onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/embed?cid=04900B335ADB4E9C&resid=4900B335ADB4E9C%21820&authkey=AJVVB0q0rtkyXCQ&em=2
Submission Tags: falconsandbox
Submission: On June 23 via api (June 23rd 2022, 6:40:57 pm UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 7 domains to perform 48 HTTP transactions. The main IP is 13.107.42.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com. The Cisco Umbrella rank of the primary domain is 2416.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on February 1st 2022. Valid for: a year.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2.21.20.153 2.21.20.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
18	2a02:26f0:350... 2a02:26f0:3500:588::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.109.88.96 52.109.88.96	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.205.236.6 23.205.236.6	16625 (AKAMAI-AS) (AKAMAI-AS)
2	20.189.173.3 20.189.173.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.50.201.195 20.50.201.195	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
48	10

1 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.21.20.153 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-153.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:26f0:3500:588::1c24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1h-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.109.88.96 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

messaging.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.236.6 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-236-6.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.189.173.3 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.201.195 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	office.net c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 5538	983 KB
17	live.com 1 redirects onedrive.live.com — Cisco Umbrella Rank: 2416 word-view.officeapps.live.com — Cisco Umbrella Rank: 8449 c.live.com — Cisco Umbrella Rank: 8479	266 KB
7	akamaihd.net spoprod-a.akamaihd.net — Cisco Umbrella Rank: 6108	301 KB
3	microsoft.com browser.events.data.microsoft.com — Cisco Umbrella Rank: 226 browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 109	1 KB
2	office.com messaging.office.com — Cisco Umbrella Rank: 2326	584 B
1	live.net js.live.net — Cisco Umbrella Rank: 11557	16 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 182	1 KB
48	7

	Domain	Requested by
18	c1h-word-view-15.cdn.office.net	word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
14	word-view.officeapps.live.com	onedrive.live.com word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
7	spoprod-a.akamaihd.net	onedrive.live.com
2	browser.events.data.microsoft.com	c1h-word-view-15.cdn.office.net
2	messaging.office.com	c1h-word-view-15.cdn.office.net
2	c.live.com	1 redirects
1	browser.pipe.aria.microsoft.com	c1h-word-view-15.cdn.office.net
1	js.live.net	c1h-word-view-15.cdn.office.net
1	c.bing.com	1 redirects
1	onedrive.live.com
48	10

This site contains no links.

Subject Issuer	Validity	Valid
onedrive.com Microsoft RSA TLS CA 02	`2022-02-01` - `2023-02-01`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2022-04-19` - `2023-04-18`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
messaging.office.com Microsoft RSA TLS CA 02	`2022-03-02` - `2023-03-02`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2021-09-29` - `2022-09-29`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02	`2022-05-21` - `2023-05-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://onedrive.live.com/embed?cid=04900B335ADB4E9C&resid=4900B335ADB4E9C%21820&authkey=AJVVB0q0rtkyXCQ&em=2
Frame ID: 53D138DC2058595171709F5F5C1AB264
Requests: 9 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem
Frame ID: 1AE6AD4127B21E9C5813906DEE6C252A
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

96 %
HTTPS

30 %
IPv6

7
Domains

10
Subdomains

10
IPs

4
Countries

1568 kB
Transfer

6863 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://c.live.com/c.gif?DI=15347&wlxid=6d2fb366-9296-4bb5-8db0-cd788efc41c3&reqid=00101fafcca&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5E7469%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1865%26IR%3D1%26EX%3D0%26L.h%3D1142%26L.sjs%3D1415%26L.ttg%3D1142%26C.st%3D1656009651814%26N.domIn%3D1163%26N.dns%3D105%26N.tcp%3D53%26N.req%3D853%26N.resp%3D4%26N.navType%3D0%26N.redirectCount%3D0&r=0.30985136849210093 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=6d2fb366-9296-4bb5-8db0-cd788efc41c3&reqid=00101fafcca&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5E7469%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1865%26IR%3D1%26EX%3D0%26L.h%3D1142%26L.sjs%3D1415%26L.ttg%3D1142%26C.st%3D1656009651814%26N.domIn%3D1163%26N.dns%3D105%26N.tcp%3D53%26N.req%3D853%26N.resp%3D4%26N.navType%3D0%26N.redirectCount%3D0&r=0.30985136849210093&CtsSyncId=F86D5C11A05D4F3BA91DB2ADBF160232&RedC=c.live.com&MXFR=1718CC2A8B70695C1370DDE68F706D6A HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=6d2fb366-9296-4bb5-8db0-cd788efc41c3&reqid=00101fafcca&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5E7469%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1865%26IR%3D1%26EX%3D0%26L.h%3D1142%26L.sjs%3D1415%26L.ttg%3D1142%26C.st%3D1656009651814%26N.domIn%3D1163%26N.dns%3D105%26N.tcp%3D53%26N.req%3D853%26N.resp%3D4%26N.navType%3D0%26N.redirectCount%3D0&r=0.30985136849210093&CtsSyncId=F86D5C11A05D4F3BA91DB2ADBF160232&MUID=1718CC2A8B70695C1370DDE68F706D6A

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request embed Show response
onedrive.live.com/ 61 KB
21 KB 1007ms
849ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=04900B335ADB4E9C&resid=4900B335ADB4E9C%21820&authkey=AJVVB0q0rtkyXCQ&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ec88b7c3bb4d2dc332b6de92eae05f7a0638fdb00f7dbbc146e45562b9560e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 23 Jun 2022 18:40:52 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-msedge-ref: Ref A: 03EAC02270B74F78AD18B2A81078BC83 Ref B: FRAEDGE1121 Ref C: 2022-06-23T18:40:51Z
x-msnserver: RD00155D5E7469
x-odwebserver: canadaeast0-odwebpl

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 85 KB
16 KB 111ms
22ms Stylesheet
text/css 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=04900B335ADB4E9C&resid=4900B335ADB4E9C%21820&authkey=AJVVB0q0rtkyXCQ&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Jun 2022 18:40:52 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6f0a1371-501e-0080-4432-fbbe78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=15962179
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 169 KB
30 KB 112ms
24ms Stylesheet
text/css 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=04900B335ADB4E9C&resid=4900B335ADB4E9C%21820&authkey=AJVVB0q0rtkyXCQ&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Jun 2022 18:40:52 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 9eaec477-701e-00b5-1896-fb102d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=12202260
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame 1AE6 131 KB
133 KB 150ms
78ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=04900B335ADB4E9C&resid=4900B335ADB4E9C%21820&authkey=AJVVB0q0rtkyXCQ&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

39315d6632be1e5dd83fd577d735f73d0ada5cce8cf1049a5ec25d75b3278b2b

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Thu, 23 Jun 2022 18:40:52 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: 9816cfb4-47db-427c-ae36-91b360f615a4
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_powerpointslice_control,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 05588899B1E0499492C9C3130183CB37 Ref B: AM3EDGE1019 Ref C: 2022-06-23T18:40:53Z
x-officecluster: PNL1
x-officefe: AM4PEPF00012931
x-officeversion: 16.0.15416.41016
x-usersessionid: 9816cfb4-47db-427c-ae36-91b360f615a4

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 92 KB
33 KB 84ms
22ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=04900B335ADB4E9C&resid=4900B335ADB4E9C%21820&authkey=AJVVB0q0rtkyXCQ&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Jun 2022 18:40:53 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 29c81963-d01e-00de-63ce-3d4d7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=23247953
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 483 KB
133 KB 91ms
29ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=04900B335ADB4E9C&resid=4900B335ADB4E9C%21820&authkey=AJVVB0q0rtkyXCQ&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Jun 2022 18:40:53 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4acc2b98-201e-0043-0a8f-3e373b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=23350646
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H3-Q050 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 47 KB
14 KB 23ms
22ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=04900B335ADB4E9C&resid=4900B335ADB4E9C%21820&authkey=AJVVB0q0rtkyXCQ&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Jun 2022 18:40:53 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ea603572-001e-0054-47e3-d5f758000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=11822011
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 203 KB
68 KB 25ms
25ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=04900B335ADB4E9C&resid=4900B335ADB4E9C%21820&authkey=AJVVB0q0rtkyXCQ&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Jun 2022 18:40:53 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 449c47a3-c01e-000d-37a6-eaf2de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14104941
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 15 KB
6 KB 26ms
25ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=04900B335ADB4E9C&resid=4900B335ADB4E9C%21820&authkey=AJVVB0q0rtkyXCQ&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 23 Jun 2022 18:40:53 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 14332129-701e-0024-0947-43708d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=23829917
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/1031/ Frame 1AE6 271 KB
34 KB 74ms
22ms Stylesheet
text/css 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/1031/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c69650ab0b68842c0938498b0be309cff9c4c246f471aac4f25af29de9147cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"c765919657fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF000083DB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33768
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:35:20 GMT
x-officefd: DB5PEPF000083DB
x-msedge-ref: Ref A: 2913ECF5F5B24376932FAC24C9C05778 Ref B: AM3EDGE0621 Ref C: 2022-06-13T20:35:19Z
x-usersessionid: 2a803e0c-e789-4558-9e9d-f185a13afc76
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 2a803e0c-e789-4558-9e9d-f185a13afc76
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/ Frame 1AE6 106 KB
24 KB 138ms
86ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d7fa7fb90d87e699218623828dc3fc14eca17ea1b4f771b84acb4e4ea3ec222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"b0b1cfa5617fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00006A1E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23681
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:10:37 GMT
x-officefd: AM4PEPF00006A1E
x-msedge-ref: Ref A: 36D98CE1F6964DB2863B1437F8ADD72B Ref B: AM3EDGE0807 Ref C: 2022-06-13T20:10:37Z
x-usersessionid: e6da76eb-b84d-43a6-be6c-895496717e9a
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e6da76eb-b84d-43a6-be6c-895496717e9a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h6A39CA4CD29B5BB1_App_Scripts/1031/ Frame 1AE6 157 KB
33 KB 135ms
87ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h6A39CA4CD29B5BB1_App_Scripts/1031/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bb8e5cef6ddf61013857c09ab2b0d5078dab58934d711385b216356a232045f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e1ea6955ef80d81:0"
x-officecluster: US4C
x-officeversion: 16.0.15409.41003
x-officefe: DM3PEPF000132CA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 32831
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 15 Jun 2022 19:37:22 GMT
x-officefd: DM3PEPF000132AE
x-msedge-ref: Ref A: 7278BC2472724113ADCE2CA0542E86F8 Ref B: AM3EDGE0113 Ref C: 2022-06-15T19:37:21Z
x-usersessionid: 2d89e7f2-dbcb-4a3e-a551-decce641f981
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2d89e7f2-dbcb-4a3e-a551-decce641f981
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame 1AE6 6 KB
2 KB 135ms
87ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "508242c2f57bd81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00012271
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1373
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 09 Jun 2022 11:40:46 GMT
x-officefd: AM4PEPF00012271
x-msedge-ref: Ref A: D5B1F12E1E1546FEB79ED74D02283E1D Ref B: AMS04EDGE3521 Ref C: 2022-06-13T10:21:29Z
x-usersessionid: 2ad58b33-71b1-4a23-af7a-257f9ea11d2d
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2ad58b33-71b1-4a23-af7a-257f9ea11d2d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/ Frame 1AE6 21 KB
5 KB 92ms
91ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "f62a8e03a7dd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000131F7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4307
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 11 Jun 2022 02:28:03 GMT
x-officefd: AM4PEPF000131F7
x-msedge-ref: Ref A: F44DC7F2AE944772A4A3CAE3776C5D13 Ref B: AMS04EDGE3006 Ref C: 2022-06-11T14:46:23Z
x-usersessionid: ffb4e168-efbc-4e8d-8479-91c86539254f
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ffb4e168-efbc-4e8d-8479-91c86539254f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h59773959D5389CB4_App_Scripts/1031/ Frame 1AE6 475 KB
74 KB 72ms
22ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h59773959D5389CB4_App_Scripts/1031/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

59773959d5389cb4e9e1cfed23e581d7652325d0d06328f607ba09a5bd5c9e09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"6453455ef80d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069E1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 75022
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 15 Jun 2022 19:37:21 GMT
x-officefd: AM4PEPF000069E1
x-msedge-ref: Ref A: 106FE66365FA4EDE9A13D9B7DAF00AB8 Ref B: AMS04EDGE3312 Ref C: 2022-06-15T19:37:21Z
x-usersessionid: a7f917d5-248a-46de-bf21-d893898bfe03
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a7f917d5-248a-46de-bf21-d893898bfe03
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h6F03A2966947B5CA_App_Scripts/exp/ Frame 1AE6 7 KB
3 KB 136ms
86ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h6F03A2966947B5CA_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6f03a2966947b5caa855d0495fe802c12548887b7bb72cdc474f5ddc922db9fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"751afd2ced80d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069E9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2375
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 15 Jun 2022 19:21:55 GMT
x-officefd: AM4PEPF000069E9
x-msedge-ref: Ref A: 2F773A5F2AD44994A57523A9C2838D3F Ref B: AMS04EDGE1717 Ref C: 2022-06-15T19:21:55Z
x-usersessionid: 56b9900c-315c-4360-8571-d8eb9c7e7858
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 56b9900c-315c-4360-8571-d8eb9c7e7858
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h51004505231D5527_App_Scripts/ Frame 1AE6 3 MB
462 KB 93ms
93ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h51004505231D5527_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

51004505231d5527fb59d04a511ee1d2a1813301c7c944804d6eba6d80bd4675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ae2162ded80d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00012939
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 471401
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 15 Jun 2022 19:21:55 GMT
x-officefd: AM4PEPF00012939
x-msedge-ref: Ref A: 3E52F0817B8E4D48994FADB7E36141F7 Ref B: AMS04EDGE1606 Ref C: 2022-06-15T19:21:55Z
x-usersessionid: 68f1f3d3-11ca-4986-b2e1-b65e5788d837
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 68f1f3d3-11ca-4986-b2e1-b65e5788d837
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 1AE6 0
530 B 115ms
114ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15416.41016&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 9816cfb4-47db-427c-ae36-91b360f615a4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BN3PEPF0000384A
x-officeversion: 16.0.15416.41016
x-officefe: BN3PEPF0000384A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: af8a070f-f10a-4283-9403-e6130e61b05e
x-officecluster: PGTUS3
x-usersessionid: 9816cfb4-47db-427c-ae36-91b360f615a4
date: Thu, 23 Jun 2022 18:40:53 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 6F753A5443EA4590A4507B2759F16929 Ref B: AM3EDGE1019 Ref C: 2022-06-23T18:40:53Z

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 1AE6 0
336 B 131ms
131ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15416.41016&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 9816cfb4-47db-427c-ae36-91b360f615a4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":99,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/hC69650AB0B68842C_resources/1031/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BAFB
x-officeversion: 16.0.15416.41016
x-officefe: BL6PEPF0000BAFB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 06045862-1c29-4105-a341-f1dfb8628503
x-officecluster: PGTUS4
x-usersessionid: 9816cfb4-47db-427c-ae36-91b360f615a4
date: Thu, 23 Jun 2022 18:40:53 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: D3D1E7AAC05143F7A09AC0480728B30B Ref B: AM3EDGE1019 Ref C: 2022-06-23T18:40:53Z

GET
H2 404 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 1AE6 1 KB
1 KB 238ms
238ms Image
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&access_token=4wjR2bg6ktWupyMGmhDwLZyf11sydYoAvCjtdT02Msj1CR2OFFZgnjgHPHy0uGRW7Y6yUnb6B06Alipw3F%2D5BdMliaoro9uPI9hwp40gjuH8xUu%2D%5Fvi3Ki%5F4FHAepUTwfAYZd%5FwWyJLJl5KHsWN9uxjg&access_token_ttl=1657824052714&z=aNDkwMEIzMzVBREI0RTlDITgyMC45&v=00000000-0000-0000-0000-000000000802&usid=9816cfb4-47db-427c-ae36-91b360f615a4&splashscreen=1&build=16.0.15416.41016&PdfMode=1&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF0001237F
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF0001237F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1245
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5b3db376-a834-44b4-8086-1ec482d41493
x-officefd: AM4PEPF0001237F
x-usersessionid: 9816cfb4-47db-427c-ae36-91b360f615a4
date: Thu, 23 Jun 2022 18:40:53 GMT
x-download-options: noopen
content-type: text/html
cache-control: no-cache
x-msedge-ref: Ref A: 1FFB4CBC89134A49B8BCE58FC60AAECC Ref B: AM3EDGE1019 Ref C: 2022-06-23T18:40:53Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 1AE6 0
299 B 179ms
179ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15416.41016&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 9816cfb4-47db-427c-ae36-91b360f615a4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":383,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BY3PEPF0000C92E
x-officeversion: 16.0.15416.41016
x-officefe: BY3PEPF0000C92E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 24c120c7-019b-4460-887c-e53d0807a738
x-officecluster: PGTUS1
x-usersessionid: 9816cfb4-47db-427c-ae36-91b360f615a4
date: Thu, 23 Jun 2022 18:40:53 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 75DD57B1A3CB4110838F58EBB43BD2B6 Ref B: AM3EDGE1019 Ref C: 2022-06-23T18:40:53Z

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/1031/ Frame 1AE6 22 KB
23 KB 20ms
20ms Font
font/x-woff 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/1031/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/1031/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/1031/WordViewer.css
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"a243a149a7fd81:0"
x-officecluster: US3C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00010DF3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 14 Jun 2022 02:54:34 GMT
x-officefd: DM3PEPF000132E6
x-msedge-ref: Ref A: 5E8B8588E58B49DD92096A35424FF001 Ref B: AMS04EDGE2710 Ref C: 2022-06-14T02:54:34Z
x-usersessionid: a973c941-3f6a-42be-89ce-01c8c5abbf48
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: a973c941-3f6a-42be-89ce-01c8c5abbf48
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame 1AE6 356 B
597 B 40ms
40ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&access_token=4wjR2bg6ktWupyMGmhDwLZyf11sydYoAvCjtdT02Msj1CR2OFFZgnjgHPHy0uGRW7Y6yUnb6B06Alipw3F%2D5BdMliaoro9uPI9hwp40gjuH8xUu%2D%5Fvi3Ki%5F4FHAepUTwfAYZd%5FwWyJLJl5KHsWN9uxjg&access_token_ttl=1657824052714&z=aNDkwMEIzMzVBREI0RTlDITgyMC45&type=png&o15=1&ui=de-DE&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9d035b8eddc744232f4b94a01fefb68f66a7f0f4eff10fe9bec0261e56cb26b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012931
X-UserSessionId: 9816cfb4-47db-427c-ae36-91b360f615a4
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15416.41016
X-Key: W1sEe4akSYDWXIEoRtEyFlXtJFKpSEq4yk3YY/c2uws=,637916064530979035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF00012931
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 352
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 049e4ea2-6f66-4ec1-9bb4-403c476ddea9
x-officecluster: PNL1
x-usersessionid: 9816cfb4-47db-427c-ae36-91b360f615a4
date: Thu, 23 Jun 2022 18:40:53 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: C16B44827E4040B0A8C555C9A91849BB Ref B: AM3EDGE1019 Ref C: 2022-06-23T18:40:53Z
timing-allow-origin: *
expires: Fri, 23 Jun 2023 18:40:53 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/ Frame 1AE6 40 KB
7 KB 20ms
20ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h51004505231D5527_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"20f48de684d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF0000D03B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5997
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 20 Jun 2022 20:44:35 GMT
x-officefd: DB5PEPF0000D03B
x-msedge-ref: Ref A: 7CDF9C1CC8AD471C93A826F450067843 Ref B: AM3EDGE0717 Ref C: 2022-06-20T20:44:35Z
x-usersessionid: 8b9e8815-1044-4e6b-8053-5da5ce5265e0
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8b9e8815-1044-4e6b-8053-5da5ce5265e0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wapsw.png
c1h-word-view-15.cdn.office.net/wv/s/161541641016_resources/1031/ Frame 1AE6 6 KB
6 KB 23ms
22ms Image
image/png 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161541641016_resources/1031/wapsw.png?b=1601541641016

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"2ef7eaf4b885d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083FF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 5884
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Tue, 21 Jun 2022 21:50:43 GMT
x-officefd: DB5PEPF000083FF
x-msedge-ref: Ref A: 45083E9033F6463FA9E3C050D2E6BB89 Ref B: AM3EDGE0411 Ref C: 2022-06-21T21:50:43Z
x-usersessionid: d7276579-b99b-49a8-bcfb-0b7f3b98ff21
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: d7276579-b99b-49a8-bcfb-0b7f3b98ff21
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161541641016_resources/1031/ Frame 1AE6 34 KB
35 KB 24ms
24ms Image
image/png 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161541641016_resources/1031/wv.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"fe5143cf584d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF00012939
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 20 Jun 2022 22:29:41 GMT
x-officefd: AM4PEPF00012939
x-msedge-ref: Ref A: FA80F6967008432D88A470C4A07BEE0F Ref B: AMS04EDGE2622 Ref C: 2022-06-20T22:29:41Z
x-usersessionid: 79fa206a-5153-46ea-904c-05c8e696990b
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 79fa206a-5153-46ea-904c-05c8e696990b
accept-ranges: bytes
timing-allow-origin: *

GET
BLOB 200
OK 9c0ea4a4-0eed-489f-9da0-d2170f6dac4c
https://word-view.officeapps.live.com/ Frame 1AE6 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/9c0ea4a4-0eed-489f-9da0-d2170f6dac4c
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

GET
H2

200

c.gif
c.live.com/
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=6d2fb366-9296-4bb5-8db0-cd788efc41c3&reqid=00101fafcca&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5E7469%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=6d2fb366-9296-4bb5-8db0-cd788efc41c3&reqid=00101fafcca&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5E7469%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=6d2fb366-9296-4bb5-8db0-cd788efc41c3&reqid=00101fafcca&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5E7469%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
255 B

39ms
39ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=6d2fb366-9296-4bb5-8db0-cd788efc41c3&reqid=00101fafcca&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5E7469%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1865%26IR%3D1%26EX%3D0%26L.h%3D1142%26L.sjs%3D1415%26L.ttg%3D1142%26C.st%3D1656009651814%26N.domIn%3D1163%26N.dns%3D105%26N.tcp%3D53%26N.req%3D853%26N.resp%3D4%26N.navType%3D0%26N.redirectCount%3D0&r=0.30985136849210093&CtsSyncId=F86D5C11A05D4F3BA91DB2ADBF160232&MUID=1718CC2A8B70695C1370DDE68F706D6A
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:40:53 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 23 Jun 2022 18:40:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 71D9AC223F9844858871CB48156A5664 Ref B: FRAEDGE1311 Ref C: 2022-06-23T18:40:53Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=6d2fb366-9296-4bb5-8db0-cd788efc41c3&reqid=00101fafcca&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5E7469%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1865%26IR%3D1%26EX%3D0%26L.h%3D1142%26L.sjs%3D1415%26L.ttg%3D1142%26C.st%3D1656009651814%26N.domIn%3D1163%26N.dns%3D105%26N.tcp%3D53%26N.req%3D853%26N.resp%3D4%26N.navType%3D0%26N.redirectCount%3D0&r=0.30985136849210093&CtsSyncId=F86D5C11A05D4F3BA91DB2ADBF160232&MUID=1718CC2A8B70695C1370DDE68F706D6A
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 1AE6 0
461 B 114ms
114ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15416.41016&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 9816cfb4-47db-427c-ae36-91b360f615a4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":619,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BN3PEPF00004E31
x-officeversion: 16.0.15416.41016
x-officefe: BN3PEPF00004E31
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5b238780-d13e-4430-9e06-6d4137ec3525
x-officecluster: PGTUS3
x-usersessionid: 9816cfb4-47db-427c-ae36-91b360f615a4
date: Thu, 23 Jun 2022 18:40:53 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 489204F3933E43EE86BAAC3EAF946462 Ref B: AM3EDGE1019 Ref C: 2022-06-23T18:40:53Z

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h51004505231D5527_App_Scripts/ Frame 1AE6 837 KB
138 KB 20ms
20ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h51004505231D5527_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h51004505231D5527_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f15e833a2c9c6fb451ac5c42e51c4a366056d319fd9b569fcc85f80587161fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ddc8d92ded80d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00006A2D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 140168
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 15 Jun 2022 19:21:57 GMT
x-officefd: AM4PEPF00006A2D
x-msedge-ref: Ref A: 7224D2EF43D140E49B49575C37B95F99 Ref B: AMS04EDGE2610 Ref C: 2022-06-15T19:21:57Z
x-usersessionid: 652211ff-740b-4eca-a991-94705d030c2b
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 652211ff-740b-4eca-a991-94705d030c2b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedback_floodgate.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/Feedback/latest/ Frame 1AE6 553 KB
103 KB 21ms
21ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h51004505231D5527_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5a00b910eb0d426212e34de07a1672c9037ce8ee8412bf90be211a2fd6f389d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"1732898de684d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF000069FE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 104275
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Mon, 20 Jun 2022 20:44:35 GMT
x-officefd: AM4PEPF000069FE
x-msedge-ref: Ref A: 7AA3D4164E5247179DB199F36B022FB5 Ref B: AM3EDGE0811 Ref C: 2022-06-20T20:44:35Z
x-usersessionid: fc0b765c-c207-4dde-be31-0ec085da01a8
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: fc0b765c-c207-4dde-be31-0ec085da01a8
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 1AE6 0
346 B 119ms
118ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15416.41016&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: AM4PEPF00012931
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15416.41016
X-Key: W1sEe4akSYDWXIEoRtEyFlXtJFKpSEq4yk3YY/c2uws=,637916064530979035
X-bULS-SuppressionETag: D364F302477177B1869F1E6153FB2A84B42A10D2
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wjR2bg6ktWupyMGmhDwLZyf11sydYoAvCjtdT02Msj1CR2OFFZgnjgHPHy0uGRW7Y6yUnb6B06Alipw3F-5BdMliaoro9uPI9hwp40gjuH8xUu-_vi3Ki_4FHAepUTwfAYZd_wWyJLJl5KHsWN9uxjg
X-UserSessionId: 9816cfb4-47db-427c-ae36-91b360f615a4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1657824052714
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS6
x-officeversion: 16.0.15416.41016
x-officefe: BL6PEPF0000BB80
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: D364F302477177B1869F1E6153FB2A84B42A10D2
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 926fd7fe-eaa9-431a-a532-f01d2c389fc4
x-officefd: BL6PEPF0000BB80
x-usersessionid: 9816cfb4-47db-427c-ae36-91b360f615a4
date: Thu, 23 Jun 2022 18:40:53 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: A32EA26B60434B9481BA15F705B66240 Ref B: AM3EDGE1019 Ref C: 2022-06-23T18:40:53Z

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161541641016_resources/1031/ Frame 1AE6 695 B
1 KB 22ms
22ms Image
image/gif 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161541641016_resources/1031/progress.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"a1e5d4d4fa84d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF000131F2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Mon, 20 Jun 2022 23:09:45 GMT
x-officefd: AM4PEPF000131F2
x-msedge-ref: Ref A: 94946CF20296441FBF2332A8D09305E2 Ref B: AMS04EDGE3305 Ref C: 2022-06-20T23:09:45Z
x-usersessionid: ae8b222d-01be-486c-9334-da248c235bdb
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: ae8b222d-01be-486c-9334-da248c235bdb
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 1AE6 51 KB
51 KB 210ms
209ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=9816cfb4-47db-427c-ae36-91b360f615a4&build=16.0.15416.41016&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&access_token=4wjR2bg6ktWupyMGmhDwLZyf11sydYoAvCjtdT02Msj1CR2OFFZgnjgHPHy0uGRW7Y6yUnb6B06Alipw3F-5BdMliaoro9uPI9hwp40gjuH8xUu-_vi3Ki_4FHAepUTwfAYZd_wWyJLJl5KHsWN9uxjg&access_token_ttl=1657824053013&z=aNDkwMEIzMzVBREI0RTlDITgyMC45&waccluster=PNL1&PdfMode=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

18a98be701bfa0883d89119a300ed26711c154e1f8d20fb15e4844f5d36a2643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF000069E9
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF000069E9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 51937
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&access_token=4wjR2bg6ktWupyMGmhDwLZyf11sydYoAvCjtdT02Msj1CR2OFFZgnjgHPHy0uGRW7Y6yUnb6B06Alipw3F%2D5BdMliaoro9uPI9hwp40gjuH8xUu%2D%5Fvi3Ki%5F4FHAepUTwfAYZd%5FwWyJLJl5KHsWN9uxjg&access_token_ttl=1657824053013&z=aNDkwMEIzMzVBREI0RTlDITgyMC4500000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 4b376297-296b-4d3a-b957-6a083631eff4
x-officefd: AM4PEPF000069E9
x-usersessionid: 9816cfb4-47db-427c-ae36-91b360f615a4
date: Thu, 23 Jun 2022 18:40:53 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: D3151EAA3C08480A9EE734FA6F9DC5C4 Ref B: AM3EDGE1019 Ref C: 2022-06-23T18:40:53Z
timing-allow-origin: *
expires: Fri, 23 Jun 2023 18:40:54 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 1AE6 3 KB
2 KB 49ms
49ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=9816cfb4-47db-427c-ae36-91b360f615a4&build=16.0.15416.41016&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&access_token=4wjR2bg6ktWupyMGmhDwLZyf11sydYoAvCjtdT02Msj1CR2OFFZgnjgHPHy0uGRW7Y6yUnb6B06Alipw3F%2D5BdMliaoro9uPI9hwp40gjuH8xUu%2D%5Fvi3Ki%5F4FHAepUTwfAYZd%5FwWyJLJl5KHsWN9uxjg&access_token_ttl=1657824052714&z=aNDkwMEIzMzVBREI0RTlDITgyMC45&waccluster=PNL1&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

b41b7fa3d2ecf2e4ca33b60babd9e68525a300f94dd9dba7c186f4297406609d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012931
X-UserSessionId: 9816cfb4-47db-427c-ae36-91b360f615a4
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15416.41016
X-Key: W1sEe4akSYDWXIEoRtEyFlXtJFKpSEq4yk3YY/c2uws=,637916064530979035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00006033
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF00012931
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 989
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&access_token=4wjR2bg6ktWupyMGmhDwLZyf11sydYoAvCjtdT02Msj1CR2OFFZgnjgHPHy0uGRW7Y6yUnb6B06Alipw3F%2D5BdMliaoro9uPI9hwp40gjuH8xUu%2D%5Fvi3Ki%5F4FHAepUTwfAYZd%5FwWyJLJl5KHsWN9uxjg&access_token_ttl=1657824052714&z=aNDkwMEIzMzVBREI0RTlDITgyMC4500000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: e2e0cfc1-a6f3-44e4-acad-0761284da2bc, e2e0cfc1-a6f3-44e4-acad-0761284da2bc
x-officefd: AM4PEPF00006033
x-usersessionid: 9816cfb4-47db-427c-ae36-91b360f615a4, 9816cfb4-47db-427c-ae36-91b360f615a4
x-powered-by: ARR/3.0
date: Thu, 23 Jun 2022 18:40:53 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 0A82DFD883AF4562B4D34C7AA48E9F65 Ref B: AM3EDGE1019 Ref C: 2022-06-23T18:40:53Z
timing-allow-origin: *, *
expires: Fri, 23 Jun 2023 18:40:53 GMT

GET
H2 200 officebrowserfeedback.css
c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/Feedback/latest/ Frame 1AE6 18 KB
3 KB 22ms
22ms Stylesheet
text/css 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"9939a092e684d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF00010318
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2711
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 20 Jun 2022 20:44:44 GMT
x-officefd: AM4PEPF00010318
x-msedge-ref: Ref A: 566CB65C2AFF41D6AF6FDB8AE66CB134 Ref B: AMS04EDGE1712 Ref C: 2022-06-20T20:44:44Z
x-usersessionid: f087baac-e5f3-4b06-b3bd-24a7a2f82664
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: f087baac-e5f3-4b06-b3bd-24a7a2f82664
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedbackstrings.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/Feedback/latest/Intl/de/ Frame 1AE6 2 KB
2 KB 21ms
21ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/Feedback/latest/Intl/de/officebrowserfeedbackstrings.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

519dc56ed053dbbb1df9327006ed3777c667f9c88ba36af49ae6e64fe6d4c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7010d59ee784d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083DB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1044
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 20 Jun 2022 20:52:14 GMT
x-officefd: DB5PEPF000083DB
x-msedge-ref: Ref A: 5A02DCD87E384E29A0A4A3C1C6401AD9 Ref B: AM3EDGE0709 Ref C: 2022-06-20T20:52:14Z
x-usersessionid: 86fddff9-319a-4599-8288-ad025fdb8de9
date: Thu, 23 Jun 2022 18:40:53 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 86fddff9-319a-4599-8288-ad025fdb8de9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 campaignmetadataaggregator Show response
messaging.office.com/lifecycle/ Frame 1AE6 324 B
584 B 83ms
82ms Fetch
application/json 52.109.88.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://messaging.office.com/lifecycle/campaignmetadataaggregator?country=DE&locale=de-DE&app=2155&platform=Web&version=16.0.15416.41016&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%3Bwordfloodgateflight3%3Bwordfloodgateflight4%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3Bwordfloodgateflight3%3Bwordfloodgateflight4%3B&ageGroup=0&sessionUserType=2

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.96 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04d665f864fd62714caaa53532b12d06b0e0f399dcf4926e46929773504d5f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://word-view.officeapps.live.com/
x-correlationid: 325d7592-3033-4913-2055-9a946f103e2f
x-usersessionid: ab018e7f-ffd7-423c-97d2-360bbfecd91c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: weu-000.omexmessaging.osi.office.net
x-gateids: AirTrafficControl.GovernanceRule
x-officeversion: 22.4.10530.12308
x-officefe: OmexMessagingStorefront_IN_10
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
vary: Accept-Encoding
content-length: 243
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
x-correlationid: 8796f350-a65a-4663-8b42-69a75619b4c2
server
x-usersessionid: ab018e7f-ffd7-423c-97d2-360bbfecd91c
date: Thu, 23 Jun 2022 18:40:54 GMT
x-frame-options: deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: *
cache-control: private, no-store
x-machine: weu-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_10
access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type

OPTIONS
H2 200 campaignmetadataaggregator
messaging.office.com/lifecycle/ Frame 0
0 140ms
47ms Preflight 52.109.88.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.96 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Access-Control-Request-Method: GET
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: *
access-control-max-age: 86400
cache-control: private
content-length: 0
date: Thu, 23 Jun 2022 18:40:54 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-correlationid: 87c8cb13-452d-4349-b69b-d48e26a0b910
x-frame-options: deny
x-gateids: AirTrafficControl.GovernanceRule
x-machine: weu-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_10
x-officecluster: weu-000.omexmessaging.osi.office.net
x-officefe: OmexMessagingStorefront_IN_10
x-officeversion: 22.4.10530.12308
x-ua-compatible: IE=edge
x-usersessionid: 87c8cb13-452d-4349-b69b-d48e26a0b910
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 1AE6 42 KB
16 KB 143ms
34ms Script
application/javascript 23.205.236.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h51004505231D5527_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 23.205.236.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-236-6.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 23 Jun 2022 18:40:54 GMT
X-MSNServer: RD0003FF23F6D7
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=51018, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 1AE6 0
278 B 115ms
114ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15416.41016&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 9816cfb4-47db-427c-ae36-91b360f615a4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":852,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BN3PEPF00003838
x-officeversion: 16.0.15416.41016
x-officefe: BN3PEPF00003838
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: a515b32e-38d3-4e94-b962-d20bee1b85bd
x-officecluster: PGTUS3
x-usersessionid: 9816cfb4-47db-427c-ae36-91b360f615a4
date: Thu, 23 Jun 2022 18:40:53 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 1F6941368BC54FD591A417B93D95BF5C Ref B: AM3EDGE1019 Ref C: 2022-06-23T18:40:54Z

GET
H2 200 otelFull.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/ Frame 1AE6 99 KB
29 KB 21ms
21ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/otelFull.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h51004505231D5527_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"0decf8ee684d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 28874
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 20 Jun 2022 20:44:38 GMT
x-officefd: DB5PEPF000083FC
x-msedge-ref: Ref A: 7F51BC894F4A48ACB97A858C70D80713 Ref B: AMS04EDGE2706 Ref C: 2022-06-20T20:44:37Z
x-usersessionid: 2579d140-71fc-4bee-94ce-075b781ccf2b
date: Thu, 23 Jun 2022 18:40:54 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2579d140-71fc-4bee-94ce-075b781ccf2b
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 1AE6 4 B
378 B 780ms
175ms XHR
application/json 20.189.173.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/ping

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/otelFull.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.3 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 23 Jun 2022 18:40:54 GMT
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 1AE6 51 KB
51 KB 45ms
44ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

18a98be701bfa0883d89119a300ed26711c154e1f8d20fb15e4844f5d36a2643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF0001237F
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF0001237F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 51937
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&access_token=4wjR2bg6ktWupyMGmhDwLZyf11sydYoAvCjtdT02Msj1CR2OFFZgnjgHPHy0uGRW7Y6yUnb6B06Alipw3F%2D5BdMliaoro9uPI9hwp40gjuH8xUu%2D%5Fvi3Ki%5F4FHAepUTwfAYZd%5FwWyJLJl5KHsWN9uxjg&access_token_ttl=1657824052714&z=aNDkwMEIzMzVBREI0RTlDITgyMC4500000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: fcea3b11-38c9-4501-9a56-e821321dda79
x-officefd: AM4PEPF0001237F
x-usersessionid: 9816cfb4-47db-427c-ae36-91b360f615a4
date: Thu, 23 Jun 2022 18:40:54 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 6885C14ED00E44A8B3C5C3153FBF487A Ref B: AM3EDGE1019 Ref C: 2022-06-23T18:40:54Z
timing-allow-origin: *
expires: Fri, 23 Jun 2023 18:40:54 GMT

GET
H2 200 translation.ashx Show response
word-view.officeapps.live.com/wv/ Frame 1AE6 2 KB
2 KB 239ms
238ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&access_token=4wjR2bg6ktWupyMGmhDwLZyf11sydYoAvCjtdT02Msj1CR2OFFZgnjgHPHy0uGRW7Y6yUnb6B06Alipw3F%2D5BdMliaoro9uPI9hwp40gjuH8xUu%2D%5Fvi3Ki%5F4FHAepUTwfAYZd%5FwWyJLJl5KHsWN9uxjg&access_token_ttl=1657824052714&z=aNDkwMEIzMzVBREI0RTlDITgyMC45&uilang=de-DE

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

922201786205da9c51ac0752e274be6614d995d39e92d18908babf44c74517c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00006033
X-UserSessionId: 9816cfb4-47db-427c-ae36-91b360f615a4
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15416.41016
X-Key: W1sEe4akSYDWXIEoRtEyFlXtJFKpSEq4yk3YY/c2uws=,637916064530979035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00006033
x-officeversion: 16.0.15416.41016
x-officefe: AM4PEPF00006033
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1455
pragma: no-cache
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 1f4380b0-4681-46e0-820c-228241cca74b, 1f4380b0-4681-46e0-820c-228241cca74b
x-officefd: AM4PEPF000069E9
x-usersessionid: 9816cfb4-47db-427c-ae36-91b360f615a4, 9816cfb4-47db-427c-ae36-91b360f615a4
x-powered-by: ARR/3.0
date: Thu, 23 Jun 2022 18:40:54 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: A934495F6C984D3ABFDC4E49037DDF27 Ref B: AM3EDGE1019 Ref C: 2022-06-23T18:40:54Z
timing-allow-origin: *, *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 1AE6 0
437 B 112ms
110ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15416.41016&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: AM4PEPF00006033
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15416.41016
X-Key: W1sEe4akSYDWXIEoRtEyFlXtJFKpSEq4yk3YY/c2uws=,637916064530979035
X-bULS-SuppressionETag: D364F302477177B1869F1E6153FB2A84B42A10D2
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wjR2bg6ktWupyMGmhDwLZyf11sydYoAvCjtdT02Msj1CR2OFFZgnjgHPHy0uGRW7Y6yUnb6B06Alipw3F-5BdMliaoro9uPI9hwp40gjuH8xUu-_vi3Ki_4FHAepUTwfAYZd_wWyJLJl5KHsWN9uxjg
X-UserSessionId: 9816cfb4-47db-427c-ae36-91b360f615a4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=ldFd7VTHU0y63iKCjlAjNQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1657824052714
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.15416.41016
x-officefe: BL6PEPF0000BAFB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: D364F302477177B1869F1E6153FB2A84B42A10D2
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5c5dcd54-b6df-4484-ab21-2ce1c7d5b974
x-officefd: BL6PEPF0000BAFB
x-usersessionid: 9816cfb4-47db-427c-ae36-91b360f615a4
date: Thu, 23 Jun 2022 18:40:55 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 1DE9D8B658C942199CE22FFD0D26A6A4 Ref B: AM3EDGE1019 Ref C: 2022-06-23T18:40:55Z

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 1AE6 0
442 B 219ms
87ms XHR
application/json 20.50.201.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.201.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 23 Jun 2022 18:40:55 GMT
time-delta-millis: 147
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 1AE6 24 B
475 B 713ms
177ms XHR
application/json 20.189.173.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1656009656143&time-delta-to-apply-millis=use-collector-delta&w=2

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161541641016_App_Scripts/otelFull.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.3 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 23 Jun 2022 18:40:56 GMT
time-delta-millis: 620
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.live.com/	1969-12-31 23:59:59	Name: E Value: P:iTxB5kdV2og=:I7yV/UURA1OBOhYGU8AU7Hc+qYMr4POIVHgZk8IjOHg=:F
.live.com/	1969-12-31 23:59:59	Name: xid Value: 6d2fb366-9296-4bb5-8db0-cd788efc41c3&&RD00155D5E7469&215
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 1
.live.com/	1970-01-20 04:10:14	Name: wla42 Value:
word-view.officeapps.live.com/	1970-01-20 06:12:38	Name: DcLcid Value: ui=1031&data=1033
word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
.live.com/	1969-12-31 23:59:59	Name: BP Value: l=SDX.Skydrive&FR=&ST=
.live.com/	1970-01-20 13:21:45	Name: MUID Value: 1718CC2A8B70695C1370DDE68F706D6A
.bing.com/	1970-01-20 13:21:45	Name: MUID Value: 1718CC2A8B70695C1370DDE68F706D6A
.c.bing.com/	1970-01-20 13:21:45	Name: SRM_B Value: 1718CC2A8B70695C1370DDE68F706D6A
.c.bing.com/	1970-01-20 13:21:45	Name: SRM_L Value: 1718CC2A8B70695C1370DDE68F706D6A
.c.live.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.live.com/	1970-01-20 04:00:10	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4900B335ADB4E9C%21820&access_token=4wjR2bg6ktWupyMGmhDwLZyf11sydYoAvCjtdT02Msj1CR2OFFZgnjgHPHy0uGRW7Y6yUnb6B06Alipw3F%2D5BdMliaoro9uPI9hwp40gjuH8xUu%2D%5Fvi3Ki%5F4FHAepUTwfAYZd%5FwWyJLJl5KHsWN9uxjg&access_token_ttl=1657824052714&z=aNDkwMEIzMzVBREI0RTlDITgyMC45&v=00000000-0000-0000-0000-000000000802&usid=9816cfb4-47db-427c-ae36-91b360f615a4&splashscreen=1&build=16.0.15416.41016&PdfMode=1&waccluster=PNL1 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.live.com
c1h-word-view-15.cdn.office.net
js.live.net
messaging.office.com
onedrive.live.com
spoprod-a.akamaihd.net
word-view.officeapps.live.com
13.107.42.13
2.21.20.153
20.189.173.3
20.234.93.27
20.50.201.195
23.205.236.6
2620:1ec:a92::171
2620:1ec:c11::200
2a02:26f0:3500:588::1c24
52.109.88.96
04d665f864fd62714caaa53532b12d06b0e0f399dcf4926e46929773504d5f12
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
18a98be701bfa0883d89119a300ed26711c154e1f8d20fb15e4844f5d36a2643
1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
39315d6632be1e5dd83fd577d735f73d0ada5cce8cf1049a5ec25d75b3278b2b
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
51004505231d5527fb59d04a511ee1d2a1813301c7c944804d6eba6d80bd4675
519dc56ed053dbbb1df9327006ed3777c667f9c88ba36af49ae6e64fe6d4c67e
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
59773959d5389cb4e9e1cfed23e581d7652325d0d06328f607ba09a5bd5c9e09
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
6f03a2966947b5caa855d0495fe802c12548887b7bb72cdc474f5ddc922db9fa
7d7fa7fb90d87e699218623828dc3fc14eca17ea1b4f771b84acb4e4ea3ec222
814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392
922201786205da9c51ac0752e274be6614d995d39e92d18908babf44c74517c0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d035b8eddc744232f4b94a01fefb68f66a7f0f4eff10fe9bec0261e56cb26b8
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
b41b7fa3d2ecf2e4ca33b60babd9e68525a300f94dd9dba7c186f4297406609d
b5a00b910eb0d426212e34de07a1672c9037ce8ee8412bf90be211a2fd6f389d
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
bb8e5cef6ddf61013857c09ab2b0d5078dab58934d711385b216356a232045f5
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c69650ab0b68842c0938498b0be309cff9c4c246f471aac4f25af29de9147cc7
c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec88b7c3bb4d2dc332b6de92eae05f7a0638fdb00f7dbbc146e45562b9560e13
f15e833a2c9c6fb451ac5c42e51c4a366056d319fd9b569fcc85f80587161fdf

onedrive.live.com Open in urlscan Pro 13.107.42.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

48 Requests

96 %HTTPS

30 %IPv6

7 Domains

10 Subdomains

10 IPs

4 Countries

1568 kBTransfer

6863 kBSize

13 Cookies

0 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

96 %
HTTPS

30 %
IPv6

7
Domains

10
Subdomains

10
IPs

4
Countries

1568 kB
Transfer

6863 kB
Size

13
Cookies

48 HTTP transactions
0 data transactions