UserSessionId: 5bd66cf4-855b-48fc-94bc-5609337fc742
Date: Fri, 18 Jun 2021 12:32:18 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 5bd66cf4-855b-48fc-94bc-5609337fc742
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 121 KB
121 KB 299ms
298ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=cbc7df00-81d7-4d34-80b1-8867f51f9093&build=16.0.14214.41014&DataUrlEnabled=true&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&access_token=4wk1NQ7vk-RdyR7SXwcpk7KHqBbsDDze8_ce-pxtZ-HOKN4MxVlIOOURrwaMbhnqmJhNOyPXP_85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l-ucq9ldA-hcLpRedTE5K5sOIa8vFCJj4jhsog&access_token_ttl=1625833936848&z=aODI0MTMwMzcwMjY4MkVERiEyMjU2NC42&waccluster=US3C&PdfMode=1

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h0DB98CE8C736E136_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4a4a67b21b0454526a1dad9b8230b28a69fb992b8224bd4564fdf5f1edae2ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DM3PEPF000137AC
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
X-OfficeVersion: 16.0.14214.41014
X-Key: IvvfC99sooDA77Bb+NdjnLw9hbDZkOvP5YWqc2HS28E=,637596163370966674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: US3C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: f6e67bef-06cb-4afe-b7b5-128e4842cc95
x-officefd: DM3PEPF000132E1
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&access_token=4wk1NQ7vk%2DRdyR7SXwcpk7KHqBbsDDze8%5Fce%2DpxtZ%2DHOKN4MxVlIOOURrwaMbhnqmJhNOyPXP%5F85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l%2Ducq9ldA%2DhcLpRedTE5K5sOIa8vFCJj4jhsog&access_token_ttl=1625833936848&z=aODI0MTMwMzcwMjY4MkVERiEyMjU2NC4200000000-0000-0000-0000-000000000802p1.img"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/plain
cache-control: private
x-msedge-ref: Ref A: 1B2C7075701F4F618FEED37A0A4B496F Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:18Z
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:32:18 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 77 KB
76 KB 307ms
307ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=cbc7df00-81d7-4d34-80b1-8867f51f9093&build=16.0.14214.41014&DataUrlEnabled=true&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&access_token=4wk1NQ7vk-RdyR7SXwcpk7KHqBbsDDze8_ce-pxtZ-HOKN4MxVlIOOURrwaMbhnqmJhNOyPXP_85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l-ucq9ldA-hcLpRedTE5K5sOIa8vFCJj4jhsog&access_token_ttl=1625833936848&z=aODI0MTMwMzcwMjY4MkVERiEyMjU2NC42&waccluster=US3C&PdfMode=1

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h0DB98CE8C736E136_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b612e6edbd84cafd1bc590177bfa8e66c8ccc782a5b6ba98a4907afc07eba970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DM3PEPF000137AC
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
X-OfficeVersion: 16.0.14214.41014
X-Key: IvvfC99sooDA77Bb+NdjnLw9hbDZkOvP5YWqc2HS28E=,637596163370966674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: US3C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: d2c80f81-caab-4399-abea-0445378b8a7b
x-officefd: DM3PEPF000132E4
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&access_token=4wk1NQ7vk%2DRdyR7SXwcpk7KHqBbsDDze8%5Fce%2DpxtZ%2DHOKN4MxVlIOOURrwaMbhnqmJhNOyPXP%5F85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l%2Ducq9ldA%2DhcLpRedTE5K5sOIa8vFCJj4jhsog&access_token_ttl=1625833936848&z=aODI0MTMwMzcwMjY4MkVERiEyMjU2NC4200000000-0000-0000-0000-000000000802p2.img"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/plain
cache-control: private
x-msedge-ref: Ref A: 9A3FFBB7EA8B45FB9E770182B828CE5F Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:18Z
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:32:18 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 121 KB
121 KB 324ms
324ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h0DB98CE8C736E136_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4a4a67b21b0454526a1dad9b8230b28a69fb992b8224bd4564fdf5f1edae2ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DM3PEPF000137AC
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
X-OfficeVersion: 16.0.14214.41014
X-Key: IvvfC99sooDA77Bb+NdjnLw9hbDZkOvP5YWqc2HS28E=,637596163370966674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: US3C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: 32640eba-9f25-4a30-9167-acf1080f6ac4
x-officefd: DM3PEPF000132E2
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&access_token=4wk1NQ7vk%2DRdyR7SXwcpk7KHqBbsDDze8%5Fce%2DpxtZ%2DHOKN4MxVlIOOURrwaMbhnqmJhNOyPXP%5F85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l%2Ducq9ldA%2DhcLpRedTE5K5sOIa8vFCJj4jhsog&access_token_ttl=1625833936848&z=aODI0MTMwMzcwMjY4MkVERiEyMjU2NC4200000000-0000-0000-0000-000000000802p1.img"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/plain
cache-control: private
x-msedge-ref: Ref A: DF22E516698B47828109571E3DF6EC6F Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:18Z
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:32:18 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 77 KB
75 KB 309ms
309ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h0DB98CE8C736E136_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b612e6edbd84cafd1bc590177bfa8e66c8ccc782a5b6ba98a4907afc07eba970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DM3PEPF000137AC
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
X-OfficeVersion: 16.0.14214.41014
X-Key: IvvfC99sooDA77Bb+NdjnLw9hbDZkOvP5YWqc2HS28E=,637596163370966674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: US3C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 4fa63e8f-37fa-495e-b9eb-4d6df36d09d2
x-officefd: DM3PEPF000132E2
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&access_token=4wk1NQ7vk%2DRdyR7SXwcpk7KHqBbsDDze8%5Fce%2DpxtZ%2DHOKN4MxVlIOOURrwaMbhnqmJhNOyPXP%5F85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l%2Ducq9ldA%2DhcLpRedTE5K5sOIa8vFCJj4jhsog&access_token_ttl=1625833936848&z=aODI0MTMwMzcwMjY4MkVERiEyMjU2NC4200000000-0000-0000-0000-000000000802p2.img"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/plain
cache-control: private
x-msedge-ref: Ref A: 54E509F0BF214744B2229DB940C53CFC Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:18Z
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:32:18 GMT

GET
H/1.1 200
OK officebrowserfeedback_floodgate.js Show response
c1-word-view-15.cdn.office.net/wv/s/161421441014_App_Scripts/Feedback/latest/ Frame 3F82 461 KB
110 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161421441014_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hF540E008959ACA62_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ffabcc83de9d8f48900871d75fe16e52ad64a31b3019270ff8c1a62c3a837ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"80103df9cf62d71:0"
X-OfficeCluster: US3C
X-OfficeVersion: 16.0.14214.41001
X-OfficeFE: DM3PEPF00012E8F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 111152
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 16 Jun 2021 16:52:21 GMT
X-OFFICEFD: DM3PEPF000132E3
X-MSEdge-Ref: Ref A: A1DF0C2B9BBE4486A7964CFD944D0068 Ref B: AM3EDGE0221 Ref C: 2021-06-16T16:52:21Z
X-UserSessionId: 8f2981d2-0d8e-441c-addc-426a4571e1e7
Date: Fri, 18 Jun 2021 12:32:18 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 8f2981d2-0d8e-441c-addc-426a4571e1e7
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 0
764 B 136ms
136ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14214.41014&waccluster=US3C

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h0DB98CE8C736E136_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wk1NQ7vk-RdyR7SXwcpk7KHqBbsDDze8_ce-pxtZ-HOKN4MxVlIOOURrwaMbhnqmJhNOyPXP_85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l-ucq9ldA-hcLpRedTE5K5sOIa8vFCJj4jhsog
X-WacFrontEnd: DM3PEPF000137AC
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
X-OfficeVersion: 16.0.14214.41014
X-Key: IvvfC99sooDA77Bb+NdjnLw9hbDZkOvP5YWqc2HS28E=,637596163370966674
X-bULS-SuppressionETag: B42955CDF92B047F047CCAC869BA56A1B5B22606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1625833936599
X-WacCluster: US3C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: B42955CDF92B047F047CCAC869BA56A1B5B22606
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-officefdproxy: DB5PEPF000082A4
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5dc9e955-01a4-4a77-9a4e-a81cb2c6fddd
x-officefd: DB5PEPF000082A4
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
x-powered-by: ARR/3.0
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://US3Cdso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: EEB4A446812145B2BA86BDFBF2F76A63 Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:18Z
timing-allow-origin: *

GET
H/1.1 200
OK progress.gif
c1-word-view-15.cdn.office.net/wv/s/161421441014_resources/1033/ Frame 3F82 695 B
2 KB 7ms
7ms Image
image/gif 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161421441014_resources/1033/progress.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"92ed6f8ccd62d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14214.41001
X-OfficeFE: AM4PEPF0000C13A
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 16 Jun 2021 16:34:59 GMT
X-OFFICEFD: AM4PEPF000068B5
X-MSEdge-Ref: Ref A: 810D1B9826684A1F8DF98C606FEF014E Ref B: AM3EDGE0417 Ref C: 2021-06-16T16:34:59Z
X-UserSessionId: 894e07f4-b6d1-4e15-98a4-d5c3ba70e113
Date: Fri, 18 Jun 2021 12:32:18 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 894e07f4-b6d1-4e15-98a4-d5c3ba70e113
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 23 KB
5 KB 210ms
210ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=cbc7df00-81d7-4d34-80b1-8867f51f9093&build=16.0.14214.41014&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&access_token=4wk1NQ7vk%2DRdyR7SXwcpk7KHqBbsDDze8%5Fce%2DpxtZ%2DHOKN4MxVlIOOURrwaMbhnqmJhNOyPXP%5F85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l%2Ducq9ldA%2DhcLpRedTE5K5sOIa8vFCJj4jhsog&access_token_ttl=1625833936599&z=aODI0MTMwMzcwMjY4MkVERiEyMjU2NC42&waccluster=US3C&PdfMode=1

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h0DB98CE8C736E136_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4ba5fee7160dbd2702e50e533fba8d1ae1cdefbb71c4e502503d12ad72547129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DM3PEPF000137AC
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
X-OfficeVersion: 16.0.14214.41014
X-Key: IvvfC99sooDA77Bb+NdjnLw9hbDZkOvP5YWqc2HS28E=,637596163370966674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: US3C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4814
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 2c1005f3-5216-4b5a-84d9-5325af908005
x-officefd: DM3PEPF000132E5
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&access_token=4wk1NQ7vk%2DRdyR7SXwcpk7KHqBbsDDze8%5Fce%2DpxtZ%2DHOKN4MxVlIOOURrwaMbhnqmJhNOyPXP%5F85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l%2Ducq9ldA%2DhcLpRedTE5K5sOIa8vFCJj4jhsog&access_token_ttl=1625833936599&z=aODI0MTMwMzcwMjY4MkVERiEyMjU2NC4200000000-0000-0000-0000-000000000802p_1_10.xml"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: F26467AC75704B3A971CCD72BA236E46 Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:18Z
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:32:18 GMT

GET
H/1.1 200
OK officebrowserfeedback.css
c1-word-view-15.cdn.office.net/wv/s/161421441014_App_Scripts/Feedback/latest/ Frame 3F82 17 KB
4 KB 18ms
18ms Stylesheet
text/css 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161421441014_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161421441014_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f38ce06529719c5b1b9a7dc1872e73b1f276d69073395208fc2569235f514130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"0a7d5f9cf62d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14214.41001
X-OfficeFE: AM4PEPF00006A2C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 3103
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 16 Jun 2021 16:52:22 GMT
X-OFFICEFD: AM4PEPF000068C8
X-MSEdge-Ref: Ref A: 65BA1E90D15D480090FB724784DA3347 Ref B: AMS04EDGE0709 Ref C: 2021-06-16T16:52:22Z
X-UserSessionId: cbe62d68-404d-4b24-9289-e02ccf25e3ca
Date: Fri, 18 Jun 2021 12:32:18 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: cbe62d68-404d-4b24-9289-e02ccf25e3ca
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK officebrowserfeedbackstrings.js Show response
c1-word-view-15.cdn.office.net/wv/s/161421441014_App_Scripts/Feedback/latest/Intl/en/ Frame 3F82 2 KB
2 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161421441014_App_Scripts/Feedback/latest/Intl/en/officebrowserfeedbackstrings.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161421441014_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

66a7b3384214fc3480358d41cbcb8bbafe31dc1f4cb4332289f701ccbb85ed1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"f59d41abd262d71:0"
X-OfficeCluster: US4C
X-OfficeVersion: 16.0.14214.41001
X-OfficeFE: DM3PEPF000132D5
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1072
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 16 Jun 2021 17:11:38 GMT
X-OFFICEFD: DM3PEPF000132AE
X-MSEdge-Ref: Ref A: D13F1ECB7D17484EB5B66C9FC73BAE4E Ref B: AM3EDGE0705 Ref C: 2021-06-16T17:11:38Z
X-UserSessionId: 58fca728-e113-4386-a394-3ed5d22f818e
Date: Fri, 18 Jun 2021 12:32:18 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 58fca728-e113-4386-a394-3ed5d22f818e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 3F82 42 KB
16 KB 271ms
68ms Script
application/javascript 23.67.139.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hF540E008959ACA62_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 23.67.139.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-139-82.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:18 GMT
X-MSNServer: RD0003FF1D9652
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=78899, public
X-ODWebServer: westeurope0-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 0
507 B 143ms
142ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14214.41014&waccluster=US3C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1508,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-officefdproxy: AM4PEPF000068C5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 0c0dd292-c009-4c79-be62-89dc2ed3d336
x-officefd: AM4PEPF000068C5
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
x-powered-by: ARR/3.0
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://US3Cdso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: EB0D6833085D4E4FBCD885CFD0577A8C Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:18Z
timing-allow-origin: *

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 121 KB
121 KB 138ms
137ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h0DB98CE8C736E136_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4a4a67b21b0454526a1dad9b8230b28a69fb992b8224bd4564fdf5f1edae2ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DM3PEPF000137AC
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
X-OfficeVersion: 16.0.14214.41014
X-Key: IvvfC99sooDA77Bb+NdjnLw9hbDZkOvP5YWqc2HS28E=,637596163370966674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: US3C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7fc912c3-24f7-412b-bdbe-31280588a6ca
x-officefd: DM3PEPF000132E0
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&access_token=4wk1NQ7vk%2DRdyR7SXwcpk7KHqBbsDDze8%5Fce%2DpxtZ%2DHOKN4MxVlIOOURrwaMbhnqmJhNOyPXP%5F85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l%2Ducq9ldA%2DhcLpRedTE5K5sOIa8vFCJj4jhsog&access_token_ttl=1625833936848&z=aODI0MTMwMzcwMjY4MkVERiEyMjU2NC4200000000-0000-0000-0000-000000000802p1.img"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/plain
cache-control: private
x-msedge-ref: Ref A: B83DE4F719E148A3A4B636D13CD7CDE1 Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:18Z
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:32:18 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 77 KB
75 KB 131ms
131ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h0DB98CE8C736E136_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b612e6edbd84cafd1bc590177bfa8e66c8ccc782a5b6ba98a4907afc07eba970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DM3PEPF000137AC
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
X-OfficeVersion: 16.0.14214.41014
X-Key: IvvfC99sooDA77Bb+NdjnLw9hbDZkOvP5YWqc2HS28E=,637596163370966674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: US3C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: 1c38b9be-0277-4605-86a0-e7e3ca86722a
x-officefd: DM3PEPF000132E0
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&access_token=4wk1NQ7vk%2DRdyR7SXwcpk7KHqBbsDDze8%5Fce%2DpxtZ%2DHOKN4MxVlIOOURrwaMbhnqmJhNOyPXP%5F85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l%2Ducq9ldA%2DhcLpRedTE5K5sOIa8vFCJj4jhsog&access_token_ttl=1625833936848&z=aODI0MTMwMzcwMjY4MkVERiEyMjU2NC4200000000-0000-0000-0000-000000000802p2.img"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/plain
cache-control: private
x-msedge-ref: Ref A: E7D45E74DA6548A080C703B2B4FF91E3 Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:18Z
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:32:18 GMT

GET
DATA 200
OK truncated
/ Frame 3F82 91 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ca04ebe7c50022cac09e9feaae9c80cae54c006c92b270f42bcbd066aaa355b

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK otelFullNext.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161421441014_App_Scripts/ Frame 3F82 102 KB
28 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:299::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161421441014_App_Scripts/otelFullNext.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hF540E008959ACA62_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:299::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9f553f430e2fc8e45625b192b1cccc849b538c19f4951909f2690039ae3a509d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"edd5cb3bcd62d71:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14214.41001
X-OfficeFE: BL6PEPF0000B88E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 27938
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 16 Jun 2021 16:32:44 GMT
X-OFFICEFD: BL6PEPF00007A92
X-MSEdge-Ref: Ref A: 32EB8C4BDA7B4A3D9D2815834CAC5679 Ref B: AM3EDGE0221 Ref C: 2021-06-16T16:32:44Z
X-UserSessionId: be641f68-e246-4f7b-bfa7-5aca93d8d8ad
Date: Fri, 18 Jun 2021 12:32:18 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: be641f68-e246-4f7b-bfa7-5aca93d8d8ad
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
DATA 200
OK truncated
/ Frame 3F82 58 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42e0410f8b90054689c52d3d0aed018d8d07737420bd411daf0d11f31398f012

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 3F82 4 B
333 B 537ms
133ms XHR
application/json 168.62.57.154
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161421441014_App_Scripts/otelFullNext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.62.57.154 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:18 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 translation.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 2 KB
2 KB 126ms
126ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&access_token=4wk1NQ7vk%2DRdyR7SXwcpk7KHqBbsDDze8%5Fce%2DpxtZ%2DHOKN4MxVlIOOURrwaMbhnqmJhNOyPXP%5F85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l%2Ducq9ldA%2DhcLpRedTE5K5sOIa8vFCJj4jhsog&access_token_ttl=1625833936599&z=aODI0MTMwMzcwMjY4MkVERiEyMjU2NC42&uilang=en-US

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h0DB98CE8C736E136_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1447be2f8700ed7ba4dcebd2e29efe1429fbf7f2f4a0c1fe8664467dfbe18934

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DM3PEPF000137AC
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
X-OfficeVersion: 16.0.14214.41014
X-Key: IvvfC99sooDA77Bb+NdjnLw9hbDZkOvP5YWqc2HS28E=,637596163370966674
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: US3C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1199
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 864e6535-d822-4384-9235-427a724a0c17
x-officefd: DM3PEPF000132E4
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 3E48B156FE084F2BA227357C7031448F Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:19Z
timing-allow-origin: *
expires: -1

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 3F82 0
397 B 540ms
134ms XHR
application/json 168.62.57.154
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161421441014_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.62.57.154 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 12:32:19 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 475
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3F82 0
470 B 134ms
134ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14214.41014&waccluster=US3C

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h0DB98CE8C736E136_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wk1NQ7vk-RdyR7SXwcpk7KHqBbsDDze8_ce-pxtZ-HOKN4MxVlIOOURrwaMbhnqmJhNOyPXP_85Vcgy9DvvOJ41fDySD41sbhVV2nsmXOIqJMlqu5l-ucq9ldA-hcLpRedTE5K5sOIa8vFCJj4jhsog
X-WacFrontEnd: DM3PEPF000137AC
X-UserSessionId: cbc7df00-81d7-4d34-80b1-8867f51f9093
X-OfficeVersion: 16.0.14214.41014
X-Key: IvvfC99sooDA77Bb+NdjnLw9hbDZkOvP5YWqc2HS28E=,637596163370966674
X-bULS-SuppressionETag: B42955CDF92B047F047CCAC869BA56A1B5B22606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-US&rs=en-US&hid=S1ta6G0tNUGqUfGXV3EAdA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8241303702682EDF%2122564&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1625833936599
X-WacCluster: US3C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US3C
x-officeversion: 16.0.14214.41014
x-officefe: DM3PEPF000137AC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: B42955CDF92B047F047CCAC869BA56A1B5B22606
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-officefdproxy: AM4PEPF000068A7
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 96a6f362-d17c-431d-9604-11551fe68a9f
x-officefd: AM4PEPF000068A7
x-usersessionid: cbc7df00-81d7-4d34-80b1-8867f51f9093
x-powered-by: ARR/3.0
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://US3Cdso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: ABD8ED8A6E8847A1AA3C3C1DEFAB60EE Ref B: AM3EDGE0718 Ref C: 2021-06-18T12:32:20Z
timing-allow-origin: *

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 3F82 24 B
380 B 543ms
139ms XHR
application/json 168.62.57.154
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.4.6&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1624019540749&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161421441014_App_Scripts/otelFullNext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.62.57.154 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 18 Jun 2021 12:32:20 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 476
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

POST
H2 404 log Show response
onedrive.live.com/ Frame 5E26 77 KB
77 KB 182ms
181ms XHR
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/log

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=8241303702682EDF&resid=8241303702682EDF%2122564&authkey=ANQFF1613w0ZL34&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6793e83748d770d69f345c5a4e9aef6785748a8b90e2539e8a4b2ccedc38c507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/embed?cid=8241303702682EDF&resid=8241303702682EDF%2122564&authkey=ANQFF1613w0ZL34&em=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
x-msnserver: RD0003FFA503E4
x-content-type-options: nosniff
x-msedge-ref: Ref A: 4A1289FF1A544140AD658DC6153A690A Ref B: STOEDGE0718 Ref C: 2021-06-18T12:32:26Z
x-odwebserver: centralus0-odwebpl
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
date: Fri, 18 Jun 2021 12:32:26 GMT
content-length: 78806
expires: -1

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: GEU1C-ARRAffinity Value: 5900db846508abdc09f571f5cca9d853b076c148d7b6a98b0b26fc0d5372d74d
.word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: US3C-ARRAffinity Value: 306cfeb6b78dd58886e9fcb9a2ea2c7c77aa79a7f64f17979679ea9a11a8b16c
word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
word-view.officeapps.live.com/	1970-01-19 21:19:28	Name: DcLcid Value: ui=1033&data=1033

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c1-word-view-15.cdn.office.net
cdn2.editmysite.com
ec.editmysite.com
fonts.googleapis.com
fonts.gstatic.com
js.live.net
mrbannerspsychology.weebly.com
onedrive.live.com
spoprod-a.akamaihd.net
ssl.google-analytics.com
word-view.officeapps.live.com
13.107.42.13
168.62.57.154
199.34.228.54
2.16.186.40
23.67.139.82
2620:1ec:a92::171
2a00:1450:4001:802::200a
2a00:1450:4001:809::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2003
2a02:26f0:6c00:299::4b36
2a04:4e42:1b::302
52.43.249.183
004224d90390c7cd683c2b1911c8ff02da3c2f1dd84db133333f3d704adb7355
0567021bc3973d113c6b0b6e68d0e9a8b53f38a7f60716c83214a133cc00139a
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0
0d887fc553f2b9a6488c8bbdeb38d0e70e2da58d5bb34161d32f683af096fdb8
0db98ce8c736e136938dbacd3b2eb09e144fb5884c2f331290b36639ead2a94d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
1447be2f8700ed7ba4dcebd2e29efe1429fbf7f2f4a0c1fe8664467dfbe18934
16322d20e21c707892990a326eefbfd90af27fcbe79dc871e4ec78806e28bf62
225f89c2ea498b938eebe62483dcaa2857781e0d2c99306de9c8a1e15d6041b2
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
251a983a1b4b2cc76542aa398ae6b3499978a788860b54a8081d35d7a843303c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28afa73d8f39c9b3715f72ece2946cc24d28639ae7108c4b42026d080a7bdbcf
34489ae45b8749aa518a888ad417089b659ef6d87bb41dcfdf520a5876bd4da9
35cdc7b5a73fc2f331a119a059ecd51b343d25ed792bd40f7c07f831f6825e06
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
418a7ef9fc5954229ddc5f9f582a65598b4200e1dc4e8bbeceb64a6d5b602535
42e0410f8b90054689c52d3d0aed018d8d07737420bd411daf0d11f31398f012
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
49afd3fb5e69b631b949d25dfaf224c6532309563ca55d3aa9f59e4ee821dcd2
4a4a67b21b0454526a1dad9b8230b28a69fb992b8224bd4564fdf5f1edae2ee4
4ba5fee7160dbd2702e50e533fba8d1ae1cdefbb71c4e502503d12ad72547129
4c62e0a839514771f36734881bfbaf14e3aaddfcf2b5426cc0c30f6a794292a9
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
52e3e4a8c55bc3e562ec8ae059e2c8790999db6f366fcc70aa16501183ba4b4e
580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd
5ad5da5d4ac7232271b6e05309f0f1e32478ccf9c94db1f39600f68c24cd1e62
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
5db62aa458a6809ed23deafe8d857fc56b35c622b348fc6fc1fb656ef4ecb8b6
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3
65032d5699bf3d4deb4313aa4d1bb8375053ac7e93dfb4bf631ce9261da20c2b
66a7b3384214fc3480358d41cbcb8bbafe31dc1f4cb4332289f701ccbb85ed1b
6793e83748d770d69f345c5a4e9aef6785748a8b90e2539e8a4b2ccedc38c507
6cf218958d64f246283b5f47aba1d1b8e6a63ceef532b4a61699016fb2ff539b
7aaed48b38bb098b1e9793b2b9b79a4d675524d9633c71d8a493d1ea041107b4
7ca04ebe7c50022cac09e9feaae9c80cae54c006c92b270f42bcbd066aaa355b
7cfa5bbd0b5eab0328ed5c820c45c8d2a957a875b6645f48621200730956ed38
839adaf9cb38e9717af566d9ee9b45d7aae1f053d263016f25781d33835c8f75
83f8b8932766826c1dd3a228b48f4072586ca09f781d64e2950d9f0e235c00a0
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
882997052ffa8cde78ce075386cfd9a449397dbc3dcd28a25d4b9c3a12f5f053
92aa2ae4628ab2d54971bfcaf93fed1818371e6ee2e11a30de2f8a1f33225026
98c860c9b7ad348fa4c71815d9240b4906517a1016e9c3690642b46c1e0d6c33
9f553f430e2fc8e45625b192b1cccc849b538c19f4951909f2690039ae3a509d
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
b1957112f0b0786b248a0047e6a244d43140a640f814f918dd468a9466009330
b45d4969ed551094fb4371ce3993f1b521eba757126b0590ce4d0555c00eccb8
b46c27dab08a7ec57d93f5e88b459a653b41bccee4b5d3879cf8c4362ebf1600
b612e6edbd84cafd1bc590177bfa8e66c8ccc782a5b6ba98a4907afc07eba970
b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
ba97504b136b447bea2ecc59111ba5a63200d2662f92936d0f7c206492b989d8
bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c615e34ad4947b7b8b71138d27fffc6b29d126522adbda2a18e4c0ead22d9f54
cd90fcced90b8a01c2676e83a598e4ac36c7ff2395e283f6aff12a0ec13aa65a
cf394c5b419639e1ba6d31509887addf54526117869c7ed912fc054c4effcc5b
d27529b03950926d7ca577684b16cd5bb6a582b24ac9ee98a5d069a0170900a0
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
e06baca13f25df9c7d684fc1b1fdfbbbb95070a1d5a9cd648632da7bccc90b96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48469422f2399af86a193ad057708aa809ae5ad050b607660ae21e8adb6940f
e8fce53e602b22e525d06ba31b166bb4ff461319bc9ae53caad095d185a4d15b
f092ce3f26729c49f0477894d638e87827f9901aedbdbae000272b71f7833795
f38ce06529719c5b1b9a7dc1872e73b1f276d69073395208fc2569235f514130
f540e008959aca62c1edfa8c6546a47c0c8ef5203ab76c9ddaf6d1dc2c2294f0
f7e5bfab5caea363372dddcb0aeb094b89656bfa15257110072800a69296eebf
ffabcc83de9d8f48900871d75fe16e52ad64a31b3019270ff8c1a62c3a837ff4

mrbannerspsychology.weebly.com Open in urlscan Pro 199.34.228.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

91 Requests

99 %HTTPS

54 %IPv6

10 Domains

14 Subdomains

14 IPs

2 Countries

9835 kBTransfer

15973 kBSize

4 Cookies

1 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mrbannerspsychology.weebly.com Open in urlscan Pro
199.34.228.54 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

99 %
HTTPS

54 %
IPv6

10
Domains

14
Subdomains

14
IPs

2
Countries

9835 kB
Transfer

15973 kB
Size

4
Cookies

91 HTTP transactions
2 data transactions