Submitted URL: http://office.live.com/start/Word.aspx
Effective URL: https://office.live.com/start/Word.aspx
Submission: On June 16 via manual from US

Summary

This website contacted 9 IPs in 4 countries across 4 domains to perform 31 HTTP transactions. The main IP is 52.108.240.54, located in Redmond, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is office.live.com.
TLS certificate: Issued by Microsoft IT TLS CA 1 on April 25th 2018. Valid for: 2 years.
This is the only time office.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 52.108.240.54 8075 (MICROSOFT...)
13 2.18.232.191 16625 (AKAMAI-AS)
1 131.253.61.68 8075 (MICROSOFT...)
1 104.41.216.16 8075 (MICROSOFT...)
1 184.31.81.125 20940 (AKAMAI-ASN1)
5 52.109.32.22 8075 (MICROSOFT...)
7 104.109.65.123 20940 (AKAMAI-ASN1)
1 13.107.6.171 8068 (MICROSOFT...)
31 9
Domain Requested by
13 c1-odc-15.cdn.office.net office.live.com
c1-odc-15.cdn.office.net
7 cdn.odc.officeapps.live.com odc.officeapps.live.com
5 odc.officeapps.live.com c1-odc-15.cdn.office.net
odc.officeapps.live.com
2 office.live.com 1 redirects c1-odc-15.cdn.office.net
1 word-edit.officeapps.live.com c1-odc-15.cdn.office.net
1 auth.gfx.ms login.live.com
1 login.microsoftonline.com c1-odc-15.cdn.office.net
1 login.live.com c1-odc-15.cdn.office.net
31 8
Subject Issuer Validity Valid
officeapps.live.com
Microsoft IT TLS CA 1
2018-04-25 -
2020-04-25
2 years crt.sh
login.live.com
Microsoft IT TLS CA 1
2017-08-12 -
2019-08-12
2 years crt.sh
stamp2.login.microsoftonline.com
Microsoft IT TLS CA 4
2017-12-28 -
2019-12-28
2 years crt.sh
odc.officeapps.live.com
Microsoft IT TLS CA 2
2017-12-18 -
2019-12-18
2 years crt.sh
cdn.odc.officeapps.live.com
Microsoft IT TLS CA 5
2018-03-16 -
2020-03-16
2 years crt.sh

This page contains 5 frames:

Primary Page: https://office.live.com/start/Word.aspx
Frame ID: D1B7523A1439A231C9396D21EDA65DDD
Requests: 15 HTTP requests in this frame

Frame: https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://office.live.com/start/Word.aspx
Frame ID: DA304D0AA7EB6810A5A0D2CB2BA6E769
Requests: 2 HTTP requests in this frame

Frame: https://login.microsoftonline.com/savedusers?wreply=https://office.live.com/start/Word.aspx&appid=4b233688-031c-404b-9a80-a4f3f2351f90
Frame ID: 7E5AF2C1C8028FD09A9D9670974AD9E1
Requests: 1 HTTP requests in this frame

Frame: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Frame ID: A7D96A1464833B7E3662B68729BB06C8
Requests: 12 HTTP requests in this frame

Frame: https://word-edit.officeapps.live.com/we/StaticLoad.aspx?wx=w&wv=e&ui=en%2DUS&usescript=1
Frame ID: 4ABBD5A434BE7D7EF8EE7979D18B64FD
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://office.live.com/start/Word.aspx HTTP 302
    https://office.live.com/start/Word.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
  • url /\.aspx(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • url /\.aspx(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
  • url /\.aspx(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

31
Requests

52 %
HTTPS

0 %
IPv6

4
Domains

8
Subdomains

9
IPs

4
Countries

483 kB
Transfer

774 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://office.live.com/start/Word.aspx HTTP 302
    https://office.live.com/start/Word.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Word.aspx
office.live.com/start/
Redirect Chain
  • http://office.live.com/start/Word.aspx
  • https://office.live.com/start/Word.aspx
16 KB
5 KB
Document
General
Full URL
https://office.live.com/start/Word.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.108.240.54 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3ed54dfe0b94e17d786f83ac34ab6afb25cf41073f8055ebcbcfc41cd727b908
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:method
GET
:authority
office.live.com
:scheme
https
:path
/start/Word.aspx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
cookie
DcLcid=ui=1033&data=1033; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
D1B7523A1439A231C9396D21EDA65DDD

Response headers

status
200
cache-control
private
content-length
4103
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
s_id=2c1a798a-5d70-4190-a4bf-8607bc910a69; expires=Sat, 16-Jun-2018 16:38:50 GMT; path=/; secure; HttpOnly DcLcid=ui=1033&data=1033; expires=Sun, 16-Sep-2018 16:08:50 GMT; path=/; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/ AADNonce=4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389; domain=live.com; path=/; secure; HttpOnly
x-correlationid
2c1a798a-5d70-4190-a4bf-8607bc910a69
x-usersessionid
2c1a798a-5d70-4190-a4bf-8607bc910a69
strict-transport-security
max-age=31536000
x-ccr
true
x-officefe
cc5b7aa5e57f
x-officeversion
16.0.9513.7775
x-officecluster
IE1
x-content-type-options
nosniff
x-frame-options
DENY
x-officefd
17aba37649cb
date
Sat, 16 Jun 2018 16:08:50 GMT

Redirect headers

Cache-Control
private
Content-Length
156
Content-Type
text/html; charset=utf-8
Location
https://office.live.com/start/Word.aspx
Server
Microsoft-IIS/10.0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Set-Cookie
s_id=3e94c099-dbbb-455e-8ad2-88f2edd887eb; expires=Sat, 16-Jun-2018 16:38:50 GMT; path=/; secure; HttpOnly DcLcid=ui=1033&data=1033; expires=Sun, 16-Sep-2018 16:08:50 GMT; path=/; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/
X-CorrelationId
3e94c099-dbbb-455e-8ad2-88f2edd887eb
X-UserSessionId
3e94c099-dbbb-455e-8ad2-88f2edd887eb
Strict-Transport-Security
max-age=31536000
X-CCR
true
X-OfficeFE
8a10998e64d6
X-OfficeVersion
16.0.9513.7775
X-OfficeCluster
IE1
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
DENY
X-OFFICEFD
338ec5d74a1c
Date
Sat, 16 Jun 2018 16:08:50 GMT
landing.css
c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/
24 KB
6 KB
Stylesheet
General
Full URL
https://c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/landing.css
Requested by
Host: office.live.com
URL: https://office.live.com/start/Word.aspx
Protocol
HTTP/1.1
Server
2.18.232.191 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
16e01663d61a1e80d11d143143d1456efc436b73bf5945f598c3cb3cbbfa02ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://office.live.com/start/Word.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"0276110d34d41:0"
X-OFFICEFD
a63038e33220
X-OfficeVersion
16.0.10313.35950
X-OfficeFE
211fe50dda71
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
4827
Cache-Control
private
Last-Modified
Fri, 15 Jun 2018 18:02:46 GMT
X-OfficeCluster
IE1
X-MSEdge-Ref
Ref A: 0DE4133FC2AA48E29C6147046D7265E5 Ref B: AMS04EDGE0506 Ref C: 2018-06-15T18:03:15Z
X-UserSessionId
c478ecd1-91bc-4126-a937-c6e5a26f54cd
Date
Sat, 16 Jun 2018 16:08:50 GMT
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
X-CorrelationId
c478ecd1-91bc-4126-a937-c6e5a26f54cd
Accept-Ranges
bytes
sharedheaderwithfonts.css
c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/
11 KB
4 KB
Stylesheet
General
Full URL
https://c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/sharedheaderwithfonts.css
Requested by
Host: office.live.com
URL: https://office.live.com/start/Word.aspx
Protocol
HTTP/1.1
Server
2.18.232.191 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
19e3f094773896cfb8f171ab72ccd873ac52a697a6e1696596c993731e6e85da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://office.live.com/start/Word.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"8033aa21d34d41:0"
X-OFFICEFD
ba774fec8982
X-OfficeVersion
16.0.10313.35950
X-OfficeFE
7f225c9f315a
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
2902
Cache-Control
private
Last-Modified
Fri, 15 Jun 2018 18:03:15 GMT
X-OfficeCluster
IE1
X-MSEdge-Ref
Ref A: 309B1B49707048ED9025DEAA61EA0575 Ref B: AMS04EDGE0711 Ref C: 2018-06-15T18:03:15Z
X-UserSessionId
1928a0fa-312a-4390-8b2a-f0a5185a70dd
Date
Sat, 16 Jun 2018 16:08:50 GMT
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
X-CorrelationId
1928a0fa-312a-4390-8b2a-f0a5185a70dd
Accept-Ranges
bytes
home.js
c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/
23 KB
7 KB
Script
General
Full URL
https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/home.js
Requested by
Host: office.live.com
URL: https://office.live.com/start/Word.aspx
Protocol
HTTP/1.1
Server
2.18.232.191 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1268a76a28669bf9774e2ad1705ad3144d7cf69bf8a16da93ddb0953a337a848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://office.live.com/start/Word.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"8033aa21d34d41:0"
X-OFFICEFD
8d4d4eabcef2
X-OfficeVersion
16.0.10313.35950
X-OfficeFE
fdf8e0a01933
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
6136
Cache-Control
private
Last-Modified
Fri, 15 Jun 2018 18:03:15 GMT
X-OfficeCluster
IE1
X-MSEdge-Ref
Ref A: CF3F16B559164B1A87ED166EB0587761 Ref B: AMS04EDGE0506 Ref C: 2018-06-15T18:03:15Z
X-UserSessionId
b1796b87-3a5b-495e-a8e5-1583d59403d1
Date
Sat, 16 Jun 2018 16:08:50 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
b1796b87-3a5b-495e-a8e5-1583d59403d1
Accept-Ranges
bytes
DefaultSignIn.min.js
c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/
16 KB
4 KB
Script
General
Full URL
https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/DefaultSignIn.min.js
Requested by
Host: office.live.com
URL: https://office.live.com/start/Word.aspx
Protocol
HTTP/1.1
Server
2.18.232.191 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
107f056a45cb04eb4410c30e9f81c6ba58fa18d2f55a4564509175f3690d79f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://office.live.com/start/Word.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"80b86cdd24d41:0"
X-OFFICEFD
487f60a1ab62
X-OfficeVersion
16.0.10313.35950
X-OfficeFE
0ddd76572460
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
3461
Cache-Control
private
Last-Modified
Fri, 15 Jun 2018 18:00:53 GMT
X-OfficeCluster
IE1
X-MSEdge-Ref
Ref A: ED1976BB101F4773988BC744F414A7CA Ref B: AMS04EDGE0711 Ref C: 2018-06-15T18:00:53Z
X-UserSessionId
e512a17a-2c01-4121-aaf3-d9d95e80d22a
Date
Sat, 16 Jun 2018 16:08:50 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
e512a17a-2c01-4121-aaf3-d9d95e80d22a
Accept-Ranges
bytes
jquery.min.js
c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/
95 KB
35 KB
Script
General
Full URL
https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/jquery.min.js
Requested by
Host: office.live.com
URL: https://office.live.com/start/Word.aspx
Protocol
HTTP/1.1
Server
2.18.232.191 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ea3a67cfb50b576086dc8ca92fd98c5dc24c78d1579d543573db293aca9b5a28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://office.live.com/start/Word.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"80b86cdd24d41:0"
X-OFFICEFD
861ddee04a03
X-OfficeVersion
16.0.10313.35950
X-OfficeFE
67c04049d7cf
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
34739
Cache-Control
private
Last-Modified
Fri, 15 Jun 2018 18:00:53 GMT
X-OfficeCluster
IE1
X-MSEdge-Ref
Ref A: 90D80151990042D3AAE184BBC7360B5F Ref B: AMS04EDGE0514 Ref C: 2018-06-15T18:00:53Z
X-UserSessionId
1256265d-ccb9-47f7-b437-3bd3054771bc
Date
Sat, 16 Jun 2018 16:08:50 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
1256265d-ccb9-47f7-b437-3bd3054771bc
Accept-Ranges
bytes
commondiagnostics.js
c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/
29 KB
10 KB
Script
General
Full URL
https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/commondiagnostics.js
Requested by
Host: office.live.com
URL: https://office.live.com/start/Word.aspx
Protocol
HTTP/1.1
Server
2.18.232.191 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2f78ee7317dc4d8897932b5a6e90e13d3c5eb740ccb64b50bfcc18793025d6a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://office.live.com/start/Word.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"80b86cdd24d41:0"
X-OFFICEFD
a79d144ca826
X-OfficeVersion
16.0.10313.35950
X-OfficeFE
556d8649f596
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
9197
Cache-Control
private
Last-Modified
Fri, 15 Jun 2018 18:00:53 GMT
X-OfficeCluster
IE1
X-MSEdge-Ref
Ref A: FEB8D34D16954001AA9C69D048778A18 Ref B: AMS04EDGE0814 Ref C: 2018-06-15T18:00:53Z
X-UserSessionId
bd98053b-85eb-4375-a7ec-048e7d3d24e8
Date
Sat, 16 Jun 2018 16:08:50 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
bd98053b-85eb-4375-a7ec-048e7d3d24e8
Accept-Ranges
bytes
clicklogging.js
c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/
2 KB
2 KB
Script
General
Full URL
https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/clicklogging.js
Requested by
Host: office.live.com
URL: https://office.live.com/start/Word.aspx
Protocol
HTTP/1.1
Server
2.18.232.191 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ed6fd415cc6ee8375785ba73334cbc0f5e25e55e27c6e0adff02fd9a6bd0328c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://office.live.com/start/Word.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"33ad90cdd24d41:0"
X-OFFICEFD
d97b7057cbb8
X-OfficeVersion
16.0.10313.35950
X-OfficeFE
211fe50dda71
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
740
Cache-Control
private
Last-Modified
Fri, 15 Jun 2018 18:00:53 GMT
X-OfficeCluster
IE1
X-MSEdge-Ref
Ref A: A2FD784F10BD4E5589551A3854A2AC64 Ref B: AMS04EDGE0308 Ref C: 2018-06-15T18:00:53Z
X-UserSessionId
0c000d30-7976-4c23-8337-fa8bbbccfe01
Date
Sat, 16 Jun 2018 16:08:50 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
0c000d30-7976-4c23-8337-fa8bbbccfe01
Accept-Ranges
bytes
CancelGlyph.16x16x32.png
c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/
304 B
1 KB
Image
General
Full URL
https://c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/CancelGlyph.16x16x32.png
Requested by
Host: office.live.com
URL: https://office.live.com/start/Word.aspx
Protocol
HTTP/1.1
Server
2.18.232.191 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bb20a8a39f0035d73590f61565c4b373cb60085037186c2c8bc0e6e730dcff88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://office.live.com/start/Word.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"fff8b815d34d41:0"
X-OFFICEFD
3ac2a4138782
X-CCR
true
X-OfficeVersion
16.0.10313.35950
X-OfficeFE
67c04049d7cf
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
304
Cache-Control
private
Last-Modified
Fri, 15 Jun 2018 18:02:54 GMT
X-OfficeCluster
IE1
X-MSEdge-Ref
Ref A: 298EEC383A294B8C925FDB906CB4D36C Ref B: AMS04EDGE0506 Ref C: 2018-06-15T18:12:59Z
X-UserSessionId
af357332-d9c9-49f1-84c7-095f0e3fe243
Date
Sat, 16 Jun 2018 16:08:50 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
af357332-d9c9-49f1-84c7-095f0e3fe243
Accept-Ranges
bytes
App_Switcher_Waffle.50x50x32.png
c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/
203 B
961 B
Image
General
Full URL
https://c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/App_Switcher_Waffle.50x50x32.png?b=16095137775
Requested by
Host: office.live.com
URL: https://office.live.com/start/Word.aspx
Protocol
HTTP/1.1
Server
2.18.232.191 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
67edce575ea04a1c6fedcf7054811b736a5ba3f0cfb9eb8140a6b5f422b53b03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://office.live.com/start/Word.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"96a5435dd24d41:0"
X-OFFICEFD
0d3c1c294384
X-MSEdge-Ref
Ref A: 05C0724CAAB34ABC8E61545651E212DF Ref B: AMS04EDGE0309 Ref C: 2018-06-15T18:03:15Z
X-OfficeVersion
16.0.9513.7775
X-OfficeFE
2e09ab4e5be5
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
203
Cache-Control
private
Last-Modified
Fri, 15 Jun 2018 17:57:45 GMT
X-OfficeCluster
IE1
X-UserSessionId
59c4b8ed-4f9c-44ec-bc18-4dc860a63312
Date
Sat, 16 Jun 2018 16:08:50 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
59c4b8ed-4f9c-44ec-bc18-4dc860a63312
Accept-Ranges
bytes
wapsw.png
c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/
6 KB
6 KB
Image
General
Full URL
https://c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/wapsw.png?b=16095137775
Requested by
Host: office.live.com
URL: https://office.live.com/start/Word.aspx
Protocol
HTTP/1.1
Server
2.18.232.191 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://office.live.com/start/Word.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"40c22622d34d41:0"
X-OFFICEFD
487f60a1ab62
X-MSEdge-Ref
Ref A: CF3CFE67128146059064D26F7C944F84 Ref B: AMS04EDGE0711 Ref C: 2018-06-15T18:03:15Z
X-OfficeVersion
16.0.10313.35950
X-OfficeFE
a9d826fc9bd0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
5884
Cache-Control
private
Last-Modified
Fri, 15 Jun 2018 18:03:15 GMT
X-OfficeCluster
IE1
X-UserSessionId
6e2283e0-2079-4304-a6de-7bb1d45dd0fc
Date
Sat, 16 Jun 2018 16:08:50 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
6e2283e0-2079-4304-a6de-7bb1d45dd0fc
Accept-Ranges
bytes
Globe_Light.20x20x32.png
c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/
504 B
1 KB
Image
General
Full URL
https://c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/Globe_Light.20x20x32.png?b=16095137775
Requested by
Host: office.live.com
URL: https://office.live.com/start/Word.aspx
Protocol
HTTP/1.1
Server
2.18.232.191 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
89ffdcc7c149b81a4aa03769e1c69b47ac2a9c005dcb7fb00d9ae7560e9e3e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://office.live.com/start/Word.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"45c72922d34d41:0"
X-OFFICEFD
635e160a68b3
X-MSEdge-Ref
Ref A: AD5D2DF9F00E4104AA1A623C29D27BD8 Ref B: AMS04EDGE0506 Ref C: 2018-06-15T18:03:15Z
X-OfficeVersion
16.0.10313.35950
X-OfficeFE
7f225c9f315a
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
504
Cache-Control
private
Last-Modified
Fri, 15 Jun 2018 18:03:15 GMT
X-OfficeCluster
IE1
X-UserSessionId
208bd3ad-bb1f-4c21-b87d-38129472b380
Date
Sat, 16 Jun 2018 16:08:50 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
208bd3ad-bb1f-4c21-b87d-38129472b380
Accept-Ranges
bytes
segoeuil.woff
c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/
22 KB
22 KB
Font
General
Full URL
https://c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/segoeuil.woff
Requested by
Host: c1-odc-15.cdn.office.net
URL: https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/jquery.min.js
Protocol
HTTP/1.1
Server
2.18.232.191 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
207ba9800c3ee8ec17db342827b4e78ada94c9101a0e4f39ecde92450f06c5ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/sharedheaderwithfonts.css
Origin
https://office.live.com

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"c7ae1317d44d41:0"
X-OFFICEFD
487f60a1ab62
X-MSEdge-Ref
Ref A: CB44981383DD4BAEA04F7185FBF5DAEB Ref B: AMS04EDGE0506 Ref C: 2018-06-15T18:12:44Z
X-OfficeVersion
16.0.10313.35950
X-OfficeFE
a1770e06ecb6
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
22204
Cache-Control
private
Last-Modified
Fri, 15 Jun 2018 18:10:06 GMT
X-OfficeCluster
IE1
X-UserSessionId
5c945f5b-0609-45f0-9579-9bf1366325fe
Date
Sat, 16 Jun 2018 16:08:50 GMT
Content-Type
font/x-woff
Access-Control-Allow-Origin
*
X-CorrelationId
5c945f5b-0609-45f0-9579-9bf1366325fe
Accept-Ranges
bytes
Cookie set Me.srf
login.live.com/ Frame DA30
3 KB
2 KB
Document
General
Full URL
https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://office.live.com/start/Word.aspx
Requested by
Host: c1-odc-15.cdn.office.net
URL: https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/DefaultSignIn.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
131.253.61.68 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
b64c2e5ebef290b887385f82dae5f8561ad62d5b836524728b751522b9561f96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
login.live.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://office.live.com/start/Word.aspx
Accept-Encoding
gzip, deflate
Cookie
AADNonce=4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
D1B7523A1439A231C9396D21EDA65DDD
Referer
https://office.live.com/start/Word.aspx

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
Sat, 16 Jun 2018 16:07:51 GMT
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie
uaid=29cbd4e247c248b58a45ca3699e7569d; domain=login.live.com;secure= ;path=/;HTTPOnly= ;version=1 MSPRequ=lt=1529165331&co=1&id=N; secure= ;path=/;HTTPOnly=;version=1
PPServer
PPV: 30 H: BAYIDSLGN1B031 V: 0
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
Date
Sat, 16 Jun 2018 16:08:51 GMT
Connection
close
Content-Length
1402
Cookie set savedusers
login.microsoftonline.com/ Frame 7E5A
0
0
Document
General
Full URL
https://login.microsoftonline.com/savedusers?wreply=https://office.live.com/start/Word.aspx&appid=4b233688-031c-404b-9a80-a4f3f2351f90
Requested by
Host: c1-odc-15.cdn.office.net
URL: https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/DefaultSignIn.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.41.216.16 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Host
login.microsoftonline.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://office.live.com/start/Word.aspx
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
D1B7523A1439A231C9396D21EDA65DDD
Referer
https://office.live.com/start/Word.aspx

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
x-ms-request-id
76f3b0bc-bf85-4110-ad16-05fb808e2900
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie
esctx=AQABAAAAAADX8GCi6Js6SK82TsD2Pb7r7D_NGo1aKjfnEuDLloalNAz3KmCAF-Y4PCl8vWpmSxlUBllrqnbF_58_ZCv65X_429x3NRYFiIYyrJdLsFDa-1NuOD0Fn-zw3l99820tPolZLJtey6cVT8bXRr9r4BT5xLZ-gA7D4kA5rkG-ImA2ttSePNGaWRawQ34Hy6ISV04gAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly x-ms-gateway-slice=004; path=/; secure; HttpOnly stsservicecookie=ests; path=/; secure; HttpOnly
X-Powered-By
ASP.NET
Date
Sat, 16 Jun 2018 16:08:50 GMT
Content-Length
1030
MeControl.js
auth.gfx.ms/16.000.27807.2/ Frame DA30
16 KB
6 KB
Script
General
Full URL
https://auth.gfx.ms/16.000.27807.2/MeControl.js
Requested by
Host: login.live.com
URL: https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://office.live.com/start/Word.aspx
Protocol
HTTP/1.1
Server
184.31.81.125 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-81-125.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
fc45efc6e63e4b16cc52fffb6294bef2ce4ab84a19075a993ab38d180ec1b6a4

Request headers

Referer
https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://office.live.com/start/Word.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 16:08:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Jun 2018 04:58:00 GMT
PPServer
PPV: 30 H: BAYIDSPRTS3G003 V: 0
ETag
"0bca11b1cfed31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=483750
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5829
Server
Microsoft-IIS/8.5
hrd
odc.officeapps.live.com/odc/v2.0/ Frame A7D9
8 KB
9 KB
Document
General
Full URL
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Requested by
Host: c1-odc-15.cdn.office.net
URL: https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/home.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.109.32.22 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
908ce5b8cb8b9424c55dd4b57f33252bf84d6713f2d67417560bbddf6b9fcd41
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Host
odc.officeapps.live.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://office.live.com/start/Word.aspx
Accept-Encoding
gzip, deflate
Cookie
AADNonce=4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
D1B7523A1439A231C9396D21EDA65DDD
Referer
https://office.live.com/start/Word.aspx

Response headers

Cache-Control
private, max-age=2592000
Content-Type
text/html; charset=utf-8
Server
Microsoft-IIS/8.5
X-CorrelationId
ecad2287-ebae-4a65-85ee-8138afb0beeb
X-UserSessionId
ecad2287-ebae-4a65-85ee-8138afb0beeb
X-OfficeFE
OdcFrontEnd_IN_35
X-OfficeVersion
16.0.9506.6600
X-OfficeCluster
ukw-odc.officeapps.live.com
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
X-UA-Compatible
IE=11
X-Powered-By
ASP.NET
X-Content-Type-Options
nosniff
Date
Sat, 16 Jun 2018 16:08:50 GMT
Content-Length
8512
progress.gif
c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/
695 B
1 KB
Image
General
Full URL
https://c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/progress.gif
Protocol
HTTP/1.1
Server
2.18.232.191 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://c1-odc-15.cdn.office.net/start/s/1695137775_resources/1033/sharedheaderwithfonts.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"e79f7866d24d41:0"
X-OFFICEFD
6c2737da71fc
X-MSEdge-Ref
Ref A: C6049E036D92468585E4F5CDB6452275 Ref B: AMS04EDGE0309 Ref C: 2018-06-15T18:03:16Z
X-OfficeVersion
16.0.9513.7775
X-OfficeFE
429ab8ce18e2
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
695
Cache-Control
private
Last-Modified
Fri, 15 Jun 2018 17:58:00 GMT
X-OfficeCluster
IE1
X-UserSessionId
208bd3ad-bb1f-4c21-b87d-38129472b380
Date
Sat, 16 Jun 2018 16:08:51 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-CorrelationId
592e55ad-0894-4f6b-8c03-a3d21ba080c3
Accept-Ranges
bytes
hrd.css
odc.officeapps.live.com/odc/stat/ Frame A7D9
21 KB
5 KB
Stylesheet
General
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.css?b=9506.6600
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.109.32.22 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6bfb935e7839a148dcb8cf4ec33436f130d0f3f44c51c58c9ad12f2f8f5c8a1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 16:08:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
ukw-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_35
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
4850
Cache-Control
private, max-age=2592000
Last-Modified
Wed, 06 Jun 2018 21:13:04 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
28f9dbc4-f2b9-48c5-8806-ba87f80d3319
ETag
"0f05128dbfdd31:0"
Vary
Accept-Encoding
Content-Type
text/css
X-CorrelationId
28f9dbc4-f2b9-48c5-8806-ba87f80d3319
Accept-Ranges
bytes
X-OfficeVersion
16.0.9506.6600
microsoft_logo.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame A7D9
4 KB
2 KB
Image
General
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/microsoft_logo.svg?b=9506.6600
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.65.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-65-123.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cdn.odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 16:08:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
ukw-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_23
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
1435
Cache-Control
private, max-age=2440130
Last-Modified
Tue, 05 Jun 2018 22:28:18 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
aef4374d-9c6f-4540-bc2a-e186fb00d0b3
ETag
"0ed75801cfdd31:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-CorrelationId
aef4374d-9c6f-4540-bc2a-e186fb00d0b3
Accept-Ranges
bytes
X-OfficeVersion
16.0.9505.6601
picker-account-aad.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame A7D9
756 B
1 KB
Image
General
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-aad.svg?b=9506.6600
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.65.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-65-123.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cdn.odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 16:08:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
ukw-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_23
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
394
Cache-Control
private, max-age=2440172
Last-Modified
Tue, 05 Jun 2018 22:28:14 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
3d8ceac0-dd58-48fb-8761-c079c238bae0
ETag
"093137e1cfdd31:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-CorrelationId
3d8ceac0-dd58-48fb-8761-c079c238bae0
Accept-Ranges
bytes
X-OfficeVersion
16.0.9505.6601
picker-account-msa.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame A7D9
379 B
984 B
Image
General
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-msa.svg?b=9506.6600
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.65.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-65-123.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cdn.odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 16:08:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_9
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
254
Cache-Control
private, max-age=2440226
Last-Modified
Tue, 05 Jun 2018 22:28:14 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
c8b0db5a-9ea7-483c-9abb-4df9a58d6c16
ETag
"093137e1cfdd31:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-CorrelationId
c8b0db5a-9ea7-483c-9abb-4df9a58d6c16
Accept-Ranges
bytes
X-OfficeVersion
16.0.9505.6601
jquery-1.12.4.min.js
cdn.odc.officeapps.live.com/odc/stat/ Frame A7D9
95 KB
34 KB
Script
General
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/jquery-1.12.4.min.js?b=9506.6600
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.65.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-65-123.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cdn.odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 16:08:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_45
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
33814
Cache-Control
private, max-age=2440120
Last-Modified
Thu, 16 Jun 2016 16:24:04 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
ad3e0646-f446-4a34-908e-5d3572c438db
ETag
"0ea737febc7d11:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
ad3e0646-f446-4a34-908e-5d3572c438db
Accept-Ranges
bytes
X-OfficeVersion
16.0.9505.6601
knockout-3.4.2.js
cdn.odc.officeapps.live.com/odc/stat/ Frame A7D9
59 KB
23 KB
Script
General
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/knockout-3.4.2.js?b=9506.6600
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.65.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-65-123.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cdn.odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 16:08:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
ukw-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_30
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
22381
Cache-Control
private, max-age=2440237
Last-Modified
Mon, 06 Mar 2017 19:44:18 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
a318f694-dbbc-425f-a4e3-915cc372fe2f
ETag
"015ffab296d21:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
a318f694-dbbc-425f-a4e3-915cc372fe2f
Accept-Ranges
bytes
X-OfficeVersion
16.0.9505.6601
CommonDiagnostics.js
cdn.odc.officeapps.live.com/odc/stat/ Frame A7D9
29 KB
10 KB
Script
General
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/CommonDiagnostics.js?b=9506.6600
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.65.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-65-123.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2f78ee7317dc4d8897932b5a6e90e13d3c5eb740ccb64b50bfcc18793025d6a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cdn.odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 16:08:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_45
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
9197
Cache-Control
private, max-age=2440176
Last-Modified
Tue, 05 Jun 2018 22:28:14 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
aba1a6d1-341b-4b13-a93e-a4bf9dbe1550
ETag
"093137e1cfdd31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
aba1a6d1-341b-4b13-a93e-a4bf9dbe1550
Accept-Ranges
bytes
X-OfficeVersion
16.0.9505.6601
jsonstrings
cdn.odc.officeapps.live.com/odc/ Frame A7D9
3 KB
2 KB
Script
General
Full URL
https://cdn.odc.officeapps.live.com/odc/jsonstrings?g=EmailHrdv2&mkt=1033&hm=0&b=9506.6600
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.65.123 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-65-123.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a6d3d96be5ec1e5e3e4a5d51ebe5f71722312d2c03528e622c498bca4b1b0fa3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cdn.odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 16:08:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-CorrelationId
af03c0e8-f0af-45c3-aa9d-c1f0e6a517d5
X-OfficeCluster
weu-odc.officeapps.live.com
X-UserSessionId
af03c0e8-f0af-45c3-aa9d-c1f0e6a517d5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-OfficeFE
OdcFrontEnd_IN_129
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Server
Microsoft-IIS/8.5
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
1011
X-OfficeVersion
16.0.9506.6600
hrd.min.js
odc.officeapps.live.com/odc/stat/ Frame A7D9
13 KB
5 KB
Script
General
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.min.js?b=9506.6600
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.109.32.22 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
aea37db9db263c31a6961e5cfd79a44d2112195c69142b66725a4a94048cadb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 16:08:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
ukw-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_35
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
4061
Cache-Control
private, max-age=2592000
Last-Modified
Wed, 06 Jun 2018 21:13:02 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
e6cd4b8a-8154-4ad0-a7e7-eecc58c87b99
ETag
"0c32027dbfdd31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
e6cd4b8a-8154-4ad0-a7e7-eecc58c87b99
Accept-Ranges
bytes
X-OfficeVersion
16.0.9506.6600
background.jpg
odc.officeapps.live.com/odc/stat/images/hrd/ Frame A7D9
277 KB
277 KB
Image
General
Full URL
https://odc.officeapps.live.com/odc/stat/images/hrd/background.jpg
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.109.32.22 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://odc.officeapps.live.com/odc/stat/hrd.css?b=9506.6600
Cookie
AADNonce=4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/stat/hrd.css?b=9506.6600
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 16:08:51 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
ukw-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_35
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
283351
Cache-Control
private, max-age=2592000
Last-Modified
Wed, 06 Jun 2018 21:13:00 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
28f8e383-29cb-4e03-a385-7fb0561ae932
ETag
"096ef25dbfdd31:0"
Content-Type
image/jpeg
X-CorrelationId
28f8e383-29cb-4e03-a385-7fb0561ae932
Accept-Ranges
bytes
X-OfficeVersion
16.0.9506.6600
background-small.jpg
odc.officeapps.live.com/odc/stat/images/hrd/ Frame A7D9
1 KB
2 KB
Image
General
Full URL
https://odc.officeapps.live.com/odc/stat/images/hrd/background-small.jpg
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=0&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.109.32.22 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c13db279143e1845ee4aaee5afedc5bd75e9f7d50024b63883b45332c4960b3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://odc.officeapps.live.com/odc/stat/hrd.css?b=9506.6600
Cookie
AADNonce=4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/stat/hrd.css?b=9506.6600
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 16:08:52 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
ukw-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_103
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
1029
Cache-Control
private, max-age=2592000
Last-Modified
Wed, 06 Jun 2018 21:13:04 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
40d97d2a-67e2-4c51-9c76-f4f86e3335c1
ETag
"0f05128dbfdd31:0"
Content-Type
image/jpeg
X-CorrelationId
40d97d2a-67e2-4c51-9c76-f4f86e3335c1
Accept-Ranges
bytes
X-OfficeVersion
16.0.9506.6600
StaticLoad.aspx
word-edit.officeapps.live.com/we/ Frame 4ABB
451 B
1 KB
Document
General
Full URL
https://word-edit.officeapps.live.com/we/StaticLoad.aspx?wx=w&wv=e&ui=en%2DUS&usescript=1
Requested by
Host: c1-odc-15.cdn.office.net
URL: https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/home.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b784c771369739c8cc60a51e5931477ac6a1ef0932d6b05f71f8e780d0ec7fd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
word-edit.officeapps.live.com
:scheme
https
:path
/we/StaticLoad.aspx?wx=w&wv=e&ui=en%2DUS&usescript=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://office.live.com/start/Word.aspx
accept-encoding
gzip, deflate
cookie
AADNonce=4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
D1B7523A1439A231C9396D21EDA65DDD
Referer
https://office.live.com/start/Word.aspx

Response headers

status
200
cache-control
private
content-length
454
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1033&data=1033; expires=Sun, 16-Sep-2018 16:08:53 GMT; path=/; secure; HttpOnly
x-correlationid
4904269a-490a-40fc-9003-eb12161c96f0
x-usersessionid
4904269a-490a-40fc-9003-eb12161c96f0
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-ccr
true
x-officefe
041f8589ccc0
x-officeversion
16.0.9513.7775
x-officecluster
IE1
x-content-type-options
nosniff
x-officefd
f9a6a23bc4e6
x-msedge-ref
Ref A: CE19D84B1CD742FE8B38E608153E22BD Ref B: AMS04EDGE0317 Ref C: 2018-06-16T16:08:53Z
date
Sat, 16 Jun 2018 16:08:53 GMT
RemoteUls.ashx
office.live.com/start/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
office.live.com
URL
https://office.live.com/start/RemoteUls.ashx

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| StopEventPropagation function| TabLoop function| ExpandHeader function| OnSwitcherLauncherKeyDown function| CollapseHeader string| g_rootDomain function| DismissPopupBanner function| GetRootDomain function| CreateCookie undefined| g_instantCreateNewToken undefined| g_instantCreateNewTokenExpiry boolean| g_instantCreateNewTokenFailure boolean| g_isFormDigestRequestActive function| GetFormDigestForInstantCreateNew function| FormDigestIsValid function| OnSwitcherDialogKeyDown function| OnSwitcherDialogKeyUp boolean| g_persistentDialog object| g_hrdTimeout function| BypassSignInControl function| ExtractHostnameFromUrl function| ProcessSignIn object| g_defaultSignInTimeout number| g_preferredIdpForDefaultSignIn undefined| g_orgIdReturnUrl undefined| g_msaReturnUrl string| g_appId function| AttemptDefaultSignIn function| HandleDefaultSignInResult function| ProcessSignInControlDialog function| ShowPersistentSignInControl function| ShowSignInControl function| MakeSignInControlVisible function| HideSignInControl function| onSignInDialogKeyUp function| hideAllDropDownMenus function| toggleDropDownMenu function| OnSwitcherTileMouseDown function| RestoreSwitcherTileVisuals function| GetSwitcherTiles function| AttachSwitcherTileEvents function| HRDListener function| RegisterHRDListener function| AppendOrReplaceQueryParameter function| HandleShowNext function| PositionHrd function| HandleOnHrdReady function| HandleLaunchUrl function| hasCookie boolean| g_createNewClicked boolean| g_getServerUserInfoCallFailed boolean| g_createNewNavigated boolean| g_showNavigateToTeamSiteDialog string| g_teamSiteUrl undefined| g_spinnerHandle boolean| g_prewarmAuthAlreadyRun boolean| g_createNewNavigateStarted function| GetCreateNewReqsAndNavigateIfClicked function| GetOrgIdDestinationUrl function| ShowNavigateToTeamSiteDialog function| OnGetServerUserInfoCallFailed function| OnGetFormDigestForInstantCreateNewFailed function| NavigateToErrorPage function| CreateNewDocument function| ShowLoadingSpinnerOnPanel function| NavigateToCreateNewDocument function| PostRequestToTargetUrl function| SetStaticAssetsFrameUrl function| SetPrewarmAuthFrameUrl function| GetInstantCreateNewBaseUrl function| GetUserBaseUrl function| ShouldWaitOnPrewarm function| OnPrewarmLoaded function| SetWarmupFrameUrl number| g_msoulscat_Wac_WebAppsPortal boolean| g_loggingInitialized boolean| g_errorLogged function| InitializeLogging function| DisposeLogging function| SendClickInfo function| SendBrowserInfo function| OnError function| SetErrorHtml object| AuthType object| Operation object| ErrorCode object| TimerUtils object| IframeUtils object| Constants object| LoggingUtils function| IdpUserResult function| DefaultSignInOptions function| getDefaultAadUser function| getDefaultMsaUser function| findDefaultSignedInUser function| convertAadUserData function| convertMsaUserData function| getAadData function| getMsaData function| getAadMsaData boolean| enableConsoleLog undefined| msaFedEnabled function| getAccount function| $ function| jQuery string| g_signupUrl string| g_msaPasswordResetUrl string| g_msaLoginUrl string| g_hrdIframeUrl string| g_orgIdLoginUrl string| g_authType string| g_fullScreenHrd object| g_hrdOverride boolean| g_defaultSignInEnabled string| g_defaultSignInAadHost string| g_staticAssetUrl object| g_dnsWarmupUrls number| g_dnsWarmupDelay string| g_canary string| g_createNewHandlerPath string| g_createNewErrorPage string| g_createNewTimeout string| g_uploadTargetUrl string| g_instantCreateNewIsEnabled string| g_signedOutUrl string| g_strK1ErrorHeader string| g_strK1ErrorMessage string| g_strK1TeamSiteButtonText string| g_strK1OfficeDotComButtonText string| g_sessionIdString string| g_PageName string| g_sid string| g_cid function| Type function| $6 object| Sys object| Diag object| g_atlasDictionary function| AddAtlasTag function| GetAtlasTagUrl function| AddAtlasTagsToDictionary function| GetAnchorTagAncestor function| RegisterLogEventListeners function| LogKeyDown function| LogMouseDown function| UploadClickInfo

5 Cookies

Domain/Path Name / Value
office.live.com/ Name: BIGipCookie
Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
office.live.com/ Name: DcLcid
Value: ui=1033&data=1033
.live.com/ Name: AADNonce
Value: 4505d787-8f41-4e27-aa61-b7423591dd3b.636647621308032389
office.live.com/ Name: s_id
Value: 2c1a798a-5d70-4190-a4bf-8607bc910a69
office.live.com/start Name:
Value:

7 Console Messages

Source Level URL
Text
console-api log URL: https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/DefaultSignIn.min.js(Line 1)
Message:
Validation of configurations options finished successfully.
console-api log URL: https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/DefaultSignIn.min.js(Line 1)
Message:
Data received from AAD PostMessage: {"userList":[],"idp":"aad","performance":{"idp":"aad","timing":{"navigationStart":1529165330950,"unloadEventStart":0,"unloadEventEnd":0,"redirectStart":0,"redirectEnd":0,"fetchStart":1529165330951,"domainLookupStart":1529165330951,"domainLookupEnd":1529165330952,"connectStart":1529165330952,"connectEnd":1529165331042,"secureConnectionStart":1529165330980,"requestStart":1529165331042,"responseStart":1529165331113,"responseEnd":1529165331115,"domLoading":1529165331116,"domInteractive":1529165331120,"domContentLoadedEventStart":1529165331120,"domContentLoadedEventEnd":1529165331120,"domComplete":1529165331120,"loadEventStart":1529165331120,"loadEventEnd":1529165331120},"entries":[{"name":"https://login.microsoftonline.com/savedusers?wreply=https://office.live.com/start/Word.aspx&appid=4b233688-031c-404b-9a80-a4f3f2351f90","entryType":"navigation","startTime":0,"duration":170.29999941587448,"initiatorType":"navigation","nextHopProtocol":"http/1.1","workerStart":0,"redirectStart":0,"redirectEnd":0,"fetchStart":1.3999994844198227,"domainLookupStart":1.7999988049268723,"domainLookupEnd":2.2999998182058334,"connectStart":2.2999998182058334,"connectEnd":92.00000017881393,"secureConnectionStart":29.899999499320984,"requestStart":92.00000017881393,"responseStart":163.69999945163727,"responseEnd":165.29999859631062,"transferSize":1873,"encodedBodySize":1030,"decodedBodySize":3176,"serverTiming":[],"unloadEventStart":0,"unloadEventEnd":0,"domInteractive":170.19999958574772,"domContentLoadedEventStart":170.19999958574772,"domContentLoadedEventEnd":170.19999958574772,"domComplete":170.29999941587448,"loadEventStart":170.29999941587448,"loadEventEnd":170.29999941587448,"type":"navigate","redirectCount":0}],"ssoReload":false}}
console-api log URL: https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/DefaultSignIn.min.js(Line 1)
Message:
Time taken to get AAD user data: 175
console-api log URL: https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/DefaultSignIn.min.js(Line 1)
Message:
Data received from MSA PostMessage: {"error":"8004100C","userList":[],"postLogoutRedirectUriValid":false}
console-api log URL: https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/DefaultSignIn.min.js(Line 1)
Message:
Time taken to Msa user data: 858
console-api log URL: https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/DefaultSignIn.min.js(Line 1)
Message:
Error '8004100C' found in the data.
console-api log URL: https://c1-odc-15.cdn.office.net/start/s/1695137775_App_Scripts/DefaultSignIn.min.js(Line 1)
Message:
No signed in AAD user found.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.gfx.ms
c1-odc-15.cdn.office.net
cdn.odc.officeapps.live.com
login.live.com
login.microsoftonline.com
odc.officeapps.live.com
office.live.com
word-edit.officeapps.live.com
office.live.com
104.109.65.123
104.41.216.16
13.107.6.171
131.253.61.68
184.31.81.125
2.18.232.191
52.108.240.54
52.109.32.22
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
107f056a45cb04eb4410c30e9f81c6ba58fa18d2f55a4564509175f3690d79f6
1268a76a28669bf9774e2ad1705ad3144d7cf69bf8a16da93ddb0953a337a848
16e01663d61a1e80d11d143143d1456efc436b73bf5945f598c3cb3cbbfa02ae
19e3f094773896cfb8f171ab72ccd873ac52a697a6e1696596c993731e6e85da
207ba9800c3ee8ec17db342827b4e78ada94c9101a0e4f39ecde92450f06c5ac
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
2f78ee7317dc4d8897932b5a6e90e13d3c5eb740ccb64b50bfcc18793025d6a9
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3ed54dfe0b94e17d786f83ac34ab6afb25cf41073f8055ebcbcfc41cd727b908
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67edce575ea04a1c6fedcf7054811b736a5ba3f0cfb9eb8140a6b5f422b53b03
6bfb935e7839a148dcb8cf4ec33436f130d0f3f44c51c58c9ad12f2f8f5c8a1f
89ffdcc7c149b81a4aa03769e1c69b47ac2a9c005dcb7fb00d9ae7560e9e3e4a
908ce5b8cb8b9424c55dd4b57f33252bf84d6713f2d67417560bbddf6b9fcd41
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a6d3d96be5ec1e5e3e4a5d51ebe5f71722312d2c03528e622c498bca4b1b0fa3
aea37db9db263c31a6961e5cfd79a44d2112195c69142b66725a4a94048cadb0
b64c2e5ebef290b887385f82dae5f8561ad62d5b836524728b751522b9561f96
b784c771369739c8cc60a51e5931477ac6a1ef0932d6b05f71f8e780d0ec7fd7
bb20a8a39f0035d73590f61565c4b373cb60085037186c2c8bc0e6e730dcff88
c13db279143e1845ee4aaee5afedc5bd75e9f7d50024b63883b45332c4960b3b
ea3a67cfb50b576086dc8ca92fd98c5dc24c78d1579d543573db293aca9b5a28
ed6fd415cc6ee8375785ba73334cbc0f5e25e55e27c6e0adff02fd9a6bd0328c
fc45efc6e63e4b16cc52fffb6294bef2ce4ab84a19075a993ab38d180ec1b6a4