onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s
Submission Tags: falconsandbox
Submission: On March 27 via api (March 27th 2022, 6:03:20 pm UTC) from US — Scanned from DE

Summary HTTP 131 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 10 domains to perform 131 HTTP transactions. The main IP is 13.107.42.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com. The Cisco Umbrella rank of the primary domain is 2374.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on February 1st 2022. Valid for: a year.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2.16.186.25 2.16.186.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.81.118.91 13.81.118.91	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
16	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
78	2a02:26f0:6c0... 2a02:26f0:6c00:2a3::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2.18.232.120 2.18.232.120	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.111.225.185 104.111.225.185	16625 (AKAMAI-AS) (AKAMAI-AS)
2	20.126.153.54 20.126.153.54	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:b60... 2a02:26f0:b600:1ad::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	51.105.71.136 51.105.71.136	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:48::44 2620:1ec:48::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.90.146.78 104.90.146.78	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	13.104.208.165 13.104.208.165	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.190.159.73 20.190.159.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.109.88.96 52.109.88.96	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:6c0... 2a02:26f0:6c00:294::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
131	17

3 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.16.186.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-25.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.81.118.91 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.sfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

excel.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
shared.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

78 2a02:26f0:6c00:2a3::1c24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1h-excel-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-120.deploy.static.akamaitechnologies.com

fs.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.225.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-225-185.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.126.153.54 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mrodevicemgr.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:b600:1ad::4b36 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)

shell.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.105.71.136 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:48::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

amcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.146.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-146-78.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.104.208.165 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

storage.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.159.73 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.109.88.96 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

messaging.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:294::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1-shared-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	office.net c1h-excel-15.cdn.office.net — Cisco Umbrella Rank: 2782 shell.cdn.office.net — Cisco Umbrella Rank: 911 c1-shared-15.cdn.office.net — Cisco Umbrella Rank: 5024	4 MB
25	live.com 2 redirects onedrive.live.com — Cisco Umbrella Rank: 2374 excel.officeapps.live.com — Cisco Umbrella Rank: 5426 mrodevicemgr.officeapps.live.com — Cisco Umbrella Rank: 753 c.live.com — Cisco Umbrella Rank: 8561 storage.live.com — Cisco Umbrella Rank: 177 login.live.com — Cisco Umbrella Rank: 76 shared.officeapps.live.com — Cisco Umbrella Rank: 3019	183 KB
10	akamaihd.net spoprod-a.akamaihd.net — Cisco Umbrella Rank: 2155	345 KB
5	microsoft.com fs.microsoft.com — Cisco Umbrella Rank: 893 browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 100 browser.events.data.microsoft.com Failed	2 MB
3	sfx.ms p.sfx.ms — Cisco Umbrella Rank: 18108	12 KB
2	office.com messaging.office.com — Cisco Umbrella Rank: 610 Failed
2	sharepointonline.com static2.sharepointonline.com — Cisco Umbrella Rank: 1604	68 KB
1	live.net js.live.net — Cisco Umbrella Rank: 4016	16 KB
1	msftauth.net amcdn.msftauth.net — Cisco Umbrella Rank: 1073	9 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 193	1 KB
131	10

	Domain	Requested by
78	c1h-excel-15.cdn.office.net	excel.officeapps.live.com c1h-excel-15.cdn.office.net
15	excel.officeapps.live.com	onedrive.live.com c1h-excel-15.cdn.office.net c1-shared-15.cdn.office.net
10	spoprod-a.akamaihd.net	onedrive.live.com spoprod-a.akamaihd.net
3	fs.microsoft.com	excel.officeapps.live.com
3	p.sfx.ms	onedrive.live.com spoprod-a.akamaihd.net
3	onedrive.live.com	onedrive.live.com
2	messaging.office.com	c1h-excel-15.cdn.office.net
2	browser.pipe.aria.microsoft.com	p.sfx.ms c1h-excel-15.cdn.office.net
2	c.live.com	1 redirects
2	mrodevicemgr.officeapps.live.com	c1h-excel-15.cdn.office.net
2	static2.sharepointonline.com	excel.officeapps.live.com
1	c1-shared-15.cdn.office.net	shared.officeapps.live.com
1	shared.officeapps.live.com	c1h-excel-15.cdn.office.net
1	login.live.com
1	storage.live.com	1 redirects
1	js.live.net	c1h-excel-15.cdn.office.net
1	amcdn.msftauth.net	c1h-excel-15.cdn.office.net
1	c.bing.com	1 redirects
1	shell.cdn.office.net	c1h-excel-15.cdn.office.net
0	browser.events.data.microsoft.com Failed	c1h-excel-15.cdn.office.net
131	20

This site contains links to these domains. Also see Links.

Domain
profile.live.com

Subject Issuer	Validity	Valid
onedrive.com Microsoft RSA TLS CA 02	`2022-02-01` - `2023-02-01`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
officecdn.microsoft.com Microsoft RSA TLS CA 01	`2021-05-14` - `2022-05-14`	a year	crt.sh
*.sharepointonline.com Microsoft RSA TLS CA 01	`2021-07-08` - `2022-07-08`	a year	crt.sh
mrodevicemgr.officeapps.live.com Microsoft RSA TLS CA 02	`2021-09-15` - `2022-09-15`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 05	`2022-03-02` - `2023-02-25`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 01	`2022-02-15` - `2023-02-10`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2021-09-29` - `2022-09-29`	a year	crt.sh
messaging.office.com Microsoft RSA TLS CA 01	`2021-06-15` - `2022-06-15`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s
Frame ID: 18D410E1AC05FB01CC1A223C0AE8F030
Requests: 18 HTTP requests in this frame

Frame: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
Frame ID: 36D589EB704A91AC3E00908B3E7006A0
Requests: 111 HTTP requests in this frame

Frame: https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=d99a030c-9ec5-44d3-917a-8698a8fa146a&corrid=d3241413-948b-4ddb-bd5a-eddd06f451e8&NoAuth=true
Frame ID: B2CA5FFB36FFA78B57C3F93CD7A83636
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shipco FUME TRACKING LOG.xlsx - Microsoft Excel Online

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Hammer.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

hammer(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

131
Requests

95 %
HTTPS

33 %
IPv6

10
Domains

20
Subdomains

17
IPs

6
Countries

6659 kB
Transfer

27284 kB
Size

27
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://profile.live.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://c.live.com/c.gif?DI=15347&wlxid=1b56857d-7dca-464a-a4d6-a72ac1c0f0bd&reqid=001258f42b0&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EA8B2%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.excel%26PLT%3D4239%26IR%3D1%26EX%3D0%26L.h%3D1441%26L.bc%3D1529%26L.ac%3D1545%26L.f%3D1548%26L.sjs%3D4142%26L.ttg%3D2957%26C.st%3D1648404194084%26N.jsPlt%3D2930%26N.domIn%3D1550%26N.tcp%3D19%26N.req%3D1342%26N.resp%3D11%26N.navType%3D0%26N.redirectCount%3D0&r=0.9823471517593383 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=1b56857d-7dca-464a-a4d6-a72ac1c0f0bd&reqid=001258f42b0&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EA8B2%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.excel%26PLT%3D4239%26IR%3D1%26EX%3D0%26L.h%3D1441%26L.bc%3D1529%26L.ac%3D1545%26L.f%3D1548%26L.sjs%3D4142%26L.ttg%3D2957%26C.st%3D1648404194084%26N.jsPlt%3D2930%26N.domIn%3D1550%26N.tcp%3D19%26N.req%3D1342%26N.resp%3D11%26N.navType%3D0%26N.redirectCount%3D0&r=0.9823471517593383&CtsSyncId=144F51BD728A428FB600AAB59EB31A30&RedC=c.live.com&MXFR=0D80A09664A263583B11B1E260A26780 HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=1b56857d-7dca-464a-a4d6-a72ac1c0f0bd&reqid=001258f42b0&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EA8B2%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.excel%26PLT%3D4239%26IR%3D1%26EX%3D0%26L.h%3D1441%26L.bc%3D1529%26L.ac%3D1545%26L.f%3D1548%26L.sjs%3D4142%26L.ttg%3D2957%26C.st%3D1648404194084%26N.jsPlt%3D2930%26N.domIn%3D1550%26N.tcp%3D19%26N.req%3D1342%26N.resp%3D11%26N.navType%3D0%26N.redirectCount%3D0&r=0.9823471517593383&CtsSyncId=144F51BD728A428FB600AAB59EB31A30&MUID=0D80A09664A263583B11B1E260A26780

Request Chain 113

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1648404198839 HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1648404198&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

131 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request view.aspx Show response
onedrive.live.com/ 104 KB
34 KB 1350ms
1331ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e2f444e3812c761857852f346453a0e86195fad70ff718a1b8827d69a91b5db5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD00155D5EA8B2
x-odwebserver: canadaeast1-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A4130BBF04924CBE8C0F99C1C01E4995 Ref B: FRAEDGE1312 Ref C: 2022-03-27T18:03:14Z
date: Sun, 27 Mar 2022 18:03:14 GMT

GET
H2 200 maincss-3d633429.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002// 136 KB
26 KB 41ms
9ms Stylesheet
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002//maincss-3d633429.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 18:03:15 GMT
content-encoding: gzip
content-md5: PWM0KdjmKRxU/0cF4Kv/Uw==
content-length: 25623
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:44:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA03009E55BE1C
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: bae2998d-901e-002c-7a86-356a82000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29922937
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002// 85 KB
16 KB 51ms
18ms Stylesheet
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 18:03:15 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:52 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA0300990040FA
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 75df6223-e01e-0036-5a86-350b5d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29923131
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-7859787f.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002// 169 KB
30 KB 51ms
19ms Stylesheet
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002//filescss2-7859787f.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 18:03:15 GMT
content-encoding: gzip
content-md5: eFl4f1R1WfMJocO6wVsUhA==
content-length: 30612
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:53 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA030099A235A0
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f52cbe7f-601e-0065-4e86-352869000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29923084
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 106 KB
29 KB 140ms
139ms Script
text/javascript 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=de-DE&group=Office&v=19.773.0927.2003&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2506308409f10bf60751e3caa18ca0a833b5e430b9aaf30166a69b29eb1a1043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-msnserver: RD0004FFA73A82
x-content-type-options: nosniff
x-msedge-ref: Ref A: FE028B1B46FF44989CC0AA51F8A29E52 Ref B: FRAEDGE1312 Ref C: 2022-03-27T18:03:15Z
x-odwebserver: canadaeast1-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
date: Sun, 27 Mar 2022 18:03:14 GMT
content-encoding: gzip
expires: Mon, 27 Mar 2023 18:03:15 GMT

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 4 KB
2 KB 134ms
134ms Script
text/javascript 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=de-DE&group=GroupFolders&v=19.773.0927.2003&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

78190793a4d566a29008f260cf0154f94de0fbb7d4e98b1f9e3b090af4092452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-msnserver: RD00155D5ED576
x-content-type-options: nosniff
x-msedge-ref: Ref A: 75D0FD4C5C574C9AB800F5CB1C8719AB Ref B: FRAEDGE1312 Ref C: 2022-03-27T18:03:15Z
x-odwebserver: canadaeast1-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
date: Sun, 27 Mar 2022 18:03:14 GMT
content-encoding: gzip
expires: Mon, 27 Mar 2023 18:03:15 GMT

GET
H2 200 aria-2.5.0.min.js Show response
p.sfx.ms//storage/ 45 KB
12 KB 53ms
17ms Script
application/javascript 13.81.118.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.sfx.ms//storage/aria-2.5.0.min.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.81.118.91 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 18:03:15 GMT
content-encoding: gzip
last-modified: Fri, 04 Mar 2022 03:32:00 GMT
server: Microsoft-IIS/10.0
etag: "0b84e68782fd81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
x-odwebserver: westeurope0-odwebp
accept-ranges: bytes
x-msnserver: RD0003FF1D84C1
content-length: 12195

GET
H2 200 invis.gif
p.sfx.ms/is/ 43 B
131 B 15ms
15ms Image
image/gif 13.81.118.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.81.118.91 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 18:03:15 GMT
x-msnserver: RD0003FF1D84C1
last-modified: Fri, 04 Mar 2022 03:31:59 GMT
server: Microsoft-IIS/10.0
etag: "f26c1d68782fd81:0"
content-type: image/gif
cache-control: public,max-age=86400
x-odwebserver: westeurope0-odwebp
accept-ranges: bytes
content-length: 43

POST
H2 200 xlviewerinternal.aspx Show response
excel.officeapps.live.com/x/_layouts/ Frame 36D5 509 KB
87 KB 83ms
45ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fdec2ba0092cb989e4575e5560a255b305300e9ce00743780ccd18cbadb52983

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1-excel-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-excel-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net messaging.growth.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-excel-15.cdn.office.net c1-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' https:; child-src blob: * ms-excel: https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /x/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: d99a030c-9ec5-44d3-917a-8698a8fa146a
x-usersessionid: d99a030c-9ec5-44d3-917a-8698a8fa146a
strict-transport-security: max-age=31536000
timing-allow-origin: *
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
x-officefe: AM4PEPF00013CB0
x-officeversion: 16.0.15122.37951
x-officecluster: PNL1
x-content-type-options: nosniff
document-policy: js-profiling
cross-origin-resource-policy: cross-origin
content-security-policy: font-src data: c1-excel-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-excel-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net messaging.growth.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-excel-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' https:; child-src blob: * ms-excel: https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /x/reportcsp.ashx
reporting-endpoints: default=http://excel.officeapps.live.com/x/_layouts/BrowserReportingHandler.ashx
x-officefd: AM4PEPF0000601B
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-msedge-ref: Ref A: 519D3EBA47524F9A8DDDA2B06C70ABB1 Ref B: AM3EDGE0808 Ref C: 2022-03-27T18:03:15Z
date: Sun, 27 Mar 2022 18:03:15 GMT

GET
H2 200 EwrDefault.css
c1h-excel-15.cdn.office.net/x/s/h9F69BA07636FF0E7__layouts/Resources/1031/ Frame 36D5 130 KB
20 KB 36ms
8ms Stylesheet
text/css 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h9F69BA07636FF0E7__layouts/Resources/1031/EwrDefault.css

Requested by

Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

9f69ba07636ff0e7163cd7fdb8461f66e97da9ad1574964bdb561de16a2cc106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d4e12f3b5838d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15108.31878
x-officefe: AM4PEPF000114BD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 19545
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Tue, 15 Mar 2022 10:34:20 GMT
x-officefd: AM4PEPF000068C0
x-usersessionid: af87614e-d5f3-49b3-a212-d0fcb8424db2
date: Sun, 27 Mar 2022 18:03:15 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: af87614e-d5f3-49b3-a212-d0fcb8424db2
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelframe.css
c1h-excel-15.cdn.office.net/x/s/h9089DC0E3BA90C77__layouts/Resources/1031/ Frame 36D5 66 KB
11 KB 42ms
15ms Stylesheet
text/css 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h9089DC0E3BA90C77__layouts/Resources/1031/excelframe.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9089dc0e3ba90c7788eb46e1dccb635f171be505d82eb14d51c4f28e23c9cbeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "157acff08d34d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15108.31878
x-officefe: AM4PEPF000114C1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 10241
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 10 Mar 2022 14:48:44 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: AC7D35C5B87442F093945FD50EF51216 Ref B: AM3EDGE0308 Ref C: 2022-03-16T12:47:50Z
x-usersessionid: aa85253c-b308-464c-99ea-2e889ffbcfea
date: Sun, 27 Mar 2022 18:03:15 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: aa85253c-b308-464c-99ea-2e889ffbcfea
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/ Frame 36D5 106 KB
24 KB 43ms
16ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d8326bb4760631a8487732482af651a31c4d630a4a86a5c34e1bb44cce542e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "1b665d73473ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000068D4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23628
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 23:49:20 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 8B800128BD8B487294A9CC058A74C5D1 Ref B: AMS04EDGE2316 Ref C: 2022-03-24T01:40:15Z
x-usersessionid: 3117adf5-0b2b-4889-8fef-e6550032d4ca
date: Sun, 27 Mar 2022 18:03:15 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 3117adf5-0b2b-4889-8fef-e6550032d4ca
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.js Show response
c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/ Frame 36D5 3 MB
711 KB 43ms
42ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4a7ce19b5c1d9f9c7bbdeb396a4a54a4648357249a95506dbacd71296ba81dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"4bdb377e243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF0000690F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 725295
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:39:06 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: 21ED762733AD4ACF8753A789AADA6D5B Ref B: AM3EDGE0222 Ref C: 2022-03-22T19:39:06Z
x-usersessionid: 78ce1d82-f22e-41f8-a3cf-b2a09d30323e
date: Sun, 27 Mar 2022 18:03:15 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 78ce1d82-f22e-41f8-a3cf-b2a09d30323e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.Strings.Wac.js Show response
c1h-excel-15.cdn.office.net/x/s/hD56614BEB46CAA08__layouts/App_Scripts/1031/ Frame 36D5 109 KB
27 KB 63ms
62ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hD56614BEB46CAA08__layouts/App_Scripts/1031/Ewa.Strings.Wac.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d56614beb46caa08515c96ab706336eefdae1773fd6bff6b007dc61e62eb9242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"22fb443b5838d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15108.31878
x-officefe: AM4PEPF0000694A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27261
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 15 Mar 2022 10:34:21 GMT
x-officefd: AM4PEPF0000689F
x-msedge-ref: Ref A: E56B3E27DEBB44BB945197E6F8710DDE Ref B: AMS04EDGE3117 Ref C: 2022-03-15T10:34:20Z
x-usersessionid: d5c321ef-3afb-4ccb-b3aa-f36ef69de746
date: Sun, 27 Mar 2022 18:03:15 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: d5c321ef-3afb-4ccb-b3aa-f36ef69de746
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gridRenderer.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hE55E348498D2BD7A__layouts/App_Scripts/ Frame 36D5 593 KB
115 KB 74ms
73ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE55E348498D2BD7A__layouts/App_Scripts/gridRenderer.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e55e348498d2bd7a827ca6e3694c6e88c362b9a1a4972a80b22a66a3ae822406

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "b68ad371473ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000068D5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 117314
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 23:49:18 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: FAB20157CDBD4BA581E92FA05E1B3991 Ref B: AM3EDGE0605 Ref C: 2022-03-26T23:35:39Z
x-usersessionid: 30dfc5d3-0d36-4b28-94e7-4a5c97b69f21
date: Sun, 27 Mar 2022 18:03:15 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 30dfc5d3-0d36-4b28-94e7-4a5c97b69f21
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clientManifest.js Show response
c1h-excel-15.cdn.office.net/x/s/hCE8CB7872B3B4F8D__layouts/Resources/de-DE/ Frame 36D5 111 KB
39 KB 82ms
55ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hCE8CB7872B3B4F8D__layouts/Resources/de-DE/clientManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ce8cb7872b3b4f8d0caa8724d6989c501926372e18c460a4e9ec201f359d4671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"92331c52283ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068EB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 39095
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 20:06:30 GMT
x-officefd: AM4PEPF0000601B
x-msedge-ref: Ref A: 972C8356783B419BA001AEBB2C905D69 Ref B: AM3EDGE0409 Ref C: 2022-03-22T20:06:30Z
x-usersessionid: 6ab8b19e-6c36-463f-a87d-6048072b91ff
date: Sun, 27 Mar 2022 18:03:15 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 6ab8b19e-6c36-463f-a87d-6048072b91ff
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 richTextEditor.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h6B41D99B9EA46A0F__layouts/App_Scripts/ Frame 36D5 302 KB
60 KB 46ms
19ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h6B41D99B9EA46A0F__layouts/App_Scripts/richTextEditor.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6b41d99b9ea46a0f11bae24082fb4123d75adeba2c664add1c3837838bf1e2e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"4c3f8a2f5838d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15108.31878
x-officefe: DB5PEPF0000830E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 60751
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 15 Mar 2022 10:34:01 GMT
x-officefd: DB5PEPF000082B6
x-msedge-ref: Ref A: 7D0504A4BBEB44CD9FEE0179A8D561CF Ref B: AM3EDGE0608 Ref C: 2022-03-15T10:34:01Z
x-usersessionid: 1d1048ed-6d14-49e1-852a-ca4bbb4deff9
date: Sun, 27 Mar 2022 18:03:15 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 1d1048ed-6d14-49e1-852a-ca4bbb4deff9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.bootCommon.js Show response
c1h-excel-15.cdn.office.net/x/s/h9DAD37ACBD7379D5__layouts/App_Scripts/ Frame 36D5 302 KB
72 KB 51ms
25ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h9DAD37ACBD7379D5__layouts/App_Scripts/EwaDS.bootCommon.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9dad37acbd7379d5c59ce5446af219921c1515a7682af7991a2228b397840abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e01e247e243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00013CB2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 72528
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:39:06 GMT
x-officefd: AM4PEPF000068B2
x-msedge-ref: Ref A: B4F45483260C4CF8BA552A57CBB1AC0D Ref B: AM3EDGE0816 Ref C: 2022-03-22T19:39:06Z
x-usersessionid: f5ed715a-7317-4d4b-a52a-40b6e2b390df
date: Sun, 27 Mar 2022 18:03:15 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f5ed715a-7317-4d4b-a52a-40b6e2b390df
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.CommonIntl.js Show response
c1h-excel-15.cdn.office.net/x/s/h40A6CF021A1D9ADF__layouts/App_Scripts/1031/ Frame 36D5 144 KB
31 KB 52ms
25ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h40A6CF021A1D9ADF__layouts/App_Scripts/1031/EwaDS.CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b6a2dad9ce99d887707f27c547081c333b8f7cf7060be8fbd022432e24190c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "af676cc92439d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000114B5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 30883
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 10:58:36 GMT
x-officefd: AM4PEPF0000601B
x-msedge-ref: Ref A: 641B0151FAB24BBE80852ACC3B2579A0 Ref B: AMS04EDGE3310 Ref C: 2022-03-22T21:37:09Z
x-usersessionid: 82687821-3d0d-4267-9a5d-1c0bdf33d6fe
date: Sun, 27 Mar 2022 18:03:15 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 82687821-3d0d-4267-9a5d-1c0bdf33d6fe
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 runtime.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h0C8859C5B255671E__layouts/App_Scripts/ Frame 36D5 30 KB
9 KB 57ms
31ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h0C8859C5B255671E__layouts/App_Scripts/runtime.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0c8859c5b255671e1b3c4df346e10a2a3dfa210f16a971c37f40203becf7650f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "92e6e701d39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000114B3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 8197
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Wed, 16 Mar 2022 10:06:01 GMT
x-officefd: AM4PEPF0000689F
x-msedge-ref: Ref A: 593EEFC40ED44DBF8F2D42AEA6CF520A Ref B: AM3EDGE0713 Ref C: 2022-03-22T21:01:54Z
x-usersessionid: 279258e0-df62-471a-b067-34aa725859b1
date: Sun, 27 Mar 2022 18:03:15 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 279258e0-df62-471a-b067-34aa725859b1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChrome.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h641576774382E2D2__layouts/App_Scripts/ Frame 36D5 133 KB
30 KB 62ms
36ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h641576774382E2D2__layouts/App_Scripts/appChrome.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

641576774382e2d2772470bd1fcb9b8db540b657153735d0d869818e471880e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"98a9172f5838d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15108.31878
x-officefe: DB5PEPF0000C9F8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 29732
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 15 Mar 2022 10:34:00 GMT
x-officefd: DB5PEPF00006494
x-msedge-ref: Ref A: B8BC8DE844AD41598B679E32347BFB63 Ref B: AMS04EDGE1215 Ref C: 2022-03-15T10:34:00Z
x-usersessionid: 68315cb4-1fc2-45a1-a887-529bf2131743
date: Sun, 27 Mar 2022 18:03:15 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 68315cb4-1fc2-45a1-a887-529bf2131743
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h16F030A4B29F73AD__layouts/App_Scripts/ Frame 36D5 2 MB
331 KB 61ms
35ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h16F030A4B29F73AD__layouts/App_Scripts/common.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

16f030a4b29f73adb647fafd48f057a55f6979e872d0bf6186e1836c260d01ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"93f3112f5838d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15108.31878
x-officefe: AM4PEPF0000690F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 337219
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 15 Mar 2022 10:34:00 GMT
x-officefd: AM4PEPF000068B8
x-msedge-ref: Ref A: 0B181049011D48CDA3FF05BBA1858DA8 Ref B: AM3EDGE0112 Ref C: 2022-03-15T10:34:00Z
x-usersessionid: 90864c41-2525-440a-9a42-8cd06750a9a8
date: Sun, 27 Mar 2022 18:03:15 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 90864c41-2525-440a-9a42-8cd06750a9a8
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-app-intl.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hFA8FF5F44BA6AD0C__layouts/App_Scripts/1031/ Frame 36D5 438 KB
71 KB 58ms
32ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hFA8FF5F44BA6AD0C__layouts/App_Scripts/1031/excel-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa8ff5f44ba6ad0ccd79257e352b9fb064b61741a37cb438bebe7a960630e3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d2bb3c5838d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15108.31878
x-officefe: AM4PEPF00006929
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 71396
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 15 Mar 2022 10:34:22 GMT
x-officefd: AM4PEPF0000601C
x-msedge-ref: Ref A: CE62CA1FB9734F1D9899FA4377A44B70 Ref B: AM3EDGE0207 Ref C: 2022-03-15T10:34:22Z
x-usersessionid: e488c6b6-88c2-4de2-a8e4-23d87baa9635
date: Sun, 27 Mar 2022 18:03:15 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e488c6b6-88c2-4de2-a8e4-23d87baa9635
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-app-mlr-sprite.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h1EDF9A1D4BD467C3__layouts/App_Scripts/1031/ Frame 36D5 74 KB
13 KB 69ms
43ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1EDF9A1D4BD467C3__layouts/App_Scripts/1031/excel-app-mlr-sprite.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1edf9a1d4bd467c3052c686496fe979ff5c8811c3a121039ca73de29b1708181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "d21daae42a39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006931
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 12114
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 11:42:19 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 8B63CC91B5AE4EC8BC041EC92855FC10 Ref B: AMS04EDGE2112 Ref C: 2022-03-16T12:42:35Z
x-usersessionid: db9da98d-1b9d-4fe0-b68f-9861990eab88
date: Sun, 27 Mar 2022 18:03:15 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: db9da98d-1b9d-4fe0-b68f-9861990eab88
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 36D5 376 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46689198526f176cb3bb2881be2e8f1273be7293fea0625f2c3bfa2058c9b422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 segoeui.woff
c1h-excel-15.cdn.office.net/x/s/h9089DC0E3BA90C77__layouts/Resources/1031/ Frame 36D5 22 KB
23 KB 10ms
10ms Font
font/x-woff 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h9089DC0E3BA90C77__layouts/Resources/1031/segoeui.woff

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h9089DC0E3BA90C77__layouts/Resources/1031/excelframe.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-excel-15.cdn.office.net/x/s/h9089DC0E3BA90C77__layouts/Resources/1031/excelframe.css
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"1fac213b913ed81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15122.37951
x-officefe: DB5PEPF000082F9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 23 Mar 2022 08:37:29 GMT
x-officefd: DB5PEPF0000C266
x-msedge-ref: Ref A: 68CE156F600447D3A8B60A79043E8E25 Ref B: AM3EDGE0705 Ref C: 2022-03-23T08:37:28Z
x-usersessionid: af3f3e09-c4a7-423e-a3db-5145799846c1
date: Sun, 27 Mar 2022 18:03:16 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: af3f3e09-c4a7-423e-a3db-5145799846c1
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 44327025345
fs.microsoft.com/fs/4.7/rawguids/ Frame 36D5 1 MB
715 KB 53ms
18ms Font
application/octet-stream 2.18.232.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.7/rawguids/44327025345
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-120.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1522f5c0f14d035c42540d84ad4d00d92b72240e91784c15c59e12921a1f0d79

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 18:03:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 19:13:07 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "126af7eedbe3d31:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=37771
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=44327025345
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

GET
BLOB 200
OK 57c7f1fd-9656-4a0d-993c-914adab98016
https://excel.officeapps.live.com/ Frame 36D5 193 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://excel.officeapps.live.com/57c7f1fd-9656-4a0d-993c-914adab98016
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59907d235249104f28b2bb48afe9f2d040db51a4fec78b180f075f9d576930e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 193
Content-Type: application/javascript

GET
H2 200 EwaDS.tmcore.js Show response
c1h-excel-15.cdn.office.net/x/s/h3326BA6DB7C7146F__layouts/App_Scripts/ Frame 36D5 22 KB
7 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h3326BA6DB7C7146F__layouts/App_Scripts/EwaDS.tmcore.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3326ba6db7c7146fd0236a77dc2ad34e62e8585a5449809addb89077cd1b44ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"b52bf67e243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 6804
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Tue, 22 Mar 2022 19:39:07 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: 59340923506640A5AC0CFEEDDB9F35DD Ref B: AM3EDGE0717 Ref C: 2022-03-22T19:39:07Z
x-usersessionid: f4524215-8646-451a-97bb-900052e40292
date: Sun, 27 Mar 2022 18:03:16 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f4524215-8646-451a-97bb-900052e40292
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelOnline.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hACAB474DE0621594__layouts/App_Scripts/ Frame 36D5 9 KB
3 KB 11ms
10ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hACAB474DE0621594__layouts/App_Scripts/excelOnline.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

acab474de06215947505c5386cafff21b6de5d3aab784d05c15abc10edde9b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"55c9da2e5838d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15108.31878
x-officefe: AM4PEPF00006919
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2580
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 15 Mar 2022 10:34:00 GMT
x-officefd: AM4PEPF000068A6
x-msedge-ref: Ref A: EB26AFC7B466482CA5CF5665EF120039 Ref B: AM3EDGE0215 Ref C: 2022-03-15T10:34:00Z
x-usersessionid: 6ea633b0-be22-42f0-a6d7-4268eb50be19
date: Sun, 27 Mar 2022 18:03:16 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 6ea633b0-be22-42f0-a6d7-4268eb50be19
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 50941620409
fs.microsoft.com/fs/4.7/rawguids/ Frame 36D5 910 KB
495 KB 23ms
23ms Font
application/octet-stream 2.18.232.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.7/rawguids/50941620409
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-120.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eb0ab622969875cccbaa658809cc6df6bfd73846f9c6c5e80774936cbc52845c

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 18:03:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 19:13:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "4433202dce3d31:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=58150
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=50941620409
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 36D5 0
2 KB 123ms
122ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15122.37951&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wNwF1vcLoudGRtWv5yroMVYxtJ7PoeRcasRB0LwaKQG4jkB2XdKiTcPaTudKYrZ-sNPW4B31kAV98VUQ4z5tTldH6IF_KipwBw3aH1g2Qi4Xz124C4VXr7IcwWzbxYneZ9P0hHwbU6c2TAnxKINvZmPbSgHvX6c-M8D7UVz8sR-o
X-UserSessionId: d99a030c-9ec5-44d3-917a-8698a8fa146a
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15122.37951
X-Key: BwEM4ZSUpakeOjEOObe+pOiqZHFW7OzA52X1JQrqUw4=,637840009959259224
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1650218595316
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.15123.35051
x-officefe: BL6PEPF0000C611
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 92C3AEFEB80AAA1E848104E31CB64811FC891720
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-buls-suppressedtags: 378069,1671813,2209344,3290144,4298965,4298968,4298969,4751696,5306497,5904476,6375195,6572226,6948167,7463498,17085210,17085216,17162522,17358857,19743902,21627712,21631370,22401293,22410500,22598977,22680210,22680213,22680214,22836558,22946650,23909858,24401375,24462656,24515087,25514973,33592839,34388130,35682372,36472266,36546380,36546381,36546382,36569418,36708451,36773964,36791688,36811158,36811159,36963655,37288035,37876293,37876294,37889309,38293640,38535900,38543496,38580697,38637954,38922202,39076766,39076767,39105358,39613840,39966341,40437001,40935455,41003225,41207258,41502555,41711299,41952657,41964885,42272991,42496725,42513088,42815875,42857251,50406866,50431969,50619726,50622685,50622687,51451613,51504083,51667010,538543587,539874723,540378699,540378700,542700237,542994947,545783884,557077970,557389507,557670930,558735363,559423838,559424262,559486496,559760215,559760216,570507662,571549507,571786073,571786074,574468116,575157663,575157664,575157665,575157666,575157667,575157696,575157697,575157698,575157699,575157700,575157701,575157702,577295376,577626581,577831138,578164000,587862985,591684683,591729363,592259104,592556551,592843145,593780815,593838232,594134597,594392640,594392649,594392666,594396706,594830612,595137156,595714715,595895774,596115913,596444186,596464289,845836083,845836084,845836085,846166132,876178018,963472182,1630679666,1630679667,1633958006,1647605351,1664576567,1698260075,1718235956,1765045358,1802139698,1986689397,1986689633,1986689647,1986748791,1986748793,1986749030,1986749288,1986749546,2004443760,2004444278,2004448354
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 4030c050-66f7-4796-bbfd-51ca95b520bb
x-officefd: BL6PEPF0000C611
x-usersessionid: d99a030c-9ec5-44d3-917a-8698a8fa146a
date: Sun, 27 Mar 2022 18:03:16 GMT
x-download-options: noopen
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 83913755EFF5472FBF76D8827DBE1CD8 Ref B: AM3EDGE0808 Ref C: 2022-03-27T18:03:16Z

GET
H2 200 GetRangeContentJson Show response
excel.officeapps.live.com/x/_vti_bin/DynamicGridContent.json/ Frame 36D5 110 KB
9 KB 63ms
63ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_vti_bin/DynamicGridContent.json/GetRangeContentJson?context=%7B%22WorkbookMetadataParameter%22%3A%7B%22WorkbookMetadataState%22%3A%7B%22MetadataVersion%22%3A0%2C%22ServerEventVersion%22%3A0%7D%7D%2C%22ClientRequestId%22%3A%22c55bd0d6-103d-4caf-88c0-9aacaecba37d%22%2C%22MakeInstantaneousChange%22%3Afalse%2C%22SessionId%22%3A%2215.AM4PEPF00013CB01.A81.1.V25.57992fvmOaeEuoIpYnPkejFYa14.5.de-DE5.en-US24.15a8a2fd9a14087e-Private1.S1.N16.16.0.15122.3795114.5.de-DE5.en-US1.V1.N0.1.S%22%2C%22TransientEditSessionToken%22%3Anull%2C%22PermissionFlags%22%3A786367%2C%22Configurations%22%3A1573648%2C%22CompleteResponseTimeout%22%3A0%2C%22IsWindowHidden%22%3Afalse%2C%22MachineCluster%22%3A%22PNL1%22%2C%22AjaxOptions%22%3A0%2C%22ReturnSheetProcessedData%22%3Afalse%7D&ewaControlId=%22m_excelWebRenderer_ewaCtl_m_ewa%22&currentObject=%22Tracking%22&namedObjectViewData=%7B%22Mode%22%3A1%2C%22Settings%22%3A0%7D&row=756&column=0&rowCount=28&columnCount=30&blockPosition=%7B%22X%22%3A0%2C%22Y%22%3A27%2C%22PaneType%22%3A1%7D&revision=0&previousRevision=-1&digest=%22%22&renderingOptions=24&colorScheme=null&ecsSpreadsheetDigest=null&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b10413127c803f6bd4a20e065feeb034b3e1cfdd07ff49f542d0b91080c45d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacNoAuth: 1
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15122.37951
X-Key: BwEM4ZSUpakeOjEOObe+pOiqZHFW7OzA52X1JQrqUw4=,637840009959259224
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-XL-SessionId: 15.AM4PEPF00013CB01.A81.1.V25.57992fvmOaeEuoIpYnPkejFYa14.5.de-DE5.en-US24.15a8a2fd9a14087e-Private1.S1.N16.16.0.15122.3795114.5.de-DE5.en-US1.V1.N0.1.S
haep: 1
X-AccessToken: 4wNwF1vcLoudGRtWv5yroMVYxtJ7PoeRcasRB0LwaKQG4jkB2XdKiTcPaTudKYrZ-sNPW4B31kAV98VUQ4z5tTldH6IF_KipwBw3aH1g2Qi4Xz124C4VXr7IcwWzbxYneZ9P0hHwbU6c2TAnxKINvZmPbSgHvX6c-M8D7UVz8sR-o
X-UserSessionId: d99a030c-9ec5-44d3-917a-8698a8fa146a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json; charset=utf-8
X-ClientBootEpochTimeStamp: 1648404195.9259224
X-CorrelationId: 1cb6a44a-f6f6-46d8-a847-d8f7670b2e6a
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
X-UserType: WOPI
X-AccessTokenTtl: 1650218595316
X-WacCluster: PNL1

Response headers

xlsecsid: AM4PEPF00013CB0
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00013CB0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
xlswfecid: 1cb6a44a-f6f6-46d8-a847-d8f7670b2e6a
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 8624
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 1cb6a44a-f6f6-46d8-a847-d8f7670b2e6a
x-officefd: AM4PEPF0000601A
x-usersessionid: d99a030c-9ec5-44d3-917a-8698a8fa146a
date: Sun, 27 Mar 2022 18:03:16 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, max-age=604800
xlsecscid: 1cb6a44a-f6f6-46d8-a847-d8f7670b2e6a
x-msedge-ref: Ref A: 4A59813C29AF4CC292B85333B868E98F Ref B: AM3EDGE0808 Ref C: 2022-03-27T18:03:16Z
timing-allow-origin: *

GET
H2 200 GetRangeContentJson Show response
excel.officeapps.live.com/x/_vti_bin/DynamicGridContent.json/ Frame 36D5 79 KB
7 KB 60ms
59ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_vti_bin/DynamicGridContent.json/GetRangeContentJson?context=%7B%22WorkbookMetadataParameter%22%3A%7B%22WorkbookMetadataState%22%3A%7B%22MetadataVersion%22%3A0%2C%22ServerEventVersion%22%3A0%7D%7D%2C%22ClientRequestId%22%3A%2289d01e70-e567-4e43-b201-4de81fe3b8b7%22%2C%22MakeInstantaneousChange%22%3Afalse%2C%22SessionId%22%3A%2215.AM4PEPF00013CB01.A81.1.V25.57992fvmOaeEuoIpYnPkejFYa14.5.de-DE5.en-US24.15a8a2fd9a14087e-Private1.S1.N16.16.0.15122.3795114.5.de-DE5.en-US1.V1.N0.1.S%22%2C%22TransientEditSessionToken%22%3Anull%2C%22PermissionFlags%22%3A786367%2C%22Configurations%22%3A1573648%2C%22CompleteResponseTimeout%22%3A0%2C%22IsWindowHidden%22%3Afalse%2C%22MachineCluster%22%3A%22PNL1%22%2C%22AjaxOptions%22%3A0%2C%22ReturnSheetProcessedData%22%3Afalse%7D&ewaControlId=%22m_excelWebRenderer_ewaCtl_m_ewa%22&currentObject=%22Tracking%22&namedObjectViewData=%7B%22Mode%22%3A1%2C%22Settings%22%3A0%7D&row=756&column=30&rowCount=28&columnCount=30&blockPosition=%7B%22X%22%3A1%2C%22Y%22%3A27%2C%22PaneType%22%3A1%7D&revision=0&previousRevision=-1&digest=%22%22&renderingOptions=24&colorScheme=null&ecsSpreadsheetDigest=null&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f46bfed3183b73f0fdf0917cbf14cca64fb8bfc4483067a3d964acc122b5f615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacNoAuth: 1
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15122.37951
X-Key: BwEM4ZSUpakeOjEOObe+pOiqZHFW7OzA52X1JQrqUw4=,637840009959259224
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-XL-SessionId: 15.AM4PEPF00013CB01.A81.1.V25.57992fvmOaeEuoIpYnPkejFYa14.5.de-DE5.en-US24.15a8a2fd9a14087e-Private1.S1.N16.16.0.15122.3795114.5.de-DE5.en-US1.V1.N0.1.S
haep: 1
X-AccessToken: 4wNwF1vcLoudGRtWv5yroMVYxtJ7PoeRcasRB0LwaKQG4jkB2XdKiTcPaTudKYrZ-sNPW4B31kAV98VUQ4z5tTldH6IF_KipwBw3aH1g2Qi4Xz124C4VXr7IcwWzbxYneZ9P0hHwbU6c2TAnxKINvZmPbSgHvX6c-M8D7UVz8sR-o
X-UserSessionId: d99a030c-9ec5-44d3-917a-8698a8fa146a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json; charset=utf-8
X-ClientBootEpochTimeStamp: 1648404195.9259224
X-CorrelationId: 3e13eb98-55eb-4368-8839-0be902dcd78d
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
X-UserType: WOPI
X-AccessTokenTtl: 1650218595316
X-WacCluster: PNL1

Response headers

xlsecsid: AM4PEPF00013CB0
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00013CB0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
xlswfecid: 3e13eb98-55eb-4368-8839-0be902dcd78d
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 7150
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 3e13eb98-55eb-4368-8839-0be902dcd78d
x-officefd: AM4PEPF000068AF
x-usersessionid: d99a030c-9ec5-44d3-917a-8698a8fa146a
date: Sun, 27 Mar 2022 18:03:16 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, max-age=604800
xlsecscid: 3e13eb98-55eb-4368-8839-0be902dcd78d
x-msedge-ref: Ref A: AE7E9BB7491E4223AE49D4793531AEF4 Ref B: AM3EDGE0808 Ref C: 2022-03-27T18:03:16Z
timing-allow-origin: *

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 36D5 35 KB
36 KB 29ms
7ms Font
application/font-woff2 104.111.225.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.225.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-185.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 18:03:16 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: acf6ab5b-401e-0096-046c-528ffc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=4952953
x-ms-version: 2009-09-19
content-length: 36344

GET
DATA 200
OK truncated
/ Frame 36D5 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 excel-app-intl-lazy-exp.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h1FEF7F05728EC225__layouts/App_Scripts/1031/ Frame 36D5 470 KB
61 KB 10ms
10ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1FEF7F05728EC225__layouts/App_Scripts/1031/excel-app-intl-lazy-exp.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1fef7f05728ec2255b4080da354264828b77aadcc378f6faa7cb2b273661b604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "c259e3b3413ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00006930
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 61632
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 23:08:11 GMT
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: AB85B2F1B45D4EFCA95D3629167DE8A4 Ref B: AMS04EDGE2922 Ref C: 2022-03-26T18:36:08Z
x-usersessionid: f4474b9e-263d-4ded-9f91-1f15f7b325cc
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f4474b9e-263d-4ded-9f91-1f15f7b325cc
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common50.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h8FFC4C16FF17B6EB__layouts/App_Scripts/ Frame 36D5 1 MB
228 KB 12ms
12ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h8FFC4C16FF17B6EB__layouts/App_Scripts/common50.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h0C8859C5B255671E__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8ffc4c16ff17b6ebe7bf2a751d6f1014e123185f64c4e79a22c9526126c9f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"c3d41d7f243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000114BB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 232562
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:39:07 GMT
x-officefd: AM4PEPF0001041A
x-msedge-ref: Ref A: 4643F60534D7497393ED2B5F16EFC73D Ref B: AMS04EDGE1618 Ref C: 2022-03-22T19:39:07Z
x-usersessionid: b26d3cee-6540-402d-9d20-c78109684b26
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b26d3cee-6540-402d-9d20-c78109684b26
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChromeLazy.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h6701F3250807B619__layouts/App_Scripts/ Frame 36D5 412 KB
94 KB 22ms
22ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h6701F3250807B619__layouts/App_Scripts/appChromeLazy.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h0C8859C5B255671E__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6701f3250807b619bb6d1d7e79f04eefb1c371a165bf5dcb48d3698c05240515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"4e887f2f5838d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15108.31878
x-officefe: DB5PEPF0000D65B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 95775
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 15 Mar 2022 10:34:01 GMT
x-officefd: DB5PEPF00006493
x-msedge-ref: Ref A: A5D1C1421DD145FBA28DE983C474B953 Ref B: AMS04EDGE3111 Ref C: 2022-03-15T10:34:01Z
x-usersessionid: 552b9619-762d-43c4-9d2e-b6fbaf4acf47
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 552b9619-762d-43c4-9d2e-b6fbaf4acf47
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.tm.js Show response
c1h-excel-15.cdn.office.net/x/s/hCF7E351CC75D0150__layouts/App_Scripts/ Frame 36D5 180 KB
43 KB 27ms
26ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hCF7E351CC75D0150__layouts/App_Scripts/EwaDS.tm.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cf7e351cc75d0150ed68e7cb699ed9d70e9f2207d7701447485f2e7376df70e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"adc4257f243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006903
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 43339
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:39:08 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: 25EAAC2E35854B65BD5D231DAF5C19A0 Ref B: AMS04EDGE1617 Ref C: 2022-03-22T19:39:07Z
x-usersessionid: 505b5088-7af2-4fdb-9d0e-2a2e2853fc0f
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 505b5088-7af2-4fdb-9d0e-2a2e2853fc0f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.otherCommon.js Show response
c1h-excel-15.cdn.office.net/x/s/hF7880C04F3B9633A__layouts/App_Scripts/ Frame 36D5 207 KB
51 KB 35ms
35ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF7880C04F3B9633A__layouts/App_Scripts/EwaDS.otherCommon.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f7880c04f3b9633a9ef7373e88312b7311dc4307b909f38fc63397a7cfbca349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"edff207f243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000114B9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 51828
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Tue, 22 Mar 2022 19:39:08 GMT
x-officefd: AM4PEPF0000601B
x-msedge-ref: Ref A: 3D5C5F5F5825413D81A927C7D1C99570 Ref B: AMS04EDGE1206 Ref C: 2022-03-22T19:39:07Z
x-usersessionid: a8daebc2-1003-43cc-97e9-d7e14971ee3c
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a8daebc2-1003-43cc-97e9-d7e14971ee3c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.acc.js Show response
c1h-excel-15.cdn.office.net/x/s/h6470AF6D2E569252__layouts/App_Scripts/ Frame 36D5 307 KB
71 KB 37ms
36ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h6470AF6D2E569252__layouts/App_Scripts/EwaDS.acc.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6470af6d2e569252f7ade50b536add4840b0d4eb03f3cade487bfd062c273253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7c64207f243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00013CB7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 71395
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_powerpointslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:39:08 GMT
x-officefd: AM4PEPF000068B7
x-msedge-ref: Ref A: 27980B94E795424D8113948155A5DB1D Ref B: AM3EDGE0514 Ref C: 2022-03-22T19:39:07Z
x-usersessionid: 5383effa-3c8e-4e79-b8b3-f413e150b964
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5383effa-3c8e-4e79-b8b3-f413e150b964
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.cuixas.js Show response
c1h-excel-15.cdn.office.net/x/s/h6265B1577D9A1DC1__layouts/App_Scripts/ Frame 36D5 637 KB
126 KB 38ms
38ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h6265B1577D9A1DC1__layouts/App_Scripts/EwaDS.cuixas.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6265b1577d9a1dc1197b0fc02ef2f0c1f6fb9284e529564dc7bbe495bf727fea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "bbea89de193ed81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF0000603A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 128026
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Tue, 22 Mar 2022 18:23:03 GMT
x-officefd: AM4PEPF00006035
x-msedge-ref: Ref A: 8B35ECB835514F65A56A31E470381785 Ref B: AM3EDGE0712 Ref C: 2022-03-22T19:39:07Z
x-usersessionid: de0fbd1d-6059-42f7-bf6c-d8ee26bc655a
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: de0fbd1d-6059-42f7-bf6c-d8ee26bc655a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.FileMenuSlr.js Show response
c1h-excel-15.cdn.office.net/x/s/h20980A65C7B4760A__layouts/App_Scripts/1031/ Frame 36D5 16 KB
3 KB 41ms
41ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h20980A65C7B4760A__layouts/App_Scripts/1031/Ewa.FileMenuSlr.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

20980a65c7b4760aa7b34cd4d40966730ca8422a919feedb8b39ddd95820fd8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "f294ce293539d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00013CBD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2533
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 12:55:50 GMT
x-officefd: AM4PEPF0001041A
x-msedge-ref: Ref A: 3438B013EE9E44EABC8737CC06CC48DB Ref B: AM3EDGE0422 Ref C: 2022-03-22T04:27:33Z
x-usersessionid: 06484cbb-47a1-41ec-a561-55bebfe1b207
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 06484cbb-47a1-41ec-a561-55bebfe1b207
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 36D5 31 KB
32 KB 14ms
14ms Font
application/font-woff2 104.111.225.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.225.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-185.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 18:03:17 GMT
last-modified: Thu, 26 Oct 2017 19:02:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ZtEeVbekE932qE6Fhpfntg==
etag: 0x8D51CA4122953A7
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 7e674b6c-001e-0087-216e-521548000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=4954083
x-ms-version: 2009-09-19
content-length: 31824

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 36D5 0
314 B 122ms
121ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15122.37951&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wNwF1vcLoudGRtWv5yroMVYxtJ7PoeRcasRB0LwaKQG4jkB2XdKiTcPaTudKYrZ-sNPW4B31kAV98VUQ4z5tTldH6IF_KipwBw3aH1g2Qi4Xz124C4VXr7IcwWzbxYneZ9P0hHwbU6c2TAnxKINvZmPbSgHvX6c-M8D7UVz8sR-o
X-UserSessionId: d99a030c-9ec5-44d3-917a-8698a8fa146a
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15122.37951
X-Key: BwEM4ZSUpakeOjEOObe+pOiqZHFW7OzA52X1JQrqUw4=,637840009959259224
X-bULS-SuppressionETag: 92C3AEFEB80AAA1E848104E31CB64811FC891720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1650218595316
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.15123.35051
x-officefe: BL6PEPF0000BA20
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 92C3AEFEB80AAA1E848104E31CB64811FC891720
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: 8a6eb15b-e5b5-4ab5-b7e3-84034b987107
x-officefd: BL6PEPF0000BA20
x-usersessionid: d99a030c-9ec5-44d3-917a-8698a8fa146a
date: Sun, 27 Mar 2022 18:03:17 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 348F4599244040CA847B12A1D0570CDF Ref B: AM3EDGE0808 Ref C: 2022-03-27T18:03:17Z

GET
H2 200 Ewa.StatusBar.js Show response
c1h-excel-15.cdn.office.net/x/s/hBA12DD359D28C571__layouts/App_Scripts/1031/ Frame 36D5 12 KB
2 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hBA12DD359D28C571__layouts/App_Scripts/1031/Ewa.StatusBar.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ba12dd359d28c571b1cd2348ace33ecd165582cc04adb05a1ce114c9704efcb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "5f632264473ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000114BE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1766
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 23:48:55 GMT
x-officefd: AM4PEPF000068B2
x-msedge-ref: Ref A: 38F1CE82573A424187A0E1ADA9EB43A8 Ref B: AMS04EDGE2010 Ref C: 2022-03-26T18:09:11Z
x-usersessionid: 769c7767-54df-43f7-aee2-e1bedbf8908f
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 769c7767-54df-43f7-aee2-e1bedbf8908f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common50.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h8FFC4C16FF17B6EB__layouts/App_Scripts/ Frame 36D5 1 MB
228 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h8FFC4C16FF17B6EB__layouts/App_Scripts/common50.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8ffc4c16ff17b6ebe7bf2a751d6f1014e123185f64c4e79a22c9526126c9f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"c3d41d7f243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000114BB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 232562
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:39:07 GMT
x-officefd: AM4PEPF0001041A
x-msedge-ref: Ref A: 4643F60534D7497393ED2B5F16EFC73D Ref B: AMS04EDGE1618 Ref C: 2022-03-22T19:39:07Z
x-usersessionid: b26d3cee-6540-402d-9d20-c78109684b26
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b26d3cee-6540-402d-9d20-c78109684b26
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 interactivity.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hF1F48C1C7469E672__layouts/App_Scripts/ Frame 36D5 36 KB
8 KB 26ms
26ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF1F48C1C7469E672__layouts/App_Scripts/interactivity.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f1f48c1c7469e6721f9617d81b13a0272311b02b67440c497bef1b534ca14436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"8ed11e3c5838d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15108.31878
x-officefe: DB5PEPF00008318
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 7316
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 15 Mar 2022 10:34:22 GMT
x-officefd: DB5PEPF000082C7
x-msedge-ref: Ref A: 1296FFE442644181AC922FD7C3294E24 Ref B: AMS04EDGE1206 Ref C: 2022-03-15T10:34:22Z
x-usersessionid: f7e846e0-383a-4b8e-91c1-5038a732dcb4
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f7e846e0-383a-4b8e-91c1-5038a732dcb4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaCommon.png
c1h-excel-15.cdn.office.net/x/s/h2F95CDDC41D79343__layouts/Resources/1031/ Frame 36D5 19 KB
19 KB 8ms
8ms Image
image/png 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2F95CDDC41D79343__layouts/Resources/1031/EwaCommon.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2f95cddc41d79343acd4194569538eb07ae5bdd1ec90469253f41ee5db530b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "4c70ad5a1e39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 19229
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Wed, 16 Mar 2022 10:12:34 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: 5E1AEB5D76164C3F9B6B559EC678AFFE Ref B: AM3EDGE0614 Ref C: 2022-03-19T07:04:47Z
x-usersessionid: 4d32aa17-117b-41a1-a2c4-e3a65ad4762b
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 4d32aa17-117b-41a1-a2c4-e3a65ad4762b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/ 92 KB
33 KB 37ms
8ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 18:03:17 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:44:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA03009D7876E1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e299c8eb-001e-002e-2379-35d43a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29917807
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac_s_office-ec0768dc.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/ 335 KB
102 KB 40ms
13ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac_s_office-ec0768dc.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 59e1ecc15f7639121d99a75dce05be39a43630398ff19de0258b0f5e1cfcbdb1

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 18:03:17 GMT
content-encoding: gzip
content-md5: 7Ado3M0q7A+Lv1sYG3wtIA==
content-length: 103797
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:44:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA0300A3B0DFB4
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3af42182-401e-0000-4a86-35862d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29923076
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 36D5 0
358 B 103ms
103ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15122.37951&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wNwF1vcLoudGRtWv5yroMVYxtJ7PoeRcasRB0LwaKQG4jkB2XdKiTcPaTudKYrZ-sNPW4B31kAV98VUQ4z5tTldH6IF_KipwBw3aH1g2Qi4Xz124C4VXr7IcwWzbxYneZ9P0hHwbU6c2TAnxKINvZmPbSgHvX6c-M8D7UVz8sR-o
X-UserSessionId: d99a030c-9ec5-44d3-917a-8698a8fa146a
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15122.37951
X-Key: BwEM4ZSUpakeOjEOObe+pOiqZHFW7OzA52X1JQrqUw4=,637840009959259224
X-bULS-SuppressionETag: 92C3AEFEB80AAA1E848104E31CB64811FC891720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1650218595316
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.15123.35051
x-officefe: BL6PEPF0000BA61
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 92C3AEFEB80AAA1E848104E31CB64811FC891720
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: faa9c424-a071-44a3-a982-0b69b69c22ca
x-officefd: BL6PEPF0000BA61
x-usersessionid: d99a030c-9ec5-44d3-917a-8698a8fa146a
date: Sun, 27 Mar 2022 18:03:17 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 6E9F74D302664C85908BD28EADF51648 Ref B: AM3EDGE0808 Ref C: 2022-03-27T18:03:17Z

GET
H2 200 EwaCommon.png
c1h-excel-15.cdn.office.net/x/s/h2F95CDDC41D79343__layouts/Resources/1031/ Frame 36D5 19 KB
19 KB 13ms
12ms Image
image/png 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2F95CDDC41D79343__layouts/Resources/1031/EwaCommon.png

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h9DAD37ACBD7379D5__layouts/App_Scripts/EwaDS.bootCommon.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2f95cddc41d79343acd4194569538eb07ae5bdd1ec90469253f41ee5db530b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "4c70ad5a1e39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 19229
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Wed, 16 Mar 2022 10:12:34 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: 5E1AEB5D76164C3F9B6B559EC678AFFE Ref B: AM3EDGE0614 Ref C: 2022-03-19T07:04:47Z
x-usersessionid: 4d32aa17-117b-41a1-a2c4-e3a65ad4762b
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 4d32aa17-117b-41a1-a2c4-e3a65ad4762b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaOther_m2.png
c1h-excel-15.cdn.office.net/x/s/hDDACFF985568D458__layouts/Resources/1031/ Frame 36D5 22 KB
22 KB 9ms
9ms Image
image/png 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hDDACFF985568D458__layouts/Resources/1031/EwaOther_m2.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ddacff985568d4587ff00bcd1e6ec886c89eb143994d862a67338c356e3c42d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "f361fde62a39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF0000692C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22266
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 11:42:23 GMT
x-officefd: AM4PEPF0000689F
x-msedge-ref: Ref A: 6E71AB1CFD7D4DC09F1385E038151DF0 Ref B: AM3EDGE0109 Ref C: 2022-03-16T18:36:06Z
x-usersessionid: 441c0af9-9497-48a8-b2fd-8ff2865d38c3
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 441c0af9-9497-48a8-b2fd-8ff2865d38c3
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 otelFull.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h01346477DF6BAB87__layouts/App_Scripts/ Frame 36D5 97 KB
29 KB 91ms
91ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h01346477DF6BAB87__layouts/App_Scripts/otelFull.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

01346477df6bab879760395263416b532a5fe56a6141a51122950f15310a2753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "94538cdd2439d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00013CB3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 28971
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Wed, 16 Mar 2022 10:59:10 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: D8543869EFDA49B4A5987E653B71EFAF Ref B: AMS04EDGE2622 Ref C: 2022-03-22T21:08:15Z
x-usersessionid: a171a8eb-261c-4ee1-a165-f3fc6b81a8be
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a171a8eb-261c-4ee1-a165-f3fc6b81a8be
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uiSlice20.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h1A63F2BA53567D40__layouts/App_Scripts/ Frame 36D5 740 KB
132 KB 118ms
117ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1A63F2BA53567D40__layouts/App_Scripts/uiSlice20.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h0C8859C5B255671E__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1a63f2ba53567d401aaef8cc84fb0faf704eadb14e08db524ec88df96d344b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7462503c5838d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15108.31878
x-officefe: AM4PEPF00006942
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 134355
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 15 Mar 2022 10:34:22 GMT
x-officefd: AM4PEPF000068BF
x-msedge-ref: Ref A: 0F746393B33046799706C15F067789DB Ref B: AMS04EDGE2615 Ref C: 2022-03-15T10:34:22Z
x-usersessionid: 32cf2920-dba8-49e9-8c40-5454eff44625
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 32cf2920-dba8-49e9-8c40-5454eff44625
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 200 SDXReleaseDataPackages
mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/ Frame 0
0 56ms
15ms Preflight 20.126.153.54
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/SDXReleaseDataPackages
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.126.153.54 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,dmsactivityid,haep,x-accesstoken,x-accesstokenttl,x-key,x-officeversion,x-requested-with,x-usersessionid,x-usertype,x-waccluster,x-xhr
Origin: https://excel.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-allow-headers: content-type,dmsactivityid,haep,x-accesstoken,x-accesstokenttl,x-key,x-officeversion,x-requested-with,x-usersessionid,x-usertype,x-waccluster,x-xhr
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Sun, 27 Mar 2022 18:03:17 GMT
content-length: 0

GET
H2 200 EwaDS.shell.js Show response
c1h-excel-15.cdn.office.net/x/s/h8120EC3C1941E13F__layouts/App_Scripts/ Frame 36D5 3 KB
2 KB 82ms
81ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h8120EC3C1941E13F__layouts/App_Scripts/EwaDS.shell.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8120ec3c1941e13f61be928737e367da63cfda781d287b2fcd2b2fd02221ae15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"127eace7243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068F6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1198
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:42:03 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: BDC4B77A29F14E7DB5C1824256437714 Ref B: AM3EDGE0618 Ref C: 2022-03-22T19:42:03Z
x-usersessionid: 4ebfbb3a-453a-4534-a8fa-ad461c1fbf10
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4ebfbb3a-453a-4534-a8fa-ad461c1fbf10
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 BeaconHandler.ashx
excel.officeapps.live.com/x/_layouts/ Frame 36D5 542 B
858 B 22ms
22ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/BeaconHandler.ashx?WacUserType=WOPI&usid=d99a030c-9ec5-44d3-917a-8698a8fa146a&NoAuth=1&waccluster=PNL1&WebMethod=Xlplt

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5b40665a9c6eda7ee5b01320fae0bc3bda499e8df67c518193f944683dc70c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officefd: AM4PEPF000068AE
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00013CB0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 421
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7ad9b079-5bda-439c-a774-f68ed6a79576
x-officecluster: PNL1
x-usersessionid: d99a030c-9ec5-44d3-917a-8698a8fa146a
date: Sun, 27 Mar 2022 18:03:17 GMT
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 424C3DD2A28F46459046D1951FD77077 Ref B: AM3EDGE0808 Ref C: 2022-03-27T18:03:17Z
timing-allow-origin: *

POST
H2 202 SDXReleaseDataPackages Show response
mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/ Frame 36D5 5 KB
5 KB 16ms
16ms XHR
application/json 20.126.153.54
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/SDXReleaseDataPackages
Requested by: Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.126.153.54 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 987c5119a6cee5346e8c2c2c4a3160897103b12fa9ecfb70b9b117dc13e68867

Request headers

DMSActivityId: fbfc79bb-0e4a-463c-9f9f-0656eed04bcc
haep: 1
X-AccessToken: 4wNwF1vcLoudGRtWv5yroMVYxtJ7PoeRcasRB0LwaKQG4jkB2XdKiTcPaTudKYrZ-sNPW4B31kAV98VUQ4z5tTldH6IF_KipwBw3aH1g2Qi4Xz124C4VXr7IcwWzbxYneZ9P0hHwbU6c2TAnxKINvZmPbSgHvX6c-M8D7UVz8sR-o
X-UserSessionId: d99a030c-9ec5-44d3-917a-8698a8fa146a
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15122.37951
X-Key: BwEM4ZSUpakeOjEOObe+pOiqZHFW7OzA52X1JQrqUw4=,637840009959259224
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://excel.officeapps.live.com/
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1650218595316
X-WacCluster: PNL1

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 18:03:17 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 5344
expires: -1

GET
H2 200 tellme-strings.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hB030423759D3257B__layouts/App_Scripts/1031/ Frame 36D5 361 B
890 B 63ms
63ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hB030423759D3257B__layouts/App_Scripts/1031/tellme-strings.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b030423759d3257bf81fd7817114e8820b37c046e24d61b4aa1def6194d41b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "c975265f3d3ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00013CB4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 225
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 22:37:11 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: 9B9E3F387BA441E5925A063BCCE361DA Ref B: AM3EDGE0320 Ref C: 2022-03-26T11:29:15Z
x-usersessionid: cdd01a7e-88ca-40ae-b1d9-88fbbdc3adbe
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: cdd01a7e-88ca-40ae-b1d9-88fbbdc3adbe
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-uiSlice20-sprite-exp.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h121A2735F29CD8D2__layouts/App_Scripts/1031/ Frame 36D5 1 MB
124 KB 69ms
69ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h121A2735F29CD8D2__layouts/App_Scripts/1031/excel-uiSlice20-sprite-exp.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

121a2735f29cd8d2840601ee3bdf513c7237e89af6c98f4a503a98385c0bd8a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "c5864583c3ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00006907
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 125978
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 22:29:50 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: 9B928A52F6D94CEF97760826E66DDFD5 Ref B: AMS04EDGE3213 Ref C: 2022-03-26T21:48:04Z
x-usersessionid: 7962da17-b295-4004-a828-2c8f5941c7cb
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 7962da17-b295-4004-a828-2c8f5941c7cb
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 de-de Show response
shell.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/ Frame 36D5 25 KB
5 KB 90ms
22ms XHR
application/json 2a02:26f0:b600:1ad::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://shell.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/de-de

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6701F3250807B619__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:b600:1ad::4b36 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

ca65d343fa43aed20175eba0f681702ab45d84928aa142a680263f71f5e9299f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=2592000
content-encoding: gzip
x-content-type-options: nosniff
server: Kestrel
date: Sun, 27 Mar 2022 18:03:18 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache-start: 1648404131
cache-control: max-age=300
x-cdn: 67
timing-allow-origin: *
content-length: 5084
x-o365suiteuxshell-correlationid: 4a2c40ee-6a7d-47c3-8dbc-a8c37df8ca9f

GET
H2 200 wac2-d8541046.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/ 310 KB
107 KB 8ms
7ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac2-d8541046.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c949982df7b0a15866feaa71641d1dd64f0bd6415013cbff9a5bf2a61d65b33c

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 18:03:17 GMT
content-encoding: gzip
content-md5: 2FQQRinE/bhgf3Cx3CcwlA==
content-length: 109105
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:44:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA0300A39F2F0C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a01868c0-e01e-0026-3c86-35ce35000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29923032
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac0-efa56458.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/ 15 KB
6 KB 10ms
10ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac0-efa56458.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 09f6c8293dec26567f220f12acd488876fbbf40ad2c67e0f0f4766de6bda8981

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 18:03:17 GMT
content-encoding: gzip
content-md5: 76VkWOHqhHqIEEUyr6GMKg==
content-length: 5910
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:44:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA0300A34EF7FB
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: eaf6ece3-101e-00a4-1186-358f8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29923142
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac1-cdc297b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/ 47 KB
14 KB 10ms
10ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac1-cdc297b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=15A8A2FD9A14087E%21296938&ithint=file%2Cxlsx&authkey=%21ANkFYEE8MuBlj3s
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b323d86681653d7e2e92716f79f18a324b1337dd9ad3d456644ca9fb7493ffa3

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 18:03:17 GMT
content-encoding: gzip
content-md5: zcKXtFHbuejuppPFKcKOyw==
content-length: 14062
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:44:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA0300A36B5567
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b348ff9a-801e-0099-2686-35f990000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29923147
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 dialogControls.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h2606632C3FE60DFF__layouts/App_Scripts/ Frame 36D5 6 KB
2 KB 40ms
40ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2606632C3FE60DFF__layouts/App_Scripts/dialogControls.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2606632c3fe60dff46c07f2373dbd7d5316c3b1fff9be4408011f8706e5b9549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "7d8423db037d81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006A4C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1222
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 14 Mar 2022 14:31:48 GMT
x-officefd: AM4PEPF00006A40
x-msedge-ref: Ref A: C4E4B01AB38346898769F968A552F857 Ref B: AM3EDGE0808 Ref C: 2022-03-15T10:34:23Z
x-usersessionid: 46bc03c1-a831-4961-9571-5102813bf475
date: Sun, 27 Mar 2022 18:03:17 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 46bc03c1-a831-4961-9571-5102813bf475
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officeonlinecpuprofiling.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h0F03F00939B9716F__layouts/App_Scripts/ Frame 36D5 206 KB
27 KB 14ms
14ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h0F03F00939B9716F__layouts/App_Scripts/officeonlinecpuprofiling.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0f03f00939b9716fc69ed12a6faab3123f1b02e8f69598c1b9577475067240f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "a3637411d39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF0000690A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27120
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 10:04:41 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: D2F7AD6D33D3408EB4F49F25CDE5F543 Ref B: AMS04EDGE2319 Ref C: 2022-03-22T21:02:01Z
x-usersessionid: 403e6c7c-14d4-4594-96fc-b5d30f2cbf36
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 403e6c7c-14d4-4594-96fc-b5d30f2cbf36
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.pi.js Show response
c1h-excel-15.cdn.office.net/x/s/h9056FF1ED4D1924A__layouts/App_Scripts/ Frame 36D5 288 KB
67 KB 15ms
15ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h9056FF1ED4D1924A__layouts/App_Scripts/EwaDS.pi.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9056ff1ed4d1924aafe294b44fcc88ef04935905523fef6b3a9da8161f9c8f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"33bae3e7243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006910
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 67265
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordslice,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:42:03 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: C1CF2B6EE6CC4214BCBBA6FED9D3F550 Ref B: AMS04EDGE3122 Ref C: 2022-03-22T19:42:03Z
x-usersessionid: 5e061b1c-501b-4171-b05e-62b4f7755ec5
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5e061b1c-501b-4171-b05e-62b4f7755ec5
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.le.js Show response
c1h-excel-15.cdn.office.net/x/s/hF8D1BE38774A3D89__layouts/App_Scripts/ Frame 36D5 91 KB
22 KB 24ms
24ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF8D1BE38774A3D89__layouts/App_Scripts/EwaDS.le.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f8d1be38774a3d89f9cd3c2667167fccd8d7bcd97348f55a4c7d42ab94f8a21b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"1d28e6e7243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006907
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22111
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:42:03 GMT
x-officefd: AM4PEPF0001041A
x-msedge-ref: Ref A: AD1DC152E6194D44A86B06D39918AB3F Ref B: AM3EDGE0407 Ref C: 2022-03-22T19:42:03Z
x-usersessionid: 93cb2e25-11df-4645-9cc8-09f26808b7b0
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 93cb2e25-11df-4645-9cc8-09f26808b7b0
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 36D5 0
398 B 101ms
100ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15122.37951&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wNwF1vcLoudGRtWv5yroMVYxtJ7PoeRcasRB0LwaKQG4jkB2XdKiTcPaTudKYrZ-sNPW4B31kAV98VUQ4z5tTldH6IF_KipwBw3aH1g2Qi4Xz124C4VXr7IcwWzbxYneZ9P0hHwbU6c2TAnxKINvZmPbSgHvX6c-M8D7UVz8sR-o
X-UserSessionId: d99a030c-9ec5-44d3-917a-8698a8fa146a
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15122.37951
X-Key: BwEM4ZSUpakeOjEOObe+pOiqZHFW7OzA52X1JQrqUw4=,637840009959259224
X-bULS-SuppressionETag: 92C3AEFEB80AAA1E848104E31CB64811FC891720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1650218595316
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.15123.35051
x-officefe: BL6PEPF0000BA1B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 92C3AEFEB80AAA1E848104E31CB64811FC891720
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 92579f9d-081d-4c8a-a509-16626dabb4b6
x-officefd: BL6PEPF0000BA1B
x-usersessionid: d99a030c-9ec5-44d3-917a-8698a8fa146a
date: Sun, 27 Mar 2022 18:03:18 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 092B741C85794B1CB826EEEF2A056516 Ref B: AM3EDGE0808 Ref C: 2022-03-27T18:03:18Z

GET
H2 200 EwaDS.oauth.js Show response
c1h-excel-15.cdn.office.net/x/s/hA58378DEAFD5B682__layouts/App_Scripts/ Frame 36D5 33 KB
9 KB 24ms
23ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hA58378DEAFD5B682__layouts/App_Scripts/EwaDS.oauth.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a58378deafd5b6821692f36ab9c2da7bcf03e2c450b0a72ba583783383fe95ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ccc8e5e7243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006926
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 8520
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:42:03 GMT
x-officefd: AM4PEPF000068B2
x-msedge-ref: Ref A: 9D884F187ADA4F268F3549FA725F9069 Ref B: AMS04EDGE1618 Ref C: 2022-03-22T19:42:03Z
x-usersessionid: 41e2325f-35c3-459f-8cdb-1f2f8d9ee8a8
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 41e2325f-35c3-459f-8cdb-1f2f8d9ee8a8
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.savestatus.js Show response
c1h-excel-15.cdn.office.net/x/s/hDDFE0B732427FA35__layouts/App_Scripts/ Frame 36D5 11 KB
4 KB 20ms
20ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hDDFE0B732427FA35__layouts/App_Scripts/EwaDS.savestatus.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ddfe0b732427fa358529faecedb612c4f35855a3e63390fa6e2fd2c90c83ec08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"69f0e2e7243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068DB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2931
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:42:03 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 60DF8ADF379D479BAB4808728F11A0D8 Ref B: AM3EDGE0222 Ref C: 2022-03-22T19:42:03Z
x-usersessionid: dd126f61-d67a-4d36-8d30-c49c83a8f30f
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: dd126f61-d67a-4d36-8d30-c49c83a8f30f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.agave.js Show response
c1h-excel-15.cdn.office.net/x/s/h105CE7A9CF9CE2CA__layouts/App_Scripts/ Frame 36D5 593 KB
120 KB 20ms
20ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h105CE7A9CF9CE2CA__layouts/App_Scripts/EwaDS.agave.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

105ce7a9cf9ce2ca879d8d8b51e353c5ca3900c82f99629a9a05654bc6fe8bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"6e24e6e7243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068DA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 122168
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Tue, 22 Mar 2022 19:42:03 GMT
x-officefd: AM4PEPF000068A6
x-msedge-ref: Ref A: 7AC6B1CBC56F4F92AA2DA9A1A62FAC9C Ref B: AM3EDGE1009 Ref C: 2022-03-22T19:42:03Z
x-usersessionid: e6603289-b06d-44e4-a1b9-60b45d60c951
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e6603289-b06d-44e4-a1b9-60b45d60c951
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-uiSlice20-sprite.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h1A5A30B886DE51EB__layouts/App_Scripts/1031/ Frame 36D5 451 KB
53 KB 22ms
22ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1A5A30B886DE51EB__layouts/App_Scripts/1031/excel-uiSlice20-sprite.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1a5a30b886de51eb2f7879fd1ef7777a14b97375cf0c8bc98cc5468414f6fc1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "bb77277373ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000068FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 53752
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 21:51:47 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: 88B861D8A7AE4371BEAD38F8042DEC23 Ref B: AM3EDGE1007 Ref C: 2022-03-26T22:14:21Z
x-usersessionid: 60c5b980-1c95-4a70-a0e3-fccdc8735fc8
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 60c5b980-1c95-4a70-a0e3-fccdc8735fc8
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.kffa.js Show response
c1h-excel-15.cdn.office.net/x/s/hD6C85A44D0F5D9CC__layouts/App_Scripts/ Frame 36D5 605 KB
125 KB 13ms
13ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hD6C85A44D0F5D9CC__layouts/App_Scripts/EwaDS.kffa.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d6c85a44d0f5d9ccea7d2ff1acad57afac793236cb1f52aba0e58e30f2519911

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f1f9f0e7243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068D3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 127085
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:42:03 GMT
x-officefd: AM4PEPF000068A7
x-msedge-ref: Ref A: 9C2A5B3DD777405AA57CDB90F53ADCE3 Ref B: AM3EDGE0421 Ref C: 2022-03-22T19:42:03Z
x-usersessionid: 740de71a-1cc8-4ab6-bdd1-f728caa32329
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 740de71a-1cc8-4ab6-bdd1-f728caa32329
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.calc.js Show response
c1h-excel-15.cdn.office.net/x/s/h89E88693C30A2B17__layouts/App_Scripts/ Frame 36D5 101 KB
24 KB 26ms
26ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h89E88693C30A2B17__layouts/App_Scripts/EwaDS.calc.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

89e88693c30a2b179706dec09289a2907c58ca54fb4d2df0df6b34ab8a3a0c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"9dcde5e7243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00013CB9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23444
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:42:03 GMT
x-officefd: AM4PEPF0000601C
x-msedge-ref: Ref A: 6BE1D172810C459A91D8601ED91F144C Ref B: AMS04EDGE1112 Ref C: 2022-03-22T19:42:03Z
x-usersessionid: 15272643-b977-4ed2-82d8-fbba12925987
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 15272643-b977-4ed2-82d8-fbba12925987
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.zoom.js Show response
c1h-excel-15.cdn.office.net/x/s/h07C1CB93777BB12E__layouts/App_Scripts/ Frame 36D5 23 KB
7 KB 26ms
26ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h07C1CB93777BB12E__layouts/App_Scripts/EwaDS.zoom.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

07c1cb93777bb12e907557a85828f9fc9bcd96d76cd93439a875ae051bc62890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"4aeeece7243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00013CBA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 5926
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Tue, 22 Mar 2022 19:42:03 GMT
x-officefd: AM4PEPF0000601C
x-msedge-ref: Ref A: 90170B7F1B2C4FC999F49F27EF77E3AD Ref B: AMS04EDGE2808 Ref C: 2022-03-22T19:42:03Z
x-usersessionid: b87d8b40-9650-4a5c-b40f-043fc38f0927
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b87d8b40-9650-4a5c-b40f-043fc38f0927
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 shellstrings.json Show response
c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/App_Scripts/suiteux-shell/strings/de/ Frame 36D5 15 KB
6 KB 13ms
10ms XHR
application/json 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/App_Scripts/suiteux-shell/strings/de/shellstrings.json

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6701F3250807B619__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

830e4427e1f26152e32038b7c0e2945a863823159eb1ed027aa5663a9df7c575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"06436a3313ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006907
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4947
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 21:13:12 GMT
x-officefd: AM4PEPF000068BF
x-msedge-ref: Ref A: E9104D3568C246CEBACD16FAF7C168A2 Ref B: AMS04EDGE1322 Ref C: 2022-03-22T21:13:12Z
x-usersessionid: 1ba1eeee-b6a7-40df-a653-112337830fc5
date: Sun, 27 Mar 2022 18:03:18 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-correlationid: 1ba1eeee-b6a7-40df-a653-112337830fc5
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 36D5 2 KB
2 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df

Request headers

Referer
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H2 200 segoeui-semilight-final.woff
c1h-excel-15.cdn.office.net/x/s/h9089DC0E3BA90C77__layouts/Resources/1031/ Frame 36D5 25 KB
26 KB 18ms
18ms Font
font/x-woff 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h9089DC0E3BA90C77__layouts/Resources/1031/segoeui-semilight-final.woff

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h9089DC0E3BA90C77__layouts/Resources/1031/excelframe.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-excel-15.cdn.office.net/x/s/h9089DC0E3BA90C77__layouts/Resources/1031/excelframe.css
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"f262f7b59e3ed81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15122.37951
x-officefe: DB5PEPF00008318
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 25997
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 23 Mar 2022 10:13:58 GMT
x-officefd: DB5PEPF000082A4
x-msedge-ref: Ref A: 6E2C1453E19E46928C6543FAC0332C1A Ref B: AM3EDGE0705 Ref C: 2022-03-23T10:13:58Z
x-usersessionid: 76e9cd16-2d8c-44ab-9439-50ba331dd5c5
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: 76e9cd16-2d8c-44ab-9439-50ba331dd5c5
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 suiteux.shell.core.js Show response
c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/App_Scripts/suiteux-shell/js/ Frame 36D5 257 KB
70 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6701F3250807B619__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3f2d8e28b45b733672c14a22434c033edf9375e53ae7ace036d844ff8d5d9ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"1a8655e8243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006918
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 71204
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:42:04 GMT
x-officefd: AM4PEPF0001041B
x-msedge-ref: Ref A: F5A7EE1C62014F8BBCFC62CA15D00CC5 Ref B: AMS04EDGE3513 Ref C: 2022-03-22T19:42:04Z
x-usersessionid: 63b903a7-98a6-4dc4-8173-1ab9ca498477
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 63b903a7-98a6-4dc4-8173-1ab9ca498477
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 copyPasteInfra.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hB784C6BE1065E31C__layouts/App_Scripts/ Frame 36D5 124 KB
24 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hB784C6BE1065E31C__layouts/App_Scripts/copyPasteInfra.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b784c6be1065e31cab361a0deb21e813a4d9b193242c980553c922a6e9770a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"8961ac3f5838d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15108.31878
x-officefe: DB5PEPF0000C9FE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23385
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 15 Mar 2022 10:34:28 GMT
x-officefd: DB5PEPF000082D6
x-msedge-ref: Ref A: 1E6E57DA77E0495E8D74D32CE750235E Ref B: AMS04EDGE2721 Ref C: 2022-03-15T10:34:28Z
x-usersessionid: f282a43c-d0be-4a41-9a95-ba54ec4fb38f
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f282a43c-d0be-4a41-9a95-ba54ec4fb38f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clipboardPlatform.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hFEC76AC44AE24397__layouts/App_Scripts/ Frame 36D5 171 KB
32 KB 11ms
10ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hFEC76AC44AE24397__layouts/App_Scripts/clipboardPlatform.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fec76ac44ae2439795829e6cd32f47d2d414aa663bb5d215c0dcaa3ddf1189af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"95bac3f5838d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15108.31878
x-officefe: DB5PEPF0000831B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 31900
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 15 Mar 2022 10:34:28 GMT
x-officefd: DB5PEPF0000C671
x-msedge-ref: Ref A: 681068A33F1644C08C1A3528E59241E5 Ref B: AM3EDGE0715 Ref C: 2022-03-15T10:34:28Z
x-usersessionid: 60a50cbc-2233-465d-b9ef-4da8550a0b1a
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 60a50cbc-2233-465d-b9ef-4da8550a0b1a
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
excel.officeapps.live.com/x/_layouts/ Frame 36D5 0
203 B 201ms
200ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/RemoteTelemetry.ashx

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF000068C0
x-officeversion: 16.0.15122.37951
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5c1bc081-1814-4fb3-bc49-7c156e7baa1a
x-officecluster: PNL1
x-usersessionid: 5c1bc081-1814-4fb3-bc49-7c156e7baa1a
date: Sun, 27 Mar 2022 18:03:18 GMT
x-download-options: noopen
access-control-allow-origin: https://excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 6DF10CF7FB874CCE9B68E83E9B8379F9 Ref B: AM3EDGE0808 Ref C: 2022-03-27T18:03:18Z
timing-allow-origin: *
x-officefe: AM4PEPF00013CB0

GET
H2 200 suiteux.shell.consappdata.js Show response
c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/App_Scripts/suiteux-shell/js/ Frame 36D5 7 KB
3 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6701F3250807B619__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7754ecc83f107a1b9d1accf820762349d00bbfefa0f8ba7c4444a88b81921b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f5607eba263ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006918
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1932
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:55:06 GMT
x-officefd: AM4PEPF0001041A
x-msedge-ref: Ref A: C6715B7F94A743178E2A629553E67C5A Ref B: AMS04EDGE2817 Ref C: 2022-03-22T19:55:06Z
x-usersessionid: 212dccd1-1f40-4804-b898-997747c5fc24
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 212dccd1-1f40-4804-b898-997747c5fc24
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 invis.gif
p.sfx.ms/is/ 43 B
104 B 15ms
14ms Image
image/gif 13.81.118.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac2-d8541046.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.81.118.91 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 18:03:17 GMT
x-msnserver: RD0003FF1D84C1
last-modified: Fri, 04 Mar 2022 03:31:59 GMT
server: Microsoft-IIS/10.0
etag: "f26c1d68782fd81:0"
content-type: image/gif
cache-control: public,max-age=86400
x-odwebserver: westeurope0-odwebp
accept-ranges: bytes
content-length: 43

GET
H2 200 EwaDS.kpae.js Show response
c1h-excel-15.cdn.office.net/x/s/hAAABF68419CDC711__layouts/App_Scripts/ Frame 36D5 588 KB
133 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hAAABF68419CDC711__layouts/App_Scripts/EwaDS.kpae.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

aaabf68419cdc7115a26f20bb1432df2b6a144c99b3a33e87d5d597c17902c31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e7326e7243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000114B8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 135347
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Tue, 22 Mar 2022 19:42:02 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: 7A8C895B9D4C42139468E92564F92C9E Ref B: AM3EDGE0616 Ref C: 2022-03-22T19:42:02Z
x-usersessionid: e83074a3-f27d-45fe-85ea-6b9970f36b56
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e83074a3-f27d-45fe-85ea-6b9970f36b56
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.tlv.js Show response
c1h-excel-15.cdn.office.net/x/s/h99B14282E9174D1D__layouts/App_Scripts/ Frame 36D5 338 KB
66 KB 24ms
24ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h99B14282E9174D1D__layouts/App_Scripts/EwaDS.tlv.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

99b14282e9174d1d838666d35f2ed85720d3353c6c7ff13136082ad34d5de2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f59a12e8243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00013CAD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 66680
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:42:04 GMT
x-officefd: AM4PEPF0001041C
x-msedge-ref: Ref A: 360E6C9813504A1083483103DC0A9111 Ref B: AM3EDGE0911 Ref C: 2022-03-22T19:42:04Z
x-usersessionid: 3e68fc5c-8151-408c-8166-d42c68717264
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 3e68fc5c-8151-408c-8166-d42c68717264
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 makerstorage.js Show response
c1h-excel-15.cdn.office.net/x/s/hF302BF6BEE53225E__layouts/App_Scripts/ Frame 36D5 111 KB
14 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF302BF6BEE53225E__layouts/App_Scripts/makerstorage.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f302bf6bee53225e4a705907a6e8477d3daec0cc703fedc713acab48aea042da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "56a7a1ca7c34d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15108.31878
x-officefe: AM4PEPF0000692C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 13469
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 10 Mar 2022 12:45:58 GMT
x-officefd: AM4PEPF000068A7
x-msedge-ref: Ref A: 7B2951AF7C894185BFEEE0D847DC4FC0 Ref B: AM3EDGE1013 Ref C: 2022-03-15T04:24:23Z
x-usersessionid: 98daefc2-6cb8-4ee1-86fc-548906949d98
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 98daefc2-6cb8-4ee1-86fc-548906949d98
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 osfruntime_xlo.js Show response
c1h-excel-15.cdn.office.net/x/s/h041781CE8C0B99D6__layouts/App_Scripts/ Frame 36D5 615 KB
104 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h041781CE8C0B99D6__layouts/App_Scripts/osfruntime_xlo.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

041781ce8c0b99d64132ad8a1c81ecc95fe4be596a41550d4a42775b70c62d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "41cac8d92439d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00013CB4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 105857
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 10:59:04 GMT
x-officefd: AM4PEPF0000689F
x-msedge-ref: Ref A: 5E732D39F9A64BF3BCC120A2A77C2660 Ref B: AMS04EDGE3321 Ref C: 2022-03-22T21:02:38Z
x-usersessionid: db3559ba-44a6-4294-a198-6e8096aab48e
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: db3559ba-44a6-4294-a198-6e8096aab48e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 OfficeExtension.WacRuntime.js Show response
c1h-excel-15.cdn.office.net/x/s/h43C5939CB732D8AA__layouts/App_Scripts/ Frame 36D5 172 KB
17 KB 16ms
16ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h43C5939CB732D8AA__layouts/App_Scripts/OfficeExtension.WacRuntime.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

43c5939cb732d8aa2d20fce97f359f46b7c3b937e60ed576b752ae0a2e73314f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "d7238bc52f39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000114BB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 16640
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 12:17:14 GMT
x-officefd: AM4PEPF0001041C
x-msedge-ref: Ref A: 301AE3AC8ADF4B628E3F54D4EE650CD7 Ref B: AM3EDGE0707 Ref C: 2022-03-20T03:53:59Z
x-usersessionid: 0724bade-d145-4809-a4b4-dfa0ef99e8a2
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0724bade-d145-4809-a4b4-dfa0ef99e8a2
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
excel.officeapps.live.com/x/_layouts/ Frame 36D5 0
276 B 48ms
47ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/RemoteTelemetry.ashx

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000689F
x-officeversion: 16.0.15122.37951
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: c7841438-5d48-4f75-b6d7-ba8713942083
x-officecluster: PNL1
x-usersessionid: c7841438-5d48-4f75-b6d7-ba8713942083
date: Sun, 27 Mar 2022 18:03:18 GMT
x-download-options: noopen
access-control-allow-origin: https://excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 078EF77B9D004B0D9E5119493EB65592 Ref B: AM3EDGE0808 Ref C: 2022-03-27T18:03:18Z
timing-allow-origin: *
x-officefe: AM4PEPF00013CB0

GET
H2 200 excelOnlineCalc.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h4DC807377ED3E01C__layouts/App_Scripts/ Frame 36D5 1 MB
248 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h4DC807377ED3E01C__layouts/App_Scripts/excelOnlineCalc.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4dc807377ed3e01c27181efaa819f191c96dc08697b1342cff418c58bbf22def

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"5a74a23f5838d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15108.31878
x-officefe: AM4PEPF00013CB7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 252231
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 15 Mar 2022 10:34:28 GMT
x-officefd: AM4PEPF000068AF
x-msedge-ref: Ref A: B193BD6A81F847C39D62B33A6F27B1A5 Ref B: AMS04EDGE2116 Ref C: 2022-03-15T10:34:28Z
x-usersessionid: a8acb794-e6b0-43f3-a752-a77514b6d66e
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a8acb794-e6b0-43f3-a752-a77514b6d66e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.kmhv.js Show response
c1h-excel-15.cdn.office.net/x/s/hDB3B917635A01D3D__layouts/App_Scripts/ Frame 36D5 488 KB
110 KB 15ms
14ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hDB3B917635A01D3D__layouts/App_Scripts/EwaDS.kmhv.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

db3b917635a01d3dbc904232b79b4b03f592d2d77f457f81c4e88ef5a7f07846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"fb66eae7243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000114B3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 111621
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:42:03 GMT
x-officefd: AM4PEPF0001041C
x-msedge-ref: Ref A: 16046494EBCF4EFA87E492AF9D761F1E Ref B: AMS04EDGE2019 Ref C: 2022-03-22T19:42:03Z
x-usersessionid: 508a1794-3b6c-4841-bdd4-79b925913091
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 508a1794-3b6c-4841-bdd4-79b925913091
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.commonui.js Show response
c1h-excel-15.cdn.office.net/x/s/h26C1366363F67529__layouts/App_Scripts/ Frame 36D5 486 B
957 B 15ms
15ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h26C1366363F67529__layouts/App_Scripts/EwaDS.commonui.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

26c1366363f67529c890e09d88ca4e4d6aca15c756070659ed023dc42b5a3d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"fbfec83f5838d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15108.31878
x-officefe: DB5PEPF0000C9FE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 276
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 15 Mar 2022 10:34:28 GMT
x-officefd: DB5PEPF0000C266
x-msedge-ref: Ref A: DE77C4F1EDCC4CFD9DAB7DE549F8C910 Ref B: AMS04EDGE2917 Ref C: 2022-03-15T10:34:28Z
x-usersessionid: 3921364a-f6c4-4410-93b4-f6fe53170b88
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 3921364a-f6c4-4410-93b4-f6fe53170b88
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.tp.js Show response
c1h-excel-15.cdn.office.net/x/s/hA6A56EEFB069B841__layouts/App_Scripts/ Frame 36D5 65 KB
15 KB 16ms
15ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hA6A56EEFB069B841__layouts/App_Scripts/EwaDS.tp.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a6a56eefb069b8415fa94a2d46b19962d24a75600385127b300c3160f0ea8320

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"c6daa1e6243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006910
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 15095
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:42:01 GMT
x-officefd: AM4PEPF0000689E
x-msedge-ref: Ref A: 498C6B81871A4511839B2AB1DE41C5D9 Ref B: AMS04EDGE1112 Ref C: 2022-03-22T19:42:01Z
x-usersessionid: b683bcc6-db8b-4629-b585-2b677700f355
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b683bcc6-db8b-4629-b585-2b677700f355
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002// 8 KB
8 KB 8ms
7ms Image
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002//filesbucket3-5286f09d.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 18:03:18 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA03009820140A
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 925f57bd-e01e-0009-0f86-35c3fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29923049
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2

200

c.gif
c.live.com/
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=1b56857d-7dca-464a-a4d6-a72ac1c0f0bd&reqid=001258f42b0&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EA8B2%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=1b56857d-7dca-464a-a4d6-a72ac1c0f0bd&reqid=001258f42b0&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EA8B2%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=1b56857d-7dca-464a-a4d6-a72ac1c0f0bd&reqid=001258f42b0&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EA8B2%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
256 B

33ms
32ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=1b56857d-7dca-464a-a4d6-a72ac1c0f0bd&reqid=001258f42b0&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EA8B2%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.excel%26PLT%3D4239%26IR%3D1%26EX%3D0%26L.h%3D1441%26L.bc%3D1529%26L.ac%3D1545%26L.f%3D1548%26L.sjs%3D4142%26L.ttg%3D2957%26C.st%3D1648404194084%26N.jsPlt%3D2930%26N.domIn%3D1550%26N.tcp%3D19%26N.req%3D1342%26N.resp%3D11%26N.navType%3D0%26N.redirectCount%3D0&r=0.9823471517593383&CtsSyncId=144F51BD728A428FB600AAB59EB31A30&MUID=0D80A09664A263583B11B1E260A26780
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 18:03:17 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 18:03:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 41096F724BD840C7AA648802D889C820 Ref B: FRA31EDGE0209 Ref C: 2022-03-27T18:03:18Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=1b56857d-7dca-464a-a4d6-a72ac1c0f0bd&reqid=001258f42b0&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D5EA8B2%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.excel%26PLT%3D4239%26IR%3D1%26EX%3D0%26L.h%3D1441%26L.bc%3D1529%26L.ac%3D1545%26L.f%3D1548%26L.sjs%3D4142%26L.ttg%3D2957%26C.st%3D1648404194084%26N.jsPlt%3D2930%26N.domIn%3D1550%26N.tcp%3D19%26N.req%3D1342%26N.resp%3D11%26N.navType%3D0%26N.redirectCount%3D0&r=0.9823471517593383&CtsSyncId=144F51BD728A428FB600AAB59EB31A30&MUID=0D80A09664A263583B11B1E260A26780
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 36D5 0
302 B 100ms
100ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15122.37951&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wNwF1vcLoudGRtWv5yroMVYxtJ7PoeRcasRB0LwaKQG4jkB2XdKiTcPaTudKYrZ-sNPW4B31kAV98VUQ4z5tTldH6IF_KipwBw3aH1g2Qi4Xz124C4VXr7IcwWzbxYneZ9P0hHwbU6c2TAnxKINvZmPbSgHvX6c-M8D7UVz8sR-o
X-UserSessionId: d99a030c-9ec5-44d3-917a-8698a8fa146a
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15122.37951
X-Key: BwEM4ZSUpakeOjEOObe+pOiqZHFW7OzA52X1JQrqUw4=,637840009959259224
X-bULS-SuppressionETag: 92C3AEFEB80AAA1E848104E31CB64811FC891720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1650218595316
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS6
x-officeversion: 16.0.15123.35051
x-officefe: BL6PEPF0000C6FD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 92C3AEFEB80AAA1E848104E31CB64811FC891720
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: b6657e6d-1d6c-4081-a066-4f94a3a13d30
x-officefd: BL6PEPF0000C6FD
x-usersessionid: d99a030c-9ec5-44d3-917a-8698a8fa146a
date: Sun, 27 Mar 2022 18:03:18 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 3578C3306BB449EE8FEC3909251376C8 Ref B: AM3EDGE0808 Ref C: 2022-03-27T18:03:18Z

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
396 B 86ms
21ms XHR
application/json 51.105.71.136
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157
Requested by: Host: p.sfx.ms
URL: https://p.sfx.ms//storage/aria-2.5.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.105.71.136 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 18:03:18 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 69
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 200 me Show response
amcdn.msftauth.net/ Frame 36D5 27 KB
9 KB 112ms
26ms Script
application/javascript 2620:1ec:48::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://amcdn.msftauth.net/me?partner=ExcelOnline&version=10.21153.1&market=DE-DE&wrapperId=suiteshell

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

35998afbc46f0eab0406ec478a5430fd7cd4dc4a3322f547c5bdfd50beeb6228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sun, 27 Mar 2022 18:03:17 GMT
x-azure-ref: 05qZAYgAAAAD5TS2k76IkTI5k6xdZ/2xeTE9OMjFFREdFMDIyMgA5ZmU2YzNmMS0xNzE4LTRhOTMtOTI1NS02M2NkM2Y4Y2E1YWI=
x-cache: TCP_HIT, CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43200
x-ua-compatible: IE=edge
expires: Mon, 28 Mar 2022 05:49:52 GMT

GET
H2 200 suiteux.shell.plus.js Show response
c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/App_Scripts/suiteux-shell/js/ Frame 36D5 273 KB
60 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6701F3250807B619__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d7ff83751040bf0f3f784d1d8d002c6e6045cc58f12a6a37f2badf2b3a0ebcb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ced9dae8243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068D5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 60580
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Tue, 22 Mar 2022 19:42:05 GMT
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: 3F7B62570C014702A035D43A1748D615 Ref B: AMS04EDGE2210 Ref C: 2022-03-22T19:42:05Z
x-usersessionid: 01595799-f860-4f95-a5b6-d53bf560df4f
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 01595799-f860-4f95-a5b6-d53bf560df4f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedback_floodgate.js Show response
c1h-excel-15.cdn.office.net/x/s/h1CF7DEC0E81FF1B5__layouts/App_Scripts/Feedback/latest/ Frame 36D5 506 KB
97 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1CF7DEC0E81FF1B5__layouts/App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1cf7dec0e81ff1b5ff6f8c126725f2b1f6465f457acc87953e64b8be78c2f187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "eb5b32761d39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068FE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 98721
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 10:06:10 GMT
x-officefd: AM4PEPF000068B8
x-msedge-ref: Ref A: 5C88B3CB44744DAB8666FD4D3860E572 Ref B: AM3EDGE0220 Ref C: 2022-03-22T12:29:12Z
x-usersessionid: 2171e9fc-2a6a-4836-a430-651ea58cb73e
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2171e9fc-2a6a-4836-a430-651ea58cb73e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002// 8 KB
3 KB 8ms
8ms Stylesheet
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002//filesbucket3-5286f09d.css
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac2-d8541046.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 27 Mar 2022 18:03:18 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA03009820140A
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 925f57bd-e01e-0009-0f86-35c3fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29923049
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 EwrNov.css
c1h-excel-15.cdn.office.net/x/s/h70AA628053200235__layouts/Resources/1031/ Frame 36D5 11 KB
3 KB 11ms
11ms Stylesheet
text/css 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h70AA628053200235__layouts/Resources/1031/EwrNov.css

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

70aa6280532002357186121cdac4f4ee50ae993a50ad785c98015377b1635474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "e893e9541e39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2164
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 10:12:24 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: BF1998F4B8F84158B5D1F8B3DEEC0ED0 Ref B: AMS04EDGE1312 Ref C: 2022-03-18T12:51:24Z
x-usersessionid: 9275dfd8-f84a-4c0d-af15-be88808cfec9
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 9275dfd8-f84a-4c0d-af15-be88808cfec9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaNov.png
c1h-excel-15.cdn.office.net/x/s/hF987E2D9828EAD77__layouts/Resources/ Frame 36D5 10 KB
11 KB 12ms
11ms Image
image/png 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF987E2D9828EAD77__layouts/Resources/EwaNov.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f987e2d9828ead776cb236e3efa082920c6605fd4bc3676bc93447ef677657c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "f74df06c473ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000068D6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 10090
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 23:49:09 GMT
x-officefd: AM4PEPF0000601B
x-msedge-ref: Ref A: 87E9E847F90140C49B13D327F2DFBA55 Ref B: AM3EDGE0208 Ref C: 2022-03-24T18:27:03Z
x-usersessionid: 101d78f8-cddc-4dd6-8977-8021f8088cfe
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 101d78f8-cddc-4dd6-8977-8021f8088cfe
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 hammer.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h883922A710E857E9__layouts/App_Scripts/ Frame 36D5 24 KB
6 KB 10ms
10ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h883922A710E857E9__layouts/App_Scripts/hammer.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

883922a710e857e94b35fd6748792782280a859e154e4db2e4c0b4876dfa61ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "1c4fb551e39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5366
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_powerpointslice_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 10:12:26 GMT
x-officefd: AM4PEPF000068B7
x-msedge-ref: Ref A: 6EB5759B8BDA48ED9EAAAECBDEE3424F Ref B: AMS04EDGE2814 Ref C: 2022-03-17T13:31:10Z
x-usersessionid: 826e6f74-1900-47e9-87f6-a5254cf1a256
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 826e6f74-1900-47e9-87f6-a5254cf1a256
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 36D5 42 KB
16 KB 38ms
8ms Script
application/javascript 104.90.146.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.90.146.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-146-78.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 18:03:18 GMT
X-MSNServer: RD0003FF23ED10
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=36877, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H2 200 officebrowserfeedback.css
c1h-excel-15.cdn.office.net/x/s/h67EDE0FC3CA08AAF__layouts/App_Scripts/Feedback/latest/ Frame 36D5 18 KB
3 KB 12ms
11ms Stylesheet
text/css 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h67EDE0FC3CA08AAF__layouts/App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1CF7DEC0E81FF1B5__layouts/App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

67ede0fc3ca08aaf330485c705fcd4f16e15c8786d39002ccd2488b04bac1bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "b71129723c3ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF0000690F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2663
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 22:30:34 GMT
x-officefd: AM4PEPF000068A6
x-msedge-ref: Ref A: CA1FDFA95A254493B37A367F437B8CD5 Ref B: AM3EDGE0415 Ref C: 2022-03-24T02:50:57Z
x-usersessionid: 05b59050-3b74-4159-b664-88c125bbe302
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 05b59050-3b74-4159-b664-88c125bbe302
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedbackstrings.js Show response
c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/App_Scripts/Feedback/latest/Intl/de/ Frame 36D5 2 KB
2 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/App_Scripts/Feedback/latest/Intl/de/officebrowserfeedbackstrings.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1CF7DEC0E81FF1B5__layouts/App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1efda9130cb305275e233083f3171c724fa41c21af6be7ad43919c77a1a906b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"6f90e25d283ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF0000693E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1042
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 20:06:50 GMT
x-officefd: AM4PEPF0000601C
x-msedge-ref: Ref A: B4AE96EBCFB64A498D3B944A96049EC0 Ref B: AM3EDGE0715 Ref C: 2022-03-22T20:06:50Z
x-usersessionid: 54ab827d-1fe1-4c4c-9dc0-cb57e0d5edcf
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 54ab827d-1fe1-4c4c-9dc0-cb57e0d5edcf
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 suiteux.shell.otellogging.js Show response
c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/App_Scripts/suiteux-shell/js/ Frame 36D5 74 KB
23 KB 14ms
14ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6701F3250807B619__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bc877f37633d6d9c21e9ae669b9a2aaddb9acccc227f16f79423eb0ef78385ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"29b88de9243ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068DB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23057
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 19:42:06 GMT
x-officefd: AM4PEPF0001041B
x-msedge-ref: Ref A: C1E6BBCDCE974EC0BB938FC8C7351035 Ref B: AMS04EDGE3618 Ref C: 2022-03-22T19:42:06Z
x-usersessionid: ca5f4f92-92f3-43c9-8834-1a8b68f5c03b
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ca5f4f92-92f3-43c9-8834-1a8b68f5c03b
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 36D5 17 KB
17 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 036f613df24075e14c8e36a580c10c2cea1b193268b8e6bac5e397f76d36fc88

Request headers

Referer
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H/1.1

200
OK

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1648404198839
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1648404198&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252f...

0
0

200ms
109ms

Image
text/html

20.190.159.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1648404198&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
Protocol: HTTP/1.1
Server: 20.190.159.73 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: DB3PPF262F2CA00
x-qosstats: {"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-asmversion: UNKNOWN; 19.873.310.2003
date: Sun, 27 Mar 2022 18:03:18 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1648404198&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
x-throwsite: 4212.9205
x-clienterrorcode: PassportAuthFail
ms-cv: OFaKCJBGGES7ijQJaS1nmw.0
content-length: 0
x-errorcodechain: Unauthenticated

GET
H2 200 shared.aspx Show response
shared.officeapps.live.com/clipboard/ Frame B2CA 2 KB
2 KB 37ms
24ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=d99a030c-9ec5-44d3-917a-8698a8fa146a&corrid=d3241413-948b-4ddb-bd5a-eddd06f451e8&NoAuth=true

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hFEC76AC44AE24397__layouts/App_Scripts/clipboardPlatform.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7b8ece79ba7a0116ca6efb6625dbb8c01a54b58426ee7c1c67a0a11b498971fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/

Response headers

cache-control: private
content-length: 1110
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: d3241413-948b-4ddb-bd5a-eddd06f451e8
x-usersessionid: d99a030c-9ec5-44d3-917a-8698a8fa146a
strict-transport-security: max-age=31536000
timing-allow-origin: *
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
x-officefe: AM4PEPF00013CAB
x-officeversion: 16.0.15122.37951
x-officecluster: PNL1
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
x-officefd: AM4PEPF0001041A
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-msedge-ref: Ref A: 6DB8E5AF48494DD4BC76B721F76CF55C Ref B: AM3EDGE0808 Ref C: 2022-03-27T18:03:18Z
date: Sun, 27 Mar 2022 18:03:18 GMT

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 36D5 0
263 B 108ms
108ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15122.37951&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wNwF1vcLoudGRtWv5yroMVYxtJ7PoeRcasRB0LwaKQG4jkB2XdKiTcPaTudKYrZ-sNPW4B31kAV98VUQ4z5tTldH6IF_KipwBw3aH1g2Qi4Xz124C4VXr7IcwWzbxYneZ9P0hHwbU6c2TAnxKINvZmPbSgHvX6c-M8D7UVz8sR-o
X-UserSessionId: d99a030c-9ec5-44d3-917a-8698a8fa146a
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15122.37951
X-Key: BwEM4ZSUpakeOjEOObe+pOiqZHFW7OzA52X1JQrqUw4=,637840009959259224
X-bULS-SuppressionETag: 92C3AEFEB80AAA1E848104E31CB64811FC891720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1650218595316
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS6
x-officeversion: 16.0.15123.35051
x-officefe: BL6PEPF0000C717
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 92C3AEFEB80AAA1E848104E31CB64811FC891720
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: 696b033c-5a22-4f49-88ec-062fdd07f52f
x-officefd: BL6PEPF0000C717
x-usersessionid: d99a030c-9ec5-44d3-917a-8698a8fa146a
date: Sun, 27 Mar 2022 18:03:18 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 0E503AF1D9774007892E13BB559DF4B4 Ref B: AM3EDGE0808 Ref C: 2022-03-27T18:03:18Z

GET CampaignMetadataAggregator
messaging.office.com/lifecycle/ Frame 36D5 0
0

OPTIONS
H2 403 CampaignMetadataAggregator
messaging.office.com/lifecycle/ Frame 0
0 64ms
29ms Preflight 52.109.88.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=DE&locale=de-DE&app=2156&platform=Web&version=16.0.15122.37951&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight14%3B&ageGroup=0&authType=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.96 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Origin: https://excel.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: private
server
x-correlationid: 3f0fe362-1040-4116-8d3e-551c91517456
x-usersessionid: 3f0fe362-1040-4116-8d3e-551c91517456
x-officefe: OmexMessagingStorefront_IN_9
x-officeversion: 22.4.10321.11756
x-officecluster: weu-000.omexmessaging.osi.office.net
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-machine: weu-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_9
x-gateids: AirTrafficControl.GovernanceRule
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000
x-frame-options: deny
date: Sun, 27 Mar 2022 18:03:18 GMT
content-length: 0

GET
H2 200 osfruntime_strings.js Show response
c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/App_Scripts/1031/ Frame 36D5 11 KB
3 KB 21ms
21ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/App_Scripts/1031/osfruntime_strings.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h041781CE8C0B99D6__layouts/App_Scripts/osfruntime_xlo.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f8089532f0b0fa465d2efdcbd4f928a54359e17cd4932c6aeacc68d3e10a8846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"321fa59283ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006929
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2805
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 20:06:42 GMT
x-officefd: AM4PEPF000068A7
x-msedge-ref: Ref A: 7937CEF95B394FA18ECCAE873395D963 Ref B: AMS04EDGE1717 Ref C: 2022-03-22T20:06:42Z
x-usersessionid: e4084d93-e504-4e47-b979-c74e7caf631e
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e4084d93-e504-4e47-b979-c74e7caf631e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uiFabricLazy.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hF6197A90AFE8B669__layouts/App_Scripts/ Frame 36D5 2 KB
1 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF6197A90AFE8B669__layouts/App_Scripts/uiFabricLazy.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h0C8859C5B255671E__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f6197a90afe8b66943eae4817fe97c04ea673179b1af7d59219cb0a82664e000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"2f67663c5838d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15108.31878
x-officefe: AM4PEPF00006918
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 785
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 15 Mar 2022 10:34:22 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: 63892A3611A3494585DE89CB582A0392 Ref B: AM3EDGE0817 Ref C: 2022-03-15T10:34:22Z
x-usersessionid: afb74e35-51e3-4951-96bb-c098af81cc32
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: afb74e35-51e3-4951-96bb-c098af81cc32
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK sharedclipboard.min.js Show response
c1-shared-15.cdn.office.net/clipboard/s/161512237951_App_Scripts/ Frame B2CA 81 KB
18 KB 33ms
9ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-shared-15.cdn.office.net/clipboard/s/161512237951_App_Scripts/sharedclipboard.min.js

Requested by

Host: shared.officeapps.live.com
URL: https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=d99a030c-9ec5-44d3-917a-8698a8fa146a&corrid=d3241413-948b-4ddb-bd5a-eddd06f451e8&NoAuth=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e0fe1935583f3697e4ca291aabf888752f256b13628df4e15e9b1aaf037575bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shared.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"17f1834d253ed81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.15113.37951
X-OfficeFE: AM4PEPF00006914
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
Content-Length: 17404
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
Last-Modified: Tue, 22 Mar 2022 19:44:54 GMT
X-OFFICEFD: AM4PEPF000068B6
X-MSEdge-Ref: Ref A: 2EF90BC516014154A57EB8C32CAD094D Ref B: AMS04EDGE1416 Ref C: 2022-03-22T19:44:54Z
X-UserSessionId: 705dc012-b0c3-4c8d-958c-4c25655f49d3
Date: Sun, 27 Mar 2022 18:03:18 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 705dc012-b0c3-4c8d-958c-4c25655f49d3
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 moeerrorux.css
c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/Resources/1031/ Frame 36D5 10 KB
2 KB 18ms
16ms Stylesheet
text/css 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/Resources/1031/moeerrorux.css

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h041781CE8C0B99D6__layouts/App_Scripts/osfruntime_xlo.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

47d6dbdb766bd7ea675f68a5ce5a22654554001efc7007a0b8c484069d9e2638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"2044ba5a283ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00013CAF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1482
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_powerpointslice,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 20:06:44 GMT
x-officefd: AM4PEPF000068B6
x-msedge-ref: Ref A: 517FD8D5B22248B5B0690948AF4EDAF5 Ref B: AM3EDGE0808 Ref C: 2022-03-22T20:06:44Z
x-usersessionid: 17f22aec-c6e8-4c6f-858c-150f03cee6ec
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 17f22aec-c6e8-4c6f-858c-150f03cee6ec
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/Resources/1031/ Frame 36D5 644 B
1 KB 28ms
27ms Image
image/gif 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/Resources/1031/progress.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

79b48a07e8b202282bd8ec6ab7aac909eaa359da349fe822fac69e1f6e2991ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"c0aa16a3313ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006922
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 644
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 21:13:11 GMT
x-officefd: AM4PEPF000068B6
x-msedge-ref: Ref A: 40074FBE880B4DCCA3FCF8A1BCDFA271 Ref B: AMS04EDGE3520 Ref C: 2022-03-22T21:13:11Z
x-usersessionid: 39e0bf96-b9a2-4099-b548-5f868f710c8d
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: 39e0bf96-b9a2-4099-b548-5f868f710c8d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 moe_status_icons.png
c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/Resources/1031/ Frame 36D5 6 KB
7 KB 44ms
44ms Image
image/png 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/Resources/1031/moe_status_icons.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

77dd1463fe34be51528c6535c5aaf5590ee90bbd3b76ae8e362657c45e9f90fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"a421b5cb343ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068F0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 6140
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 21:35:48 GMT
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: C035E03194A642E482A915570606AD44 Ref B: AMS04EDGE1105 Ref C: 2022-03-22T21:35:48Z
x-usersessionid: 31d25197-5bb3-44c1-a50b-93fb877b57ed
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 31d25197-5bb3-44c1-a50b-93fb877b57ed
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 agavedefaulticon96x96.png
c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/Resources/1031/ Frame 36D5 1 KB
2 KB 48ms
48ms Image
image/png 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512237951__layouts/Resources/1031/agavedefaulticon96x96.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7b389747818635bca6fe76f5e3226eda36af53d8f27526796bc975ebd440a395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"afb8269c343ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006952
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1115
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 21:34:28 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 814DCAAEA48A4B5D898E8AEAE2560D8E Ref B: AMS04EDGE3219 Ref C: 2022-03-22T21:34:28Z
x-usersessionid: 3df1834f-c45e-4412-b05a-3fb6f0941055
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 3df1834f-c45e-4412-b05a-3fb6f0941055
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaNov.png
c1h-excel-15.cdn.office.net/x/s/hF987E2D9828EAD77__layouts/Resources/ Frame 36D5 10 KB
11 KB 50ms
50ms Image
image/png 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF987E2D9828EAD77__layouts/Resources/EwaNov.png

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hA6A56EEFB069B841__layouts/App_Scripts/EwaDS.tp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f987e2d9828ead776cb236e3efa082920c6605fd4bc3676bc93447ef677657c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "f74df06c473ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000068D6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 10090
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 23:49:09 GMT
x-officefd: AM4PEPF0000601B
x-msedge-ref: Ref A: 87E9E847F90140C49B13D327F2DFBA55 Ref B: AM3EDGE0208 Ref C: 2022-03-24T18:27:03Z
x-usersessionid: 101d78f8-cddc-4dd6-8977-8021f8088cfe
date: Sun, 27 Mar 2022 18:03:18 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 101d78f8-cddc-4dd6-8977-8021f8088cfe
accept-ranges: bytes
timing-allow-origin: *

GET CampaignMetadataAggregator
messaging.office.com/lifecycle/ Frame 36D5 0
0

OPTIONS
H2 403 CampaignMetadataAggregator
messaging.office.com/lifecycle/ Frame 0
0 28ms
27ms Preflight 52.109.88.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.96 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Origin: https://excel.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: private
server
x-correlationid: 2c41b1f2-9d5e-4dd8-a838-24c750656a0b
x-usersessionid: 2c41b1f2-9d5e-4dd8-a838-24c750656a0b
x-officefe: OmexMessagingStorefront_IN_9
x-officeversion: 22.4.10321.11756
x-officecluster: weu-000.omexmessaging.osi.office.net
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-machine: weu-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_9
x-gateids: AirTrafficControl.GovernanceRule
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000
x-frame-options: deny
date: Sun, 27 Mar 2022 18:03:18 GMT
content-length: 0

GET
H2 200 GetHasUntrustedImageUrls Show response
excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/ Frame 36D5 1 KB
1 KB 30ms
29ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/GetHasUntrustedImageUrls?context=%7B%22WorkbookMetadataParameter%22%3A%7B%22WorkbookMetadataState%22%3A%7B%22MetadataVersion%22%3A0%2C%22ServerEventVersion%22%3A0%7D%7D%2C%22ClientRequestId%22%3A%222b0006ab-47e9-4ff9-932d-386ae250c601%22%2C%22MakeInstantaneousChange%22%3Afalse%2C%22SessionId%22%3A%2215.AM4PEPF00013CB01.A81.1.V25.57992fvmOaeEuoIpYnPkejFYa14.5.de-DE5.en-US24.15a8a2fd9a14087e-Private1.S1.N16.16.0.15122.3795114.5.de-DE5.en-US1.V1.N0.1.S%22%2C%22TransientEditSessionToken%22%3Anull%2C%22PermissionFlags%22%3A786367%2C%22Configurations%22%3A1573648%2C%22CompleteResponseTimeout%22%3A0%2C%22IsWindowHidden%22%3Afalse%2C%22CollaborationParameter%22%3A%7B%22CollaborationState%22%3A%7B%22CollabStateId%22%3A0%2C%22UserListVersion%22%3A0%7D%7D%2C%22ViewModeStateId%22%3A0%2C%22MachineCluster%22%3A%22PNL1%22%2C%22AjaxOptions%22%3A0%2C%22ReturnSheetProcessedData%22%3Afalse%7D&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

452e06f0a332fc099735ddd7e2972ae101080b4b79b43c34e0ddcfffe6a5b338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacNoAuth: 1
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15122.37951
X-Key: BwEM4ZSUpakeOjEOObe+pOiqZHFW7OzA52X1JQrqUw4=,637840009959259224
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-XL-SessionId: 15.AM4PEPF00013CB01.A81.1.V25.57992fvmOaeEuoIpYnPkejFYa14.5.de-DE5.en-US24.15a8a2fd9a14087e-Private1.S1.N16.16.0.15122.3795114.5.de-DE5.en-US1.V1.N0.1.S
haep: 1
X-AccessToken: 4wNwF1vcLoudGRtWv5yroMVYxtJ7PoeRcasRB0LwaKQG4jkB2XdKiTcPaTudKYrZ-sNPW4B31kAV98VUQ4z5tTldH6IF_KipwBw3aH1g2Qi4Xz124C4VXr7IcwWzbxYneZ9P0hHwbU6c2TAnxKINvZmPbSgHvX6c-M8D7UVz8sR-o
X-UserSessionId: d99a030c-9ec5-44d3-917a-8698a8fa146a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json; charset=utf-8
X-CorrelationId: 961b00a1-1e33-4b69-a743-f9aa359b13c0
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
X-UserType: WOPI
X-AccessTokenTtl: 1650218595316
X-WacCluster: PNL1

Response headers

xlsecsid: AM4PEPF00013CB0
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00013CB0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
xlswfecid: 961b00a1-1e33-4b69-a743-f9aa359b13c0
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 909
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: 961b00a1-1e33-4b69-a743-f9aa359b13c0
x-officefd: AM4PEPF0001041A
x-usersessionid: d99a030c-9ec5-44d3-917a-8698a8fa146a
date: Sun, 27 Mar 2022 18:03:18 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
xlsecscid: 961b00a1-1e33-4b69-a743-f9aa359b13c0
x-msedge-ref: Ref A: 7F733F09568A407A8C50DABF9B0FFDBD Ref B: AM3EDGE0808 Ref C: 2022-03-27T18:03:18Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx
excel.officeapps.live.com/x/ Frame B2CA 0
0 25ms
25ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://excel.officeapps.live.com/x/RemoteUls.ashx?usid=d99a030c-9ec5-44d3-917a-8698a8fa146a
Requested by: Host: c1-shared-15.cdn.office.net
URL: https://c1-shared-15.cdn.office.net/clipboard/s/161512237951_App_Scripts/sharedclipboard.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shared.officeapps.live.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 RemoteTelemetry.ashx Show response
excel.officeapps.live.com/x/_layouts/ Frame 36D5 0
353 B 33ms
33ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/RemoteTelemetry.ashx

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h4A7CE19B5C1D9F9C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000601C
x-officeversion: 16.0.15122.37951
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: ddd1ee8d-2d87-4bdf-89f7-06fa0a42c4d5
x-officecluster: PNL1
x-usersessionid: ddd1ee8d-2d87-4bdf-89f7-06fa0a42c4d5
date: Sun, 27 Mar 2022 18:03:18 GMT
x-download-options: noopen
access-control-allow-origin: https://excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: AF4B398B5BDD493DBB2410E040A42D60 Ref B: AM3EDGE0808 Ref C: 2022-03-27T18:03:19Z
timing-allow-origin: *
x-officefe: AM4PEPF00013CB0

GET
H/1.1 200
OK flat_officeFontsPreview.ttf
fs.microsoft.com/fs/4.9/ Frame 36D5 616 KB
354 KB 11ms
11ms Font
application/octet-stream 2.18.232.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.9/flat_officeFontsPreview.ttf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-120.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f0338a27d7ce3a39ee72a3333bfbc656517010a4fa8e526ccb89e47c71451f37

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 18:03:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Oct 2019 21:25:30 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "964dee7d582d51:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=35307
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=flat_officeFontsPreview.ttf
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 36D5 0
395 B 41ms
41ms XHR
application/json 51.105.71.136
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by: Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1CF7DEC0E81FF1B5__layouts/App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.105.71.136 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 18:03:19 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 2
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 36D5 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: messaging.office.com
URL: https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=DE&locale=de-DE&app=2156&platform=Web&version=16.0.15122.37951&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight14%3B&ageGroup=0&authType=2

Domain: messaging.office.com
URL: https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=DE&locale=de-DE&app=2156&platform=Web&version=16.0.15122.37951&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight14%3B&ageGroup=0&authType=2

Domain: browser.events.data.microsoft.com
URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,fad3bd1d8e4b4c06894bd7bac80e4f02-67df67b4-f1fd-4ecd-9d55-4d41540b1757-7724,011776870b754a649aedc9456ac07a97-6bd8247c-11d3-4599-b599-ec9ef6d401f6-6722,31d9dd3e4c7046a696537586281d7ed1-06d11dd6-a946-4281-8ac3-a7c2ab4776f5-7063&upload-time=1648404200037&time-delta-to-apply-millis=use-collector-delta&w=2

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
excel.officeapps.live.com/x/_layouts	1970-01-20 10:39:00	Name: PageLoadSkeletonState Value: %7B%22IsEnabled%22%3Atrue%2C%22Options%22%3A3136%7D
excel.officeapps.live.com/x/_layouts	1970-01-20 10:39:00	Name: ExcelIsPreviousSessionSimplifiedRibbonOn Value: true
.officeapps.live.com/x	1970-01-20 10:39:00	Name: timeZoneId Value: Etc%2FUnknown
.live.com/	1969-12-31 23:59:59	Name: xid Value: 1b56857d-7dca-464a-a4d6-a72ac1c0f0bd&&RD00155D5EA8B2&123
.live.com/	1970-01-20 02:03:28	Name: wla42 Value:
.live.com/	1970-01-20 10:37:55	Name: mkt Value: de-DE
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 2
.live.com/	1969-12-31 23:59:59	Name: E Value: P:iY7oEBwQ2og=:pYCykb+spV0uKE87gzk7wSwLXn2ZHJOLyY3waThBTh8=:F
excel.officeapps.live.com/	1970-01-20 04:05:52	Name: DcLcid Value: ui=1031&data=1033
.excel.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-Excel-ARRAffinity Value: e8937ce33830fef504b4a41b0559b79829add9aa0a4adf8750145451c689b233
excel.officeapps.live.com/	1969-12-31 23:59:59	Name: ShCLSessionID Value: 1648404198035_0.3447935705107614
.live.com/	1969-12-31 23:59:59	Name: BP Value: l=SDX.Skydrive&FR=&ST=
onedrive.live.com/	1970-01-22 21:57:35	Name: MicrosoftApplicationsTelemetryDeviceId Value: 0836a07a-f7ca-9a64-ec97-b268ad33c431
onedrive.live.com/	1970-01-22 21:57:35	Name: MicrosoftApplicationsTelemetryFirstLaunchTime Value: 1648404198334
.live.com/	1970-01-20 11:15:00	Name: MUID Value: 0D80A09664A263583B11B1E260A26780
.bing.com/	1970-01-20 11:15:00	Name: MUID Value: 0D80A09664A263583B11B1E260A26780
.c.bing.com/	1970-01-20 11:15:00	Name: SRM_B Value: 0D80A09664A263583B11B1E260A26780
.c.bing.com/	1970-01-20 11:15:00	Name: SRM_L Value: 0D80A09664A263583B11B1E260A26780
.c.live.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.live.com/	1970-01-20 01:53:24	Name: ANONCHK Value: 0
shared.officeapps.live.com/	1970-01-20 04:05:52	Name: DcLcid Value: ui=1031&data=1031
.shared.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: ec41a07dd3b7e4aeb29339f45d421e8c0581770d758f17594ce9addd3c45d584
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 4e06e44ab1be47c5a4ce59cc6c47dca6
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=63539&lt=1648404199&co=1
.login.live.com/	1970-01-20 11:15:00	Name: MSCC Value: 138.199.38.132-DE
.login.live.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.DQV6Z0tzO2eJBBAVOoqT!J2nDYJLIji5mahn4QB0290TeJzLN3SliTkNeSmLbeuHiB1Isu57ynsbecKUNaqr0cdQlHWbu4NXc6fSfsg6UOxEHowXcVvPChxb6I4DaipasuCAjFlS9gDqnLfYjJS3pm7ZLlkgkjc1XG3x!5boiwZw5De3CQwMB00fOlOznjeFnw6jzR72U9tbTK9gxDY626HpDlBLDO4BmeFD0U7yBrdR1CF0RtDYvPt1QSwLyrKRuxhfMFxWFpjGxxh88Z3JDdV7Yn5e20eUXqKLMkXsJXy1yifRr94rK16zcJbVjplTMh5MZkQIXy7jSRVAZleDx70sHB2a1d52DPRA1kgJrgBCORV3PkzCWkPbz7vAWAZbmiNMgt2BhoibDg6zh3q2RlhVqxlNAK74P8!xXM116TWaBohyPgt0zJtbPs4smylX6roPfIUj5Cy*hqeDahmhXlhb1jgD5Y2!kVCx
.login.live.com/	1969-12-31 23:59:59	Name: MSPOK Value: $uuid-d1be50d0-e499-4494-9e09-4d33266f8dde

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3 Message: Access to fetch at 'https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=DE&locale=de-DE&app=2156&platform=Web&version=16.0.15122.37951&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight14%3B&ageGroup=0&authType=2' from origin 'https://excel.officeapps.live.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=DE&locale=de-DE&app=2156&platform=Web&version=16.0.15122.37951&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight14%3B&ageGroup=0&authType=2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=l4lx15pdLUCvbT9ZG7zaWw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F15A8A2FD9A14087E%21296938&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=3 Message: Access to fetch at 'https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=DE&locale=de-DE&app=2156&platform=Web&version=16.0.15122.37951&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight14%3B&ageGroup=0&authType=2' from origin 'https://excel.officeapps.live.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=DE&locale=de-DE&app=2156&platform=Web&version=16.0.15122.37951&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight14%3B&ageGroup=0&authType=2 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amcdn.msftauth.net
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.live.com
c1-shared-15.cdn.office.net
c1h-excel-15.cdn.office.net
excel.officeapps.live.com
fs.microsoft.com
js.live.net
login.live.com
messaging.office.com
mrodevicemgr.officeapps.live.com
onedrive.live.com
p.sfx.ms
shared.officeapps.live.com
shell.cdn.office.net
spoprod-a.akamaihd.net
static2.sharepointonline.com
storage.live.com
browser.events.data.microsoft.com
messaging.office.com
104.111.225.185
104.90.146.78
13.104.208.165
13.107.42.13
13.81.118.91
2.16.186.25
2.18.232.120
20.126.153.54
20.190.159.73
2620:1ec:48::44
2620:1ec:a92::171
2620:1ec:c11::200
2a02:26f0:6c00:294::4b36
2a02:26f0:6c00:2a3::1c24
2a02:26f0:b600:1ad::4b36
51.105.71.136
52.109.88.96
52.142.114.2
01346477df6bab879760395263416b532a5fe56a6141a51122950f15310a2753
036f613df24075e14c8e36a580c10c2cea1b193268b8e6bac5e397f76d36fc88
041781ce8c0b99d64132ad8a1c81ecc95fe4be596a41550d4a42775b70c62d8b
07c1cb93777bb12e907557a85828f9fc9bcd96d76cd93439a875ae051bc62890
09f6c8293dec26567f220f12acd488876fbbf40ad2c67e0f0f4766de6bda8981
0c8859c5b255671e1b3c4df346e10a2a3dfa210f16a971c37f40203becf7650f
0f03f00939b9716fc69ed12a6faab3123f1b02e8f69598c1b9577475067240f9
105ce7a9cf9ce2ca879d8d8b51e353c5ca3900c82f99629a9a05654bc6fe8bb4
121a2735f29cd8d2840601ee3bdf513c7237e89af6c98f4a503a98385c0bd8a9
1522f5c0f14d035c42540d84ad4d00d92b72240e91784c15c59e12921a1f0d79
16f030a4b29f73adb647fafd48f057a55f6979e872d0bf6186e1836c260d01ca
1a5a30b886de51eb2f7879fd1ef7777a14b97375cf0c8bc98cc5468414f6fc1b
1a63f2ba53567d401aaef8cc84fb0faf704eadb14e08db524ec88df96d344b9b
1cf7dec0e81ff1b5ff6f8c126725f2b1f6465f457acc87953e64b8be78c2f187
1edf9a1d4bd467c3052c686496fe979ff5c8811c3a121039ca73de29b1708181
1fef7f05728ec2255b4080da354264828b77aadcc378f6faa7cb2b273661b604
20980a65c7b4760aa7b34cd4d40966730ca8422a919feedb8b39ddd95820fd8a
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
2506308409f10bf60751e3caa18ca0a833b5e430b9aaf30166a69b29eb1a1043
2606632c3fe60dff46c07f2373dbd7d5316c3b1fff9be4408011f8706e5b9549
26c1366363f67529c890e09d88ca4e4d6aca15c756070659ed023dc42b5a3d29
2f95cddc41d79343acd4194569538eb07ae5bdd1ec90469253f41ee5db530b67
3326ba6db7c7146fd0236a77dc2ad34e62e8585a5449809addb89077cd1b44ba
35998afbc46f0eab0406ec478a5430fd7cd4dc4a3322f547c5bdfd50beeb6228
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
3f2d8e28b45b733672c14a22434c033edf9375e53ae7ace036d844ff8d5d9ef0
43c5939cb732d8aa2d20fce97f359f46b7c3b937e60ed576b752ae0a2e73314f
452e06f0a332fc099735ddd7e2972ae101080b4b79b43c34e0ddcfffe6a5b338
46689198526f176cb3bb2881be2e8f1273be7293fea0625f2c3bfa2058c9b422
47d6dbdb766bd7ea675f68a5ce5a22654554001efc7007a0b8c484069d9e2638
4a7ce19b5c1d9f9c7bbdeb396a4a54a4648357249a95506dbacd71296ba81dfe
4dc807377ed3e01c27181efaa819f191c96dc08697b1342cff418c58bbf22def
59907d235249104f28b2bb48afe9f2d040db51a4fec78b180f075f9d576930e1
59e1ecc15f7639121d99a75dce05be39a43630398ff19de0258b0f5e1cfcbdb1
5b40665a9c6eda7ee5b01320fae0bc3bda499e8df67c518193f944683dc70c79
6265b1577d9a1dc1197b0fc02ef2f0c1f6fb9284e529564dc7bbe495bf727fea
63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5
641576774382e2d2772470bd1fcb9b8db540b657153735d0d869818e471880e6
6470af6d2e569252f7ade50b536add4840b0d4eb03f3cade487bfd062c273253
6701f3250807b619bb6d1d7e79f04eefb1c371a165bf5dcb48d3698c05240515
67ede0fc3ca08aaf330485c705fcd4f16e15c8786d39002ccd2488b04bac1bd7
6b41d99b9ea46a0f11bae24082fb4123d75adeba2c664add1c3837838bf1e2e8
70aa6280532002357186121cdac4f4ee50ae993a50ad785c98015377b1635474
7754ecc83f107a1b9d1accf820762349d00bbfefa0f8ba7c4444a88b81921b04
77dd1463fe34be51528c6535c5aaf5590ee90bbd3b76ae8e362657c45e9f90fd
78190793a4d566a29008f260cf0154f94de0fbb7d4e98b1f9e3b090af4092452
79b48a07e8b202282bd8ec6ab7aac909eaa359da349fe822fac69e1f6e2991ec
7b389747818635bca6fe76f5e3226eda36af53d8f27526796bc975ebd440a395
7b8ece79ba7a0116ca6efb6625dbb8c01a54b58426ee7c1c67a0a11b498971fb
8120ec3c1941e13f61be928737e367da63cfda781d287b2fcd2b2fd02221ae15
830e4427e1f26152e32038b7c0e2945a863823159eb1ed027aa5663a9df7c575
85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449
883922a710e857e94b35fd6748792782280a859e154e4db2e4c0b4876dfa61ae
89e88693c30a2b179706dec09289a2907c58ca54fb4d2df0df6b34ab8a3a0c42
8ffc4c16ff17b6ebe7bf2a751d6f1014e123185f64c4e79a22c9526126c9f8aa
9056ff1ed4d1924aafe294b44fcc88ef04935905523fef6b3a9da8161f9c8f47
9089dc0e3ba90c7788eb46e1dccb635f171be505d82eb14d51c4f28e23c9cbeb
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
987c5119a6cee5346e8c2c2c4a3160897103b12fa9ecfb70b9b117dc13e68867
99b14282e9174d1d838666d35f2ed85720d3353c6c7ff13136082ad34d5de2ea
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9dad37acbd7379d5c59ce5446af219921c1515a7682af7991a2228b397840abe
9f69ba07636ff0e7163cd7fdb8461f66e97da9ad1574964bdb561de16a2cc106
a58378deafd5b6821692f36ab9c2da7bcf03e2c450b0a72ba583783383fe95ce
a6a56eefb069b8415fa94a2d46b19962d24a75600385127b300c3160f0ea8320
aaabf68419cdc7115a26f20bb1432df2b6a144c99b3a33e87d5d597c17902c31
acab474de06215947505c5386cafff21b6de5d3aab784d05c15abc10edde9b78
b030423759d3257bf81fd7817114e8820b37c046e24d61b4aa1def6194d41b0b
b10413127c803f6bd4a20e065feeb034b3e1cfdd07ff49f542d0b91080c45d47
b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df
b1efda9130cb305275e233083f3171c724fa41c21af6be7ad43919c77a1a906b
b323d86681653d7e2e92716f79f18a324b1337dd9ad3d456644ca9fb7493ffa3
b6a2dad9ce99d887707f27c547081c333b8f7cf7060be8fbd022432e24190c13
b784c6be1065e31cab361a0deb21e813a4d9b193242c980553c922a6e9770a30
ba12dd359d28c571b1cd2348ace33ecd165582cc04adb05a1ce114c9704efcb0
bc877f37633d6d9c21e9ae669b9a2aaddb9acccc227f16f79423eb0ef78385ff
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c949982df7b0a15866feaa71641d1dd64f0bd6415013cbff9a5bf2a61d65b33c
ca65d343fa43aed20175eba0f681702ab45d84928aa142a680263f71f5e9299f
cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c
ce8cb7872b3b4f8d0caa8724d6989c501926372e18c460a4e9ec201f359d4671
cf7e351cc75d0150ed68e7cb699ed9d70e9f2207d7701447485f2e7376df70e7
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d56614beb46caa08515c96ab706336eefdae1773fd6bff6b007dc61e62eb9242
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
d6c85a44d0f5d9ccea7d2ff1acad57afac793236cb1f52aba0e58e30f2519911
d7ff83751040bf0f3f784d1d8d002c6e6045cc58f12a6a37f2badf2b3a0ebcb0
d8326bb4760631a8487732482af651a31c4d630a4a86a5c34e1bb44cce542e02
db3b917635a01d3dbc904232b79b4b03f592d2d77f457f81c4e88ef5a7f07846
ddacff985568d4587ff00bcd1e6ec886c89eb143994d862a67338c356e3c42d6
ddfe0b732427fa358529faecedb612c4f35855a3e63390fa6e2fd2c90c83ec08
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c
e0fe1935583f3697e4ca291aabf888752f256b13628df4e15e9b1aaf037575bd
e2f444e3812c761857852f346453a0e86195fad70ff718a1b8827d69a91b5db5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6
e55e348498d2bd7a827ca6e3694c6e88c362b9a1a4972a80b22a66a3ae822406
e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5
eb0ab622969875cccbaa658809cc6df6bfd73846f9c6c5e80774936cbc52845c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0338a27d7ce3a39ee72a3333bfbc656517010a4fa8e526ccb89e47c71451f37
f1f48c1c7469e6721f9617d81b13a0272311b02b67440c497bef1b534ca14436
f302bf6bee53225e4a705907a6e8477d3daec0cc703fedc713acab48aea042da
f46bfed3183b73f0fdf0917cbf14cca64fb8bfc4483067a3d964acc122b5f615
f6197a90afe8b66943eae4817fe97c04ea673179b1af7d59219cb0a82664e000
f7880c04f3b9633a9ef7373e88312b7311dc4307b909f38fc63397a7cfbca349
f8089532f0b0fa465d2efdcbd4f928a54359e17cd4932c6aeacc68d3e10a8846
f8d1be38774a3d89f9cd3c2667167fccd8d7bcd97348f55a4c7d42ab94f8a21b
f987e2d9828ead776cb236e3efa082920c6605fd4bc3676bc93447ef677657c2
fa8ff5f44ba6ad0ccd79257e352b9fb064b61741a37cb438bebe7a960630e3f2
fdec2ba0092cb989e4575e5560a255b305300e9ce00743780ccd18cbadb52983
fec76ac44ae2439795829e6cd32f47d2d414aa663bb5d215c0dcaa3ddf1189af

onedrive.live.com Open in urlscan Pro 13.107.42.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

131 Requests

95 %HTTPS

33 %IPv6

10 Domains

20 Subdomains

17 IPs

6 Countries

6659 kBTransfer

27284 kBSize

27 Cookies

1 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

95 %
HTTPS

33 %
IPv6

10
Domains

20
Subdomains

17
IPs

6
Countries

6659 kB
Transfer

27284 kB
Size

27
Cookies

131 HTTP transactions
4 data transactions