onedrive.live.com Open in urlscan Pro
13.107.43.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/embed?cid=BCBE549BFDFB25DD&resid=BCBE549BFDFB25DD%21152&authkey=ABQ0mq_zRFdXS8U&em=2
Submission: On July 01 via manual (July 1st 2022, 9:28:31 am UTC) from IN — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 7 domains to perform 47 HTTP transactions. The main IP is 13.107.43.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com. The Cisco Umbrella rank of the primary domain is 2416.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on February 1st 2022. Valid for: a year.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.107.43.13 13.107.43.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2.21.20.153 2.21.20.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
18	2a02:26f0:300... 2a02:26f0:3000:28d::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.111.237.183 104.111.237.183	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.109.136.29 52.109.136.29	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	20.50.201.195 20.50.201.195	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
47	9

1 13.107.43.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.21.20.153 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-153.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:26f0:3000:28d::1c24 (Glattbrugg, Switzerland)

ASN20940 (AKAMAI-ASN1, NL)

c1h-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.237.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-183.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.109.136.29 (Cheyenne, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

messaging.engagement.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.50.201.195 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	office.net c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 5538	984 KB
16	live.com 1 redirects onedrive.live.com — Cisco Umbrella Rank: 2416 word-view.officeapps.live.com — Cisco Umbrella Rank: 8449 c.live.com — Cisco Umbrella Rank: 8479	264 KB
7	akamaihd.net spoprod-a.akamaihd.net — Cisco Umbrella Rank: 6108	301 KB
3	microsoft.com browser.events.data.microsoft.com — Cisco Umbrella Rank: 226 browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 109	1 KB
2	office.com messaging.engagement.office.com — Cisco Umbrella Rank: 708	449 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 182	1 KB
1	live.net js.live.net — Cisco Umbrella Rank: 11557	16 KB
47	7

	Domain	Requested by
18	c1h-word-view-15.cdn.office.net	word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
13	word-view.officeapps.live.com	onedrive.live.com word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
7	spoprod-a.akamaihd.net	onedrive.live.com
2	c.live.com	1 redirects
2	browser.events.data.microsoft.com	c1h-word-view-15.cdn.office.net
2	messaging.engagement.office.com	c1h-word-view-15.cdn.office.net
1	browser.pipe.aria.microsoft.com	c1h-word-view-15.cdn.office.net
1	c.bing.com	1 redirects
1	js.live.net	c1h-word-view-15.cdn.office.net
1	onedrive.live.com
47	10

This site contains no links.

Subject Issuer	Validity	Valid
onedrive.com Microsoft RSA TLS CA 02	`2022-02-01` - `2023-02-01`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2022-04-19` - `2023-04-18`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2021-09-29` - `2022-09-29`	a year	crt.sh
messaging.engagement.office.com DigiCert Cloud Services CA-1	`2022-03-14` - `2023-03-13`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02	`2022-05-21` - `2023-05-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://onedrive.live.com/embed?cid=BCBE549BFDFB25DD&resid=BCBE549BFDFB25DD%21152&authkey=ABQ0mq_zRFdXS8U&em=2
Frame ID: EFD01B0D7FC0C225CC4C6F2F82B9C35E
Requests: 9 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem
Frame ID: C69212BD7635BDFE3FCBFAF26E0A39AD
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

96 %
HTTPS

33 %
IPv6

7
Domains

10
Subdomains

9
IPs

5
Countries

1567 kB
Transfer

6865 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://c.live.com/c.gif?DI=15347&wlxid=0cf7b727-c886-4675-a2ac-4514da23fc08&reqid=001d1884831&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997DE1%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4659%26IR%3D1%26EX%3D0%26L.h%3D2654%26L.sjs%3D2864%26L.ttg%3D2654%26C.st%3D1656667704419%26N.domIn%3D2681%26N.dns%3D1%26N.tcp%3D64%26N.req%3D2460%26N.resp%3D5%26N.navType%3D0%26N.redirectCount%3D0&r=0.995381364316843 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=0cf7b727-c886-4675-a2ac-4514da23fc08&reqid=001d1884831&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997DE1%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4659%26IR%3D1%26EX%3D0%26L.h%3D2654%26L.sjs%3D2864%26L.ttg%3D2654%26C.st%3D1656667704419%26N.domIn%3D2681%26N.dns%3D1%26N.tcp%3D64%26N.req%3D2460%26N.resp%3D5%26N.navType%3D0%26N.redirectCount%3D0&r=0.995381364316843&CtsSyncId=24150C19F83240C88F6535875EFCEBE0&RedC=c.live.com&MXFR=1747202556546515145E31F1525461C5 HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=0cf7b727-c886-4675-a2ac-4514da23fc08&reqid=001d1884831&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997DE1%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4659%26IR%3D1%26EX%3D0%26L.h%3D2654%26L.sjs%3D2864%26L.ttg%3D2654%26C.st%3D1656667704419%26N.domIn%3D2681%26N.dns%3D1%26N.tcp%3D64%26N.req%3D2460%26N.resp%3D5%26N.navType%3D0%26N.redirectCount%3D0&r=0.995381364316843&CtsSyncId=24150C19F83240C88F6535875EFCEBE0&MUID=1747202556546515145E31F1525461C5

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request embed Show response
onedrive.live.com/ 61 KB
21 KB 2520ms
2456ms Document
text/html 13.107.43.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=BCBE549BFDFB25DD&resid=BCBE549BFDFB25DD%21152&authkey=ABQ0mq_zRFdXS8U&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.43.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7bcdebd1466791996e243c1b7f16a434341f6c9bfc664c5ad6a3ecd4a2716821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 09:28:26 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-msedge-ref: Ref A: 34A009FF61B3494F9EE60BED18843A6A Ref B: VIEEDGE1017 Ref C: 2022-07-01T09:28:24Z
x-msnserver: RD00155D997DE1
x-odwebserver: eastus0-odwebpl

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 85 KB
16 KB 94ms
22ms Stylesheet
text/css 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=BCBE549BFDFB25DD&resid=BCBE549BFDFB25DD%21152&authkey=ABQ0mq_zRFdXS8U&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Jul 2022 09:28:27 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6f0a1371-501e-0080-4432-fbbe78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15304124
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 169 KB
30 KB 90ms
19ms Stylesheet
text/css 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=BCBE549BFDFB25DD&resid=BCBE549BFDFB25DD%21152&authkey=ABQ0mq_zRFdXS8U&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Jul 2022 09:28:27 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 9eaec477-701e-00b5-1896-fb102d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=11544205
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame C692 133 KB
135 KB 191ms
79ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=BCBE549BFDFB25DD&resid=BCBE549BFDFB25DD%21152&authkey=ABQ0mq_zRFdXS8U&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3541731398b6f1059c9f111703ff187063519bfc95e498919132e7a7d3845c35

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 09:28:26 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: c97183d6-7902-4546-9e71-13f69d94ead9
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
x-msedge-ref: Ref A: 1E8421BFFBF74F7D9C0A1873ACF634EA Ref B: AM3EDGE1014 Ref C: 2022-07-01T09:28:27Z
x-officecluster: GEU4C
x-officefd: DU2PEPF00009245
x-officefe: DU2PEPF00009253
x-officeversion: 16.0.15424.41004
x-usersessionid: c97183d6-7902-4546-9e71-13f69d94ead9

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 92 KB
33 KB 71ms
18ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=BCBE549BFDFB25DD&resid=BCBE549BFDFB25DD%21152&authkey=ABQ0mq_zRFdXS8U&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Jul 2022 09:28:27 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 29c81963-d01e-00de-63ce-3d4d7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=22589899
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 483 KB
133 KB 74ms
21ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=BCBE549BFDFB25DD&resid=BCBE549BFDFB25DD%21152&authkey=ABQ0mq_zRFdXS8U&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Jul 2022 09:28:27 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4acc2b98-201e-0043-0a8f-3e373b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=22692592
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H3-Q050 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 47 KB
14 KB 29ms
28ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=BCBE549BFDFB25DD&resid=BCBE549BFDFB25DD%21152&authkey=ABQ0mq_zRFdXS8U&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Jul 2022 09:28:27 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ea603572-001e-0054-47e3-d5f758000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=11163957
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 203 KB
68 KB 30ms
29ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=BCBE549BFDFB25DD&resid=BCBE549BFDFB25DD%21152&authkey=ABQ0mq_zRFdXS8U&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Jul 2022 09:28:27 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 449c47a3-c01e-000d-37a6-eaf2de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=13446887
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 15 KB
6 KB 35ms
35ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=BCBE549BFDFB25DD&resid=BCBE549BFDFB25DD%21152&authkey=ABQ0mq_zRFdXS8U&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Jul 2022 09:28:27 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 14332129-701e-0024-0947-43708d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=23171863
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/1031/ Frame C692 271 KB
34 KB 168ms
40ms Stylesheet
text/css 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/1031/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c69650ab0b68842c0938498b0be309cff9c4c246f471aac4f25af29de9147cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "a5a95e39a886d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF000131E9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33768
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 23 Jun 2022 02:23:28 GMT
x-officefd: AM4PEPF000131E9
x-msedge-ref: Ref A: 15D0C6A9997C48D78CAD7EC2751762E1 Ref B: VIEEDGE4114 Ref C: 2022-06-26T13:17:08Z
x-usersessionid: 36a7c7e9-9470-409a-8d6c-f5ad24221080
date: Fri, 01 Jul 2022 09:28:27 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 36a7c7e9-9470-409a-8d6c-f5ad24221080
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/ Frame C692 106 KB
24 KB 241ms
115ms Script
application/javascript 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d7fa7fb90d87e699218623828dc3fc14eca17ea1b4f771b84acb4e4ea3ec222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "83a498a4a286d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF0001237F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23681
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 23 Jun 2022 01:43:31 GMT
x-officefd: AM4PEPF0001237F
x-msedge-ref: Ref A: BF5A24C9E410492390CA895164D7BF40 Ref B: VIEEDGE3716 Ref C: 2022-06-26T10:45:39Z
x-usersessionid: b668fdcd-f52f-4782-bbcd-3747a79bc1cc
date: Fri, 01 Jul 2022 09:28:27 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b668fdcd-f52f-4782-bbcd-3747a79bc1cc
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h85BFDB3374723962_App_Scripts/1031/ Frame C692 157 KB
33 KB 247ms
123ms Script
application/javascript 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h85BFDB3374723962_App_Scripts/1031/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

99add3b922b361d2b642749d182529f39d460c075d48201f5e95e3552fa0f12a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"2f5a35bfec8bd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF00012934
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 32906
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 29 Jun 2022 19:16:34 GMT
x-officefd: AM4PEPF00012934
x-msedge-ref: Ref A: 57EDF4EB97D34350A092B27B2E24CE89 Ref B: VIEEDGE3622 Ref C: 2022-06-29T19:16:34Z
x-usersessionid: f30d1e8f-d8f3-411c-8720-aa52fa21b9c3
date: Fri, 01 Jul 2022 09:28:27 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f30d1e8f-d8f3-411c-8720-aa52fa21b9c3
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame C692 6 KB
2 KB 249ms
124ms Script
application/javascript 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "00c12a4480d81:0"
x-officecluster: GEU1C
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF0000D3EE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 1373
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Tue, 14 Jun 2022 23:12:07 GMT
x-officefd: AM4PEPF0000D7C7
x-msedge-ref: Ref A: 27FDD3B7C8AD46EAB6787BAD7D304C61 Ref B: VIEEDGE2207 Ref C: 2022-06-19T04:01:02Z
x-usersessionid: 0f0ad1dc-a2f8-498e-9af0-c829d2b20448
date: Fri, 01 Jul 2022 09:28:27 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0f0ad1dc-a2f8-498e-9af0-c829d2b20448
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/ Frame C692 21 KB
5 KB 65ms
64ms Script
application/javascript 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "6d1c931fa886d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF000102D9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 4307
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Thu, 23 Jun 2022 02:22:44 GMT
x-officefd: AM4PEPF000102D9
x-usersessionid: 04c8e04d-4eb6-4a1f-ba87-988df2247820
date: Fri, 01 Jul 2022 09:28:27 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 04c8e04d-4eb6-4a1f-ba87-988df2247820
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h06A34F354A3A9B66_App_Scripts/1031/ Frame C692 475 KB
74 KB 164ms
38ms Script
application/javascript 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h06A34F354A3A9B66_App_Scripts/1031/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

06a34f354a3a9b66cc5f421e8892787d47a6fe5b2f43e4b3f6bd3f5ac567035b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"2b9836bfec8bd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF0001030D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 75127
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 29 Jun 2022 19:16:34 GMT
x-officefd: AM4PEPF0001030D
x-msedge-ref: Ref A: F4AEFE43BE0944489E44029240493515 Ref B: VIEEDGE1914 Ref C: 2022-06-29T19:16:34Z
x-usersessionid: 624fc184-1dd0-4e23-83dd-7ca16c68ba3a
date: Fri, 01 Jul 2022 09:28:27 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 624fc184-1dd0-4e23-83dd-7ca16c68ba3a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h6662A93934520190_App_Scripts/exp/ Frame C692 7 KB
3 KB 209ms
83ms Script
application/javascript 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h6662A93934520190_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6662a939345201908a1445278607ca9ef6ae651f3756ceedc1b2d8896ea26f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"37b82c6de28bd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15416.41016
x-officefe: DB5PEPF000083D5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 2435
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Wed, 29 Jun 2022 18:02:41 GMT
x-officefd: DB5PEPF000083D5
x-msedge-ref: Ref A: BE41D5806C8940D29B4D8742E3DF2E22 Ref B: VIEEDGE4117 Ref C: 2022-06-29T18:02:41Z
x-usersessionid: 084bbdea-2503-428f-ab7b-e6fc1309eb7f
date: Fri, 01 Jul 2022 09:28:27 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 084bbdea-2503-428f-ab7b-e6fc1309eb7f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h2235B31AC4DECC50_App_Scripts/ Frame C692 3 MB
462 KB 67ms
67ms Script
application/javascript 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h2235B31AC4DECC50_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2235b31ac4decc50f771eccc383a3cf2db7be4ab171c0a24f22d2ca603395306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"b51d216de28bd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF000069E3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 471841
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 29 Jun 2022 18:02:41 GMT
x-officefd: AM4PEPF000069E3
x-msedge-ref: Ref A: 7212BE153F584E0BB6577BF7B692DA8F Ref B: VIEEDGE3413 Ref C: 2022-06-29T18:02:41Z
x-usersessionid: c1ef4b16-a69e-407f-9405-a06f2c3a7a69
date: Fri, 01 Jul 2022 09:28:27 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: c1ef4b16-a69e-407f-9405-a06f2c3a7a69
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame C692 49 KB
50 KB 1244ms
1244ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&access_token=4wGle%2DxvdkXTzZhCihAkXxTYLrhJNLGIALs4%5FiG5y7wc1sq7hnX1iannzTzKWBYnnCGrLCD012b%5FkH%5F4KhKNRu3sHjPJQ4NS1gsCpecoVvPArXCSA0p1790weLUVI8%2D%5FP%2De83mjURKcR7Jsg9VtJ2gVA&access_token_ttl=1658482106827&z=aQkNCRTU0OUJGREZCMjVERCExNTIuMTU&v=00000000-0000-0000-0000-000000000802&usid=c97183d6-7902-4546-9e71-13f69d94ead9&splashscreen=1&build=16.0.15424.41004&PdfMode=1&waccluster=GEU4C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

4fb79cc705791dccdd327db6b0329c6de4d4d3154dbc7b394b45c98c99aede87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
x-proxy-datacenter: SNL1
x-officecluster: GEU4C
x-wacfrontend: DU2PEPF00009253
x-officeversion: 16.0.15424.41004
x-officefe: DU2PEPF00009253
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-officefdproxy: AM4PEPF000141DA
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 50636
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&access_token=4wGle%2DxvdkXTzZhCihAkXxTYLrhJNLGIALs4%5FiG5y7wc1sq7hnX1iannzTzKWBYnnCGrLCD012b%5FkH%5F4KhKNRu3sHjPJQ4NS1gsCpecoVvPArXCSA0p1790weLUVI8%2D%5FP%2De83mjURKcR7Jsg9VtJ2gVA&access_token_ttl=1658482106827&z=aQkNCRTU0OUJGREZCMjVERCExNTIuMTU00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: fb604bfc-e4bb-4e22-8348-5c2ae861548a, ebc8b22e-ce81-4b31-82d2-2e46fb0cf787
x-officefd: AM4PEPF000141DA
x-usersessionid: c97183d6-7902-4546-9e71-13f69d94ead9, c97183d6-7902-4546-9e71-13f69d94ead9
x-powered-by: ARR/3.0
date: Fri, 01 Jul 2022 09:28:27 GMT
x-download-options: noopen
content-type: image/png
x-officefd-wac-fwd: https://GEU4Cdso-word-view.officeapps.live.com/wv/ResReader.ashx?correlation=fb604bfc-e4bb-4e22-8348-5c2ae861548a
cache-control: private
x-msedge-ref: Ref A: 07D5328FB85A4358BACF0D2F4FBCF536 Ref B: AM3EDGE1014 Ref C: 2022-07-01T09:28:27Z
timing-allow-origin: *, *
x-content-type-options: nosniff
expires: Sat, 01 Jul 2023 09:28:28 GMT

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame C692 0
349 B 55ms
54ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15424.41004&waccluster=GEU4C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: c97183d6-7902-4546-9e71-13f69d94ead9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: DU2PEPF00009244
x-officeversion: 16.0.15424.41004
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: d73240ed-cadb-4b07-a3e5-d4abc4daa1ac
x-officecluster: GEU4C
x-usersessionid: c97183d6-7902-4546-9e71-13f69d94ead9
date: Fri, 01 Jul 2022 09:28:26 GMT
x-download-options: noopen
content-type: text/plain
x-officertcproxy: DB5PEPF0000F2FE
cache-control: private
x-msedge-ref: Ref A: 829A8C8CEA8840E7AB57C6218386EDFF Ref B: AM3EDGE1014 Ref C: 2022-07-01T09:28:27Z
timing-allow-origin: *
x-officefe: DU2PEPF00009253

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame C692 0
397 B 60ms
60ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15424.41004&waccluster=GEU4C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: c97183d6-7902-4546-9e71-13f69d94ead9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":219,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/hC69650AB0B68842C_resources/1031/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: DU2PEPF00009245
x-officeversion: 16.0.15424.41004
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid: e996b6e2-3a98-4cd5-9fd3-6dcdce64c4ea
x-officecluster: GEU4C
x-usersessionid: c97183d6-7902-4546-9e71-13f69d94ead9
date: Fri, 01 Jul 2022 09:28:26 GMT
x-download-options: noopen
content-type: text/plain
x-officertcproxy: AM4PEPF0001293B
cache-control: private
x-msedge-ref: Ref A: 82CC8649DF9A4C4E84430B40A6C729AB Ref B: AM3EDGE1014 Ref C: 2022-07-01T09:28:27Z
timing-allow-origin: *
x-officefe: DU2PEPF00009253

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame C692 0
313 B 56ms
55ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15424.41004&waccluster=GEU4C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: c97183d6-7902-4546-9e71-13f69d94ead9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":494,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: DU2PEPF00009242
x-officeversion: 16.0.15424.41004
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 3837e21b-202b-47b7-9c90-6bd5c9eb9452
x-officecluster: GEU4C
x-usersessionid: c97183d6-7902-4546-9e71-13f69d94ead9
date: Fri, 01 Jul 2022 09:28:27 GMT
x-download-options: noopen
content-type: text/plain
x-officertcproxy: AM4PEPF00006A1C
cache-control: private
x-msedge-ref: Ref A: 56D00432FE7F4DBBA4B281997F5BD931 Ref B: AM3EDGE1014 Ref C: 2022-07-01T09:28:27Z
timing-allow-origin: *
x-officefe: DU2PEPF00009253

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/1031/ Frame C692 22 KB
23 KB 40ms
40ms Font
font/x-woff 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/1031/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/1031/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/1031/WordViewer.css
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"93376c3b8389d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15416.41016
x-officefe: DB5PEPF0000D03D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 26 Jun 2022 17:36:13 GMT
x-officefd: DB5PEPF0000D03D
x-msedge-ref: Ref A: F633D9BA66D64CE786457963998573F6 Ref B: VIEEDGE4221 Ref C: 2022-06-26T17:36:13Z
x-usersessionid: f41f239c-4468-46c2-a400-c3519294e2c9
date: Fri, 01 Jul 2022 09:28:27 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: f41f239c-4468-46c2-a400-c3519294e2c9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame C692 356 B
968 B 631ms
631ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&access_token=4wGle%2DxvdkXTzZhCihAkXxTYLrhJNLGIALs4%5FiG5y7wc1sq7hnX1iannzTzKWBYnnCGrLCD012b%5FkH%5F4KhKNRu3sHjPJQ4NS1gsCpecoVvPArXCSA0p1790weLUVI8%2D%5FP%2De83mjURKcR7Jsg9VtJ2gVA&access_token_ttl=1658482106827&z=aQkNCRTU0OUJGREZCMjVERCExNTIuMTU&type=png&o15=1&ui=de-DE&PdfMode=1&DebugRedirectionInfo=true

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

62f3ac2a01b19f44f87630d68913625eaf6efed016f19db2b7d9ed92bf845e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DU2PEPF00009253
X-UserSessionId: c97183d6-7902-4546-9e71-13f69d94ead9
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15424.41004
X-Key: Yf8iKNlTXmbufGuJPD7DgONpWy45EIzjgMV2YF7+V5c=,637922645072521574
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: GEU4C

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-proxy-datacenter: PNL1
x-officecluster: GEU4C
x-wacfrontend: DU2PEPF00009253
x-officeversion: 16.0.15424.41004
x-officefe: DU2PEPF00009253
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-officefdproxy: AM4PEPF0001293B
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 350
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 2713294a-c7e3-4c87-8736-cfd8955c386b, b8d91c3d-aae5-41cf-9425-d117e0007ed9
x-officefd: AM4PEPF0001293B
x-usersessionid: c97183d6-7902-4546-9e71-13f69d94ead9, c97183d6-7902-4546-9e71-13f69d94ead9
x-powered-by: ARR/3.0
date: Fri, 01 Jul 2022 09:28:27 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
x-officefd-wac-fwd: https://GEU4Cdso-word-view.officeapps.live.com/wv/docdatahandler.ashx?correlation=2713294a-c7e3-4c87-8736-cfd8955c386b
cache-control: private
x-msedge-ref: Ref A: 093D7B649AFE4FF9ABBFA06ECCACBB83 Ref B: AM3EDGE1014 Ref C: 2022-07-01T09:28:27Z
timing-allow-origin: *, *
x-content-type-options: nosniff
expires: Sat, 01 Jul 2023 09:28:28 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/ Frame C692 40 KB
7 KB 38ms
38ms Script
application/javascript 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h2235B31AC4DECC50_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ce0cb5e1645f246e4ce6f2f47a8b4793d4a72c8a0b7fb811081529010c53c0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ce41db6de28bd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15416.41016
x-officefe: DB5PEPF00008421
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 6020
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 29 Jun 2022 18:02:42 GMT
x-officefd: DB5PEPF00008421
x-msedge-ref: Ref A: 0208DC48700146B0A6835550A1A411CD Ref B: VIEEDGE4307 Ref C: 2022-06-29T18:02:42Z
x-usersessionid: 29caecad-7767-4b5d-88e6-ed65284d764e
date: Fri, 01 Jul 2022 09:28:27 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 29caecad-7767-4b5d-88e6-ed65284d764e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wapsw.png
c1h-word-view-15.cdn.office.net/wv/s/161542441004_resources/1031/ Frame C692 6 KB
6 KB 41ms
41ms Image
image/png 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161542441004_resources/1031/wapsw.png?b=1601542441004

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"552357c63a8cd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF000131E8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5884
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 30 Jun 2022 04:35:07 GMT
x-officefd: AM4PEPF000131E8
x-msedge-ref: Ref A: D5431B15DEEE40829BF73853003D8AC2 Ref B: VIEEDGE3918 Ref C: 2022-06-30T04:35:07Z
x-usersessionid: 4f0e4375-bb86-4ef9-aeec-6dad68c0c7c5
date: Fri, 01 Jul 2022 09:28:27 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 4f0e4375-bb86-4ef9-aeec-6dad68c0c7c5
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161542441004_resources/1031/ Frame C692 34 KB
35 KB 45ms
44ms Image
image/png 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161542441004_resources/1031/wv.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"8576bcc0ec8bd81:0"
x-officecluster: GEU2C
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF0000D41F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 35196
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Wed, 29 Jun 2022 19:16:36 GMT
x-officefd: AM4PEPF0000D7D4
x-msedge-ref: Ref A: 62BEDC10EE6E47D5A8985605F534B85B Ref B: VIEEDGE1716 Ref C: 2022-06-29T19:16:36Z
x-usersessionid: 1d95878f-2000-4048-8e6a-5720a1797efe
date: Fri, 01 Jul 2022 09:28:27 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 1d95878f-2000-4048-8e6a-5720a1797efe
accept-ranges: bytes
timing-allow-origin: *

GET
BLOB 200
OK 80960385-49d8-45f5-bc8c-b56b0f87b91b
https://word-view.officeapps.live.com/ Frame C692 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/80960385-49d8-45f5-bc8c-b56b0f87b91b
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame C692 0
268 B 56ms
55ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15424.41004&waccluster=GEU4C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: c97183d6-7902-4546-9e71-13f69d94ead9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":1182,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: DU2PEPF000082F6
x-officeversion: 16.0.15424.41004
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 42196212-2e90-43c8-a0e8-d2713449d188
x-officecluster: GEU4C
x-usersessionid: c97183d6-7902-4546-9e71-13f69d94ead9
date: Fri, 01 Jul 2022 09:28:27 GMT
x-download-options: noopen
content-type: text/plain
x-officertcproxy: AM4PEPF000069E9
cache-control: private
x-msedge-ref: Ref A: 95F1E7F8F3314E3181DA5FEE9BDCC8B9 Ref B: AM3EDGE1014 Ref C: 2022-07-01T09:28:28Z
timing-allow-origin: *
x-officefe: DU2PEPF00009253

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h2235B31AC4DECC50_App_Scripts/ Frame C692 839 KB
138 KB 39ms
39ms Script
application/javascript 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h2235B31AC4DECC50_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h2235B31AC4DECC50_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d22b1643e6957677d3162c41237a7f58488416192b45feb271af9736d94471b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"dbaa6ee28bd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF00012375
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 140412
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 29 Jun 2022 18:02:43 GMT
x-officefd: AM4PEPF00012375
x-msedge-ref: Ref A: 2427A8E5014F4899881EAD1D3C38D39C Ref B: VIEEDGE3009 Ref C: 2022-06-29T18:02:43Z
x-usersessionid: 732a0f01-2a63-47c8-9ee4-a8a384801bed
date: Fri, 01 Jul 2022 09:28:28 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 732a0f01-2a63-47c8-9ee4-a8a384801bed
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedback_floodgate.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/Feedback/latest/ Frame C692 553 KB
103 KB 39ms
39ms Script
application/javascript 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h2235B31AC4DECC50_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5a00b910eb0d426212e34de07a1672c9037ce8ee8412bf90be211a2fd6f389d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"8e76446ee28bd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15416.41016
x-officefe: DB5PEPF000083EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 104275
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_excelslice_control,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 29 Jun 2022 18:02:43 GMT
x-officefd: DB5PEPF000083EC
x-msedge-ref: Ref A: 735B6A03FC3646BB9D30C222551B0FE8 Ref B: VIEEDGE4221 Ref C: 2022-06-29T18:02:43Z
x-usersessionid: 09f55d22-3f4f-4f6a-a37a-91185c495243
date: Fri, 01 Jul 2022 09:28:28 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 09f55d22-3f4f-4f6a-a37a-91185c495243
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame C692 0
506 B 60ms
59ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15424.41004&waccluster=GEU4C&DebugRedirectionInfo=true

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DU2PEPF00009253
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15424.41004
X-Key: Yf8iKNlTXmbufGuJPD7DgONpWy45EIzjgMV2YF7+V5c=,637922645072521574
X-bULS-SuppressionETag: CA78EF8008219FD41B3BEECBDC5469C32D39C9D9
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wGle-xvdkXTzZhCihAkXxTYLrhJNLGIALs4_iG5y7wc1sq7hnX1iannzTzKWBYnnCGrLCD012b_kH_4KhKNRu3sHjPJQ4NS1gsCpecoVvPArXCSA0p1790weLUVI8-_P-e83mjURKcR7Jsg9VtJ2gVA
X-UserSessionId: c97183d6-7902-4546-9e71-13f69d94ead9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1658482106827
X-WacCluster: GEU4C

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: DU2PEPF00009242
x-officeversion: 16.0.15424.41004
x-officefe: DU2PEPF00009253
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: CA78EF8008219FD41B3BEECBDC5469C32D39C9D9
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: e6384932-68ae-4a0c-9692-09ef145407f8
x-officecluster: GEU4C
x-usersessionid: c97183d6-7902-4546-9e71-13f69d94ead9
date: Fri, 01 Jul 2022 09:28:27 GMT
x-download-options: noopen
content-type: text/plain
x-officertcproxy: DB5PEPF0000C62A
cache-control: private
x-msedge-ref: Ref A: 5C35F916BBCE42E983008C977459D0A0 Ref B: AM3EDGE1014 Ref C: 2022-07-01T09:28:28Z
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161542441004_resources/1031/ Frame C692 695 B
1 KB 40ms
39ms Image
image/gif 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161542441004_resources/1031/progress.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"58a02947b8cd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15416.41016
x-officefe: DB5PEPF0000C633
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 29 Jun 2022 22:55:07 GMT
x-officefd: DB5PEPF0000C633
x-msedge-ref: Ref A: DF163D0BF0E44802AB1117F7AB9B3981 Ref B: VIEEDGE4407 Ref C: 2022-06-29T22:55:07Z
x-usersessionid: 557f99fa-4154-4a2a-8ebf-0a9ce1c8a9b8
date: Fri, 01 Jul 2022 09:28:28 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: 557f99fa-4154-4a2a-8ebf-0a9ce1c8a9b8
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame C692 49 KB
50 KB 158ms
158ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=c97183d6-7902-4546-9e71-13f69d94ead9&build=16.0.15424.41004&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&access_token=4wGle-xvdkXTzZhCihAkXxTYLrhJNLGIALs4_iG5y7wc1sq7hnX1iannzTzKWBYnnCGrLCD012b_kH_4KhKNRu3sHjPJQ4NS1gsCpecoVvPArXCSA0p1790weLUVI8-_P-e83mjURKcR7Jsg9VtJ2gVA&access_token_ttl=1658482107382&z=aQkNCRTU0OUJGREZCMjVERCExNTIuMTU&waccluster=GEU4C&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

4fb79cc705791dccdd327db6b0329c6de4d4d3154dbc7b394b45c98c99aede87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
x-proxy-datacenter: PIE1
x-officecluster: GEU4C
x-wacfrontend: DU2PEPF00009253
x-officeversion: 16.0.15424.41004
x-officefe: DU2PEPF00009253
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-officefdproxy: DB5PEPF0000F2FE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 50636
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&access_token=4wGle%2DxvdkXTzZhCihAkXxTYLrhJNLGIALs4%5FiG5y7wc1sq7hnX1iannzTzKWBYnnCGrLCD012b%5FkH%5F4KhKNRu3sHjPJQ4NS1gsCpecoVvPArXCSA0p1790weLUVI8%2D%5FP%2De83mjURKcR7Jsg9VtJ2gVA&access_token_ttl=1658482107382&z=aQkNCRTU0OUJGREZCMjVERCExNTIuMTU00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 0d2e8ac2-077a-436c-93d3-16a3d22909ed, 72971f29-d4bb-4973-88e9-6db4598a40c4
x-officefd: DB5PEPF0000F2FE
x-usersessionid: c97183d6-7902-4546-9e71-13f69d94ead9, c97183d6-7902-4546-9e71-13f69d94ead9
x-powered-by: ARR/3.0
date: Fri, 01 Jul 2022 09:28:27 GMT
x-download-options: noopen
content-type: image/png
x-officefd-wac-fwd: https://GEU4Cdso-word-view.officeapps.live.com/wv/ResReader.ashx?correlation=0d2e8ac2-077a-436c-93d3-16a3d22909ed
cache-control: private
x-msedge-ref: Ref A: 8F1FFFDD017F4E72B6D1103B6B55514F Ref B: AM3EDGE1014 Ref C: 2022-07-01T09:28:28Z
timing-allow-origin: *, *
x-content-type-options: nosniff
expires: Sat, 01 Jul 2023 09:28:28 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame C692 2 KB
2 KB 112ms
112ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=c97183d6-7902-4546-9e71-13f69d94ead9&build=16.0.15424.41004&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&access_token=4wGle%2DxvdkXTzZhCihAkXxTYLrhJNLGIALs4%5FiG5y7wc1sq7hnX1iannzTzKWBYnnCGrLCD012b%5FkH%5F4KhKNRu3sHjPJQ4NS1gsCpecoVvPArXCSA0p1790weLUVI8%2D%5FP%2De83mjURKcR7Jsg9VtJ2gVA&access_token_ttl=1658482106827&z=aQkNCRTU0OUJGREZCMjVERCExNTIuMTU&waccluster=GEU4C&PdfMode=1&DebugRedirectionInfo=true

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

5f7b5b9cc2b43a45295928645f4ea8c0324c39d31e53f492e510f3b15bc9c2e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DU2PEPF00009253
X-UserSessionId: c97183d6-7902-4546-9e71-13f69d94ead9
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15424.41004
X-Key: Yf8iKNlTXmbufGuJPD7DgONpWy45EIzjgMV2YF7+V5c=,637922645072521574
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: GEU4C

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-proxy-datacenter: PNL1
x-officecluster: GEU4C
x-wacfrontend: DU2PEPF00009253
x-officeversion: 16.0.15424.41004
x-officefe: DU2PEPF00009253
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-officefdproxy: AM4PEPF00006A0A
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 859
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&access_token=4wGle%2DxvdkXTzZhCihAkXxTYLrhJNLGIALs4%5FiG5y7wc1sq7hnX1iannzTzKWBYnnCGrLCD012b%5FkH%5F4KhKNRu3sHjPJQ4NS1gsCpecoVvPArXCSA0p1790weLUVI8%2D%5FP%2De83mjURKcR7Jsg9VtJ2gVA&access_token_ttl=1658482106827&z=aQkNCRTU0OUJGREZCMjVERCExNTIuMTU00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5f87ed64-a179-4bfe-82bc-de496010ce3a, c8a15095-9385-47aa-b184-005fa75ee600
x-officefd: AM4PEPF00006A0A
x-usersessionid: c97183d6-7902-4546-9e71-13f69d94ead9, c97183d6-7902-4546-9e71-13f69d94ead9
x-powered-by: ARR/3.0
date: Fri, 01 Jul 2022 09:28:27 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
x-officefd-wac-fwd: https://GEU4Cdso-word-view.officeapps.live.com/wv/ResReader.ashx?correlation=5f87ed64-a179-4bfe-82bc-de496010ce3a
cache-control: private
x-msedge-ref: Ref A: 8099697E75404FCBBB5830B09F46A6DD Ref B: AM3EDGE1014 Ref C: 2022-07-01T09:28:28Z
timing-allow-origin: *, *
x-content-type-options: nosniff
expires: Sat, 01 Jul 2023 09:28:28 GMT

GET
H2 200 officebrowserfeedback.css
c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/Feedback/latest/ Frame C692 18 KB
3 KB 44ms
43ms Stylesheet
text/css 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"cc88856ee28bd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15416.41016
x-officefe: DB5PEPF0000C62C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2711
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 29 Jun 2022 18:02:44 GMT
x-officefd: DB5PEPF0000C62C
x-msedge-ref: Ref A: B9BA0C31D8E8415AA95B5B839A93723A Ref B: VIEEDGE3417 Ref C: 2022-06-29T18:02:44Z
x-usersessionid: ca6aa55b-1b1c-4694-bd2f-9d8772cfa527
date: Fri, 01 Jul 2022 09:28:28 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: ca6aa55b-1b1c-4694-bd2f-9d8772cfa527
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedbackstrings.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/Feedback/latest/Intl/de/ Frame C692 2 KB
2 KB 38ms
38ms Script
application/javascript 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/Feedback/latest/Intl/de/officebrowserfeedbackstrings.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

519dc56ed053dbbb1df9327006ed3777c667f9c88ba36af49ae6e64fe6d4c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"399fac5ec8bd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF00012941
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1044
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 29 Jun 2022 19:16:45 GMT
x-officefd: AM4PEPF00012941
x-msedge-ref: Ref A: 9C7313253592422BA8A8C6AABD44F64B Ref B: VIEEDGE4107 Ref C: 2022-06-29T19:16:45Z
x-usersessionid: 6f731c46-6ca3-471c-ac76-50d24f1e6d1f
date: Fri, 01 Jul 2022 09:28:28 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 6f731c46-6ca3-471c-ac76-50d24f1e6d1f
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame C692 0
450 B 56ms
56ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15424.41004&waccluster=GEU4C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: c97183d6-7902-4546-9e71-13f69d94ead9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1364,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: DU2PEPF00009243
x-officeversion: 16.0.15424.41004
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 119a4dfa-a324-4bee-805e-5cf55a228d93
x-officecluster: GEU4C
x-usersessionid: c97183d6-7902-4546-9e71-13f69d94ead9
date: Fri, 01 Jul 2022 09:28:27 GMT
x-download-options: noopen
content-type: text/plain
x-officertcproxy: AM4PEPF00012376
cache-control: private
x-msedge-ref: Ref A: C5712356DD434163AE0103E0F6F309E2 Ref B: AM3EDGE1014 Ref C: 2022-07-01T09:28:28Z
timing-allow-origin: *
x-officefe: DU2PEPF00009253

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame C692 42 KB
16 KB 255ms
23ms Script
application/javascript 104.111.237.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h2235B31AC4DECC50_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.111.237.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-183.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 01 Jul 2022 09:28:29 GMT
X-MSNServer: RD0003FF242117
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=15152, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H2 200 otelFull.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/ Frame C692 99 KB
29 KB 38ms
38ms Script
application/javascript 2a02:26f0:3000:28d::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/otelFull.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h2235B31AC4DECC50_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3000:28d::1c24 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"80695c6ee28bd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF00010ABA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 28874
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 29 Jun 2022 18:02:43 GMT
x-officefd: AM4PEPF00010ABA
x-msedge-ref: Ref A: 4BD9EDACE05F4D01B4B25CBE76A17050 Ref B: VIEEDGE4311 Ref C: 2022-06-29T18:02:43Z
x-usersessionid: 14e982e5-6b44-46d7-9711-cd1038d0eb08
date: Fri, 01 Jul 2022 09:28:28 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 14e982e5-6b44-46d7-9711-cd1038d0eb08
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 campaignmetadataaggregator Show response
messaging.engagement.office.com/ Frame C692 107 B
449 B 186ms
185ms Fetch
text/plain 52.109.136.29
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://messaging.engagement.office.com/campaignmetadataaggregator?country=DE&locale=de-DE&app=2155&platform=Web&version=16.0.15424.41004&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DGEU4C%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%3Bwordfloodgateflight15%3Bwordfloodgateflight3%3Bwordfloodgateflight4%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3Bwordfloodgateflight15%3Bwordfloodgateflight3%3Bwordfloodgateflight4%3B&ageGroup=0&sessionUserType=2

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.136.29 Cheyenne, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

235935e5a4193a56a35bac70e03cefd0b90e25534209b4217147594f5d25da6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
x-correlationid: 9ca18af2-66ef-49c4-b81c-61815deab5c6
x-usersessionid: ebf83134-726c-47c6-3723-43c3bc7e1ca8
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:28:29 GMT
x-activitytraceid: b423e7c9e5f20c9102907e3223ecde6a
x-correlationid: b423e7c9-e5f2-0c91-0290-7e3223ecde6a
server: Microsoft-HTTPAPI/2.0
x-servicefabricrequestid: da9932c0-2ab7-4f4a-ba57-542e6c5381c2
strict-transport-security: max-age=31536000
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-machine: OmexNodes00000E__omexexternal-prod-wcus-000_14
x-buildversion: 22.4.10628.11633

OPTIONS
H2 204 campaignmetadataaggregator
messaging.engagement.office.com/ Frame 0
0 493ms
153ms Preflight 52.109.136.29
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.136.29 Cheyenne, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Access-Control-Request-Method: GET
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: x-correlationid,x-usersessionid
access-control-allow-methods: GET
access-control-allow-origin: *
date: Fri, 01 Jul 2022 09:28:29 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-activitytraceid: 79570f6e2f3c8a482b55029768715163
x-buildversion: 22.4.10628.11633
x-correlationid: 79570f6e-2f3c-8a48-2b55-029768715163
x-machine: OmexNodes000001__omexexternal-prod-wcus-000_1
x-servicefabricrequestid: 26af7b63-4f1b-455c-ae51-49ce0968f42c

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame C692 4 B
378 B 127ms
26ms XHR
application/json 20.50.201.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/ping

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/otelFull.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.201.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 01 Jul 2022 09:28:28 GMT
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2

200

c.gif
c.live.com/
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=0cf7b727-c886-4675-a2ac-4514da23fc08&reqid=001d1884831&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997DE1%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=0cf7b727-c886-4675-a2ac-4514da23fc08&reqid=001d1884831&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997DE1%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=0cf7b727-c886-4675-a2ac-4514da23fc08&reqid=001d1884831&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997DE1%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
255 B

40ms
40ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=0cf7b727-c886-4675-a2ac-4514da23fc08&reqid=001d1884831&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997DE1%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4659%26IR%3D1%26EX%3D0%26L.h%3D2654%26L.sjs%3D2864%26L.ttg%3D2654%26C.st%3D1656667704419%26N.domIn%3D2681%26N.dns%3D1%26N.tcp%3D64%26N.req%3D2460%26N.resp%3D5%26N.navType%3D0%26N.redirectCount%3D0&r=0.995381364316843&CtsSyncId=24150C19F83240C88F6535875EFCEBE0&MUID=1747202556546515145E31F1525461C5
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 09:28:29 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 01 Jul 2022 09:28:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F61980E0351F41DCADFF2F40CED57602 Ref B: FRAEDGE1507 Ref C: 2022-07-01T09:28:29Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=0cf7b727-c886-4675-a2ac-4514da23fc08&reqid=001d1884831&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D997DE1%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4659%26IR%3D1%26EX%3D0%26L.h%3D2654%26L.sjs%3D2864%26L.ttg%3D2654%26C.st%3D1656667704419%26N.domIn%3D2681%26N.dns%3D1%26N.tcp%3D64%26N.req%3D2460%26N.resp%3D5%26N.navType%3D0%26N.redirectCount%3D0&r=0.995381364316843&CtsSyncId=24150C19F83240C88F6535875EFCEBE0&MUID=1747202556546515145E31F1525461C5
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 translation.ashx Show response
word-view.officeapps.live.com/wv/ Frame C692 2 KB
2 KB 52ms
51ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&access_token=4wGle%2DxvdkXTzZhCihAkXxTYLrhJNLGIALs4%5FiG5y7wc1sq7hnX1iannzTzKWBYnnCGrLCD012b%5FkH%5F4KhKNRu3sHjPJQ4NS1gsCpecoVvPArXCSA0p1790weLUVI8%2D%5FP%2De83mjURKcR7Jsg9VtJ2gVA&access_token_ttl=1658482106827&z=aQkNCRTU0OUJGREZCMjVERCExNTIuMTU&uilang=de-DE&DebugRedirectionInfo=true

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

922201786205da9c51ac0752e274be6614d995d39e92d18908babf44c74517c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DU2PEPF00009253
X-UserSessionId: c97183d6-7902-4546-9e71-13f69d94ead9
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15424.41004
X-Key: Yf8iKNlTXmbufGuJPD7DgONpWy45EIzjgMV2YF7+V5c=,637922645072521574
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: GEU4C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: GEU4C
x-wacfrontend: DU2PEPF00009253
x-officeversion: 16.0.15424.41004
x-officefe: DU2PEPF00009253
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 1455
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid: 86791241-4884-417f-ad2f-04152aa5943f
x-officefd: DU2PEPF00009243
x-usersessionid: c97183d6-7902-4546-9e71-13f69d94ead9
date: Fri, 01 Jul 2022 09:28:28 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 7874AD8803DF43EDA3FA179F772EE600 Ref B: AM3EDGE1014 Ref C: 2022-07-01T09:28:29Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame C692 0
240 B 76ms
76ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15424.41004&waccluster=GEU4C&DebugRedirectionInfo=true

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DU2PEPF00009253
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15424.41004
X-Key: Yf8iKNlTXmbufGuJPD7DgONpWy45EIzjgMV2YF7+V5c=,637922645072521574
X-bULS-SuppressionETag: CA78EF8008219FD41B3BEECBDC5469C32D39C9D9
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wGle-xvdkXTzZhCihAkXxTYLrhJNLGIALs4_iG5y7wc1sq7hnX1iannzTzKWBYnnCGrLCD012b_kH_4KhKNRu3sHjPJQ4NS1gsCpecoVvPArXCSA0p1790weLUVI8-_P-e83mjURKcR7Jsg9VtJ2gVA
X-UserSessionId: c97183d6-7902-4546-9e71-13f69d94ead9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=BZ2O6+drr0qV6kxlPXKQWQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FBCBE549BFDFB25DD%21152&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1658482106827
X-WacCluster: GEU4C

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: DU2PEPF00009242
x-officeversion: 16.0.15424.41004
x-officefe: DU2PEPF00009253
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: CA78EF8008219FD41B3BEECBDC5469C32D39C9D9
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid: 8405b141-b944-4ea8-bc8e-8f77513264ab
x-officecluster: GEU4C
x-usersessionid: c97183d6-7902-4546-9e71-13f69d94ead9
date: Fri, 01 Jul 2022 09:28:29 GMT
x-download-options: noopen
content-type: text/plain
x-officertcproxy: DB5PEPF0000C62A
cache-control: private
x-msedge-ref: Ref A: F4A98CB9988043C9A2F58FB59812710A Ref B: AM3EDGE1014 Ref C: 2022-07-01T09:28:30Z
timing-allow-origin: *

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame C692 0
441 B 166ms
75ms XHR
application/json 20.50.201.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.201.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 01 Jul 2022 09:28:30 GMT
time-delta-millis: 94
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame C692 24 B
475 B 117ms
27ms XHR
application/json 20.50.201.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1656667710857&time-delta-to-apply-millis=use-collector-delta&w=2

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161542441004_App_Scripts/otelFull.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.201.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 01 Jul 2022 09:28:30 GMT
time-delta-millis: 100
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.live.com/	1969-12-31 23:59:59	Name: E Value: P:ovAbDERb2og=:QGq0kJGtVYPYBBOrDHunq2mRwpzmAqwmV5/d2oWM+bo=:F
.live.com/	1969-12-31 23:59:59	Name: xid Value: 0cf7b727-c886-4675-a2ac-4514da23fc08&&RD00155D997DE1&225
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 1
.live.com/	1970-01-20 04:21:12	Name: wla42 Value:
word-view.officeapps.live.com/	1970-01-20 06:23:36	Name: DcLcid Value: ui=1031&data=1033
word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
.word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: GEU4C-ARRAffinity Value: 81dc63210d33e7d2e24004b8a1b987e12cb7479bcbbd9af3667525460330e158
.live.com/	1969-12-31 23:59:59	Name: BP Value: l=SDX.Skydrive&FR=&ST=
.live.com/	1970-01-20 13:32:43	Name: MUID Value: 1747202556546515145E31F1525461C5
.bing.com/	1970-01-20 13:32:43	Name: MUID Value: 1747202556546515145E31F1525461C5
.c.bing.com/	1970-01-20 13:32:43	Name: SRM_B Value: 1747202556546515145E31F1525461C5
.c.bing.com/	1970-01-20 13:32:43	Name: SRM_L Value: 1747202556546515145E31F1525461C5
.c.live.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.live.com/	1970-01-20 04:11:08	Name: ANONCHK Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.live.com
c1h-word-view-15.cdn.office.net
js.live.net
messaging.engagement.office.com
onedrive.live.com
spoprod-a.akamaihd.net
word-view.officeapps.live.com
104.111.237.183
13.107.43.13
2.21.20.153
20.234.93.27
20.50.201.195
2620:1ec:a92::171
2620:1ec:c11::200
2a02:26f0:3000:28d::1c24
52.109.136.29
06a34f354a3a9b66cc5f421e8892787d47a6fe5b2f43e4b3f6bd3f5ac567035b
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29
2235b31ac4decc50f771eccc383a3cf2db7be4ab171c0a24f22d2ca603395306
235935e5a4193a56a35bac70e03cefd0b90e25534209b4217147594f5d25da6f
2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48
3541731398b6f1059c9f111703ff187063519bfc95e498919132e7a7d3845c35
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
4fb79cc705791dccdd327db6b0329c6de4d4d3154dbc7b394b45c98c99aede87
519dc56ed053dbbb1df9327006ed3777c667f9c88ba36af49ae6e64fe6d4c67e
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
5f7b5b9cc2b43a45295928645f4ea8c0324c39d31e53f492e510f3b15bc9c2e2
62f3ac2a01b19f44f87630d68913625eaf6efed016f19db2b7d9ed92bf845e35
6662a939345201908a1445278607ca9ef6ae651f3756ceedc1b2d8896ea26f4f
7bcdebd1466791996e243c1b7f16a434341f6c9bfc664c5ad6a3ecd4a2716821
7d7fa7fb90d87e699218623828dc3fc14eca17ea1b4f771b84acb4e4ea3ec222
814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392
922201786205da9c51ac0752e274be6614d995d39e92d18908babf44c74517c0
99add3b922b361d2b642749d182529f39d460c075d48201f5e95e3552fa0f12a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
b5a00b910eb0d426212e34de07a1672c9037ce8ee8412bf90be211a2fd6f389d
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c69650ab0b68842c0938498b0be309cff9c4c246f471aac4f25af29de9147cc7
c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
ce0cb5e1645f246e4ce6f2f47a8b4793d4a72c8a0b7fb811081529010c53c0d2
d22b1643e6957677d3162c41237a7f58488416192b45feb271af9736d94471b8
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

onedrive.live.com Open in urlscan Pro 13.107.43.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

47 Requests

96 %HTTPS

33 %IPv6

7 Domains

10 Subdomains

9 IPs

5 Countries

1567 kBTransfer

6865 kBSize

14 Cookies

0 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onedrive.live.com Open in urlscan Pro
13.107.43.13 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

96 %
HTTPS

33 %
IPv6

7
Domains

10
Subdomains

9
IPs

5
Countries

1567 kB
Transfer

6865 kB
Size

14
Cookies

47 HTTP transactions
0 data transactions