urlscan.io logo urlscan.io
SecurityTrails logo

www.officeppe.com Open in urlscan Pro
2620:1ec:a92::157  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://officeppe.com/
Effective URL: https://www.officeppe.com/
Submission: On December 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 42 HTTP transactions. The main IP is 2620:1ec:a92::157, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.officeppe.com.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 05 on August 19th 2022. Valid for: a year.
This is the only time www.officeppe.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 5 2620:1ec:a92:... 8068 (MICROSOFT...)
21 2620:1ec:bdf::45 8068 (MICROSOFT...)
3 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 2.16.238.143 20940 (AKAMAI-ASN1)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 104.43.200.36 8075 (MICROSOFT...)
2 13.89.178.26 8075 (MICROSOFT...)
4 20.189.173.3 8075 (MICROSOFT...)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
42 11
5    2620:1ec:a92::157 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
officeppe.com
www.officeppe.com
21    2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
res-sdf.cdn.office.net
wcpstatic.microsoft.com
mem.gfx.ms
js.monitor.azure.com
3    2a02:26f0:1700:1b2::356e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.microsoft.com
1    2.16.238.143 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-143.deploy.static.akamaitechnologies.com
statics-marketingsites-ppe-ms-com.akamaized.net
1    2a02:26f0:780::5f65:3670 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-prod-cms-rt-microsoft-com.akamaized.net
2    2a02:26f0:480:28d::356e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.s-microsoft.com
3    104.43.200.36 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com
2    13.89.178.26 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com
4    20.189.173.3 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c1.microsoft.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
15 microsoft.com
www.microsoft.com — Cisco Umbrella Rank: 282
wcpstatic.microsoft.com — Cisco Umbrella Rank: 5319
web.vortex.data.microsoft.com — Cisco Umbrella Rank: 6330
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 145
browser.events.data.microsoft.com — Cisco Umbrella Rank: 253
c1.microsoft.com — Cisco Umbrella Rank: 6420
169 KB
15 office.net
res-sdf.cdn.office.net — Cisco Umbrella Rank: 441011
3 MB
5 officeppe.com
officeppe.com — Cisco Umbrella Rank: 10018
www.officeppe.com
25 KB
4 gfx.ms
mem.gfx.ms — Cisco Umbrella Rank: 2154
60 KB
2 s-microsoft.com
c.s-microsoft.com — Cisco Umbrella Rank: 11143
62 KB
2 akamaized.net
statics-marketingsites-ppe-ms-com.akamaized.net
img-prod-cms-rt-microsoft-com.akamaized.net — Cisco Umbrella Rank: 1312
5 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 255
668 B
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1643
34 KB
42 8
Domain Requested by
15 res-sdf.cdn.office.net www.officeppe.com
4 browser.events.data.microsoft.com js.monitor.azure.com
4 mem.gfx.ms www.officeppe.com
mem.gfx.ms
4 www.officeppe.com www.officeppe.com
3 web.vortex.data.microsoft.com res-sdf.cdn.office.net
3 www.microsoft.com www.officeppe.com
www.microsoft.com
2 c1.microsoft.com 1 redirects
2 browser.pipe.aria.microsoft.com res-sdf.cdn.office.net
2 c.s-microsoft.com www.microsoft.com
1 c.bing.com 1 redirects
1 js.monitor.azure.com mem.gfx.ms
1 wcpstatic.microsoft.com www.officeppe.com
1 img-prod-cms-rt-microsoft-com.akamaized.net www.officeppe.com
1 statics-marketingsites-ppe-ms-com.akamaized.net www.officeppe.com
1 officeppe.com 1 redirects
42 15
Subject Issuer Validity Valid
portal.officeppe.com
Microsoft Azure TLS Issuing CA 05		 2022-08-19 -
2023-08-14		 a year crt.sh
res-sdf.cdn.office.net
DigiCert SHA2 Secure Server CA		 2022-10-25 -
2023-10-25		 a year crt.sh
www.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-10-04 -
2023-09-29		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
wcpstatic.microsoft.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-10 -
2023-03-10		 a year crt.sh
identitycdn.msauth.net
Microsoft Azure TLS Issuing CA 05		 2022-10-21 -
2023-10-16		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 01		 2022-09-24 -
2023-09-19		 a year crt.sh
*.vortex.data.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2022-09-21 -
2023-09-16		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-09-08 -
2023-09-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.officeppe.com/
Frame ID: B91881ACFAD3E9B862980DFBF9CE67E2
Requests: 49 HTTP requests in this frame

Frame: https://mem.gfx.ms/me/mecache?partner=office&wreply=https%3A%2F%2Fwww.officeppe.com%2F
Frame ID: DBEFF0D9BD5C1A372F60F52F67CCA7D2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Office 365-Anmeldung | Microsoft OfficeCalifornia Consumer Privacy Act (CCPA) Opt-Out Icon

Page URL History Show full URLs

  1. http://officeppe.com/ HTTP 302
    https://www.officeppe.com/ Page URL

Page Statistics

42
Requests

98 %
HTTPS

55 %
IPv6

8
Domains

15
Subdomains

11
IPs

3
Countries

3853 kB
Transfer

4957 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://officeppe.com/ HTTP 302
    https://www.officeppe.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
  • https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=4BD56F50F201414B9A7B421282B7EDF6&RedC=c1.microsoft.com&MXFR=1325557B774562C5111C471573456475 HTTP 302
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=4BD56F50F201414B9A7B421282B7EDF6&MUID=04717B6CE7BC6A09027A6902E6BC6B0C

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.officeppe.com/
Redirect Chain
  • http://officeppe.com/
  • https://www.officeppe.com/
117 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::157 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
768be81cbaedc6bb83cc2ca9257bc0edf46866747185d7cf87a42961b4bb385a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store,no-cache
content-encoding
gzip
content-security-policy-report-only
default-src 'none';upgrade-insecure-requests;style-src https: 'unsafe-inline';font-src https: data:;img-src https: data:;connect-src 'self' https://browser.pipe.aria.microsoft.com https://web.vortex.data.microsoft.com https://browser.events.data.microsoft.com;frame-src https://login.windows-ppe.net https://login.live.com https://login.live-int.com;worker-src 'self' blob:;child-src 'self' blob:;report-uri /api/csp-report?page=Unauth&reportOnly=True;script-src 'nonce-/FmPiQx3O+eIWi372Bbl+g==' 'unsafe-inline' 'unsafe-eval' https: 'strict-dynamic';
content-type
text/html; charset=utf-8
date
Fri, 02 Dec 2022 12:24:38 GMT
nel
{ "report_to": "NelOfficeHubUpload1", "max_age": 3600, "include_subdomains":False, "failure_fraction":1, "success_fraction":0,01}
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{ "group": "NelOfficeHubUpload1", "max_age": 3600, "endpoints": [{ "url": "https://officehub.nel.measure.office.net/api/report?TenantId=unknown&DestinationEndpoint=ncu&FrontEnd=AFD" }],"include_subdomains":False}
request-context
appId=
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-msedge-ref
Ref A: F8A628E6923E4A399245769C3097E654 Ref B: AMS231032601051 Ref C: 2022-12-02T12:24:37Z
x-ua-compatible
IE=edge,chrome=1
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Date
Fri, 02 Dec 2022 12:24:36 GMT
Location
https://www.officeppe.com/
X-MSEdge-Ref
Ref A: D5904855FA1A4E7ABA7B9340F7357BC0 Ref B: AMS231032604027 Ref C: 2022-12-02T12:24:37Z
unauth-5d1fc64f24.css
res-sdf.cdn.office.net/officehub/bundles/ 		196 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res-sdf.cdn.office.net/officehub/bundles/unauth-5d1fc64f24.css
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f13df15a840fb1124ccdf4191f10b0448897dfd11373fd2dbbf0b4d55f9b1e5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.officeppe.com/
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 12:24:39 GMT
x-azure-ref-originshield
0h+6JYwAAAABY0hr05r+OSYCVF/fR+yS5RlJBMjMxMDUwNDE3MDIzAGQ0ODhjYTE1LWNhYjItNDc0ZC1iMWUzLWUxM2UxMDljNTE1Mw==
x-cache
TCP_MISS
last-modified
Fri, 04 Nov 2022 07:31:19 GMT
x-cdn-provider
Azure
x-azure-ref
0h+6JYwAAAACGWUYeNqpBQo9Vubt+f2g3RlJBMzFFREdFMDMxNABkNDg4Y2ExNS1jYWIyLTQ3NGQtYjFlMy1lMTNlMTA5YzUxNTM=
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
83dad8d8-201e-001e-6e49-06487c000000
access-control-expose-headers
date
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-headers
*
sharedfontstyles-27fa2598d8.css
res-sdf.cdn.office.net/officehub/bundles/ 		1 KB
525 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res-sdf.cdn.office.net/officehub/bundles/sharedfontstyles-27fa2598d8.css
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c8ad9c22eb148de817a1b86bcfc7ccef2151f798c0d8f26a7534ee0b9465ea34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.officeppe.com/
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 12:24:40 GMT
x-azure-ref-originshield
0h+6JYwAAAAB1RTIM+qmqTplUk7RfQ3C6RlJBMjMxMDUwNDE4MDM1AGQ0ODhjYTE1LWNhYjItNDc0ZC1iMWUzLWUxM2UxMDljNTE1Mw==
x-cache
TCP_MISS
last-modified
Thu, 01 Dec 2022 03:50:59 GMT
x-cdn-provider
Azure
x-azure-ref
0h+6JYwAAAAAHkdYKyfZ3TpVG59zC6jyHRlJBMzFFREdFMDMxNABkNDg4Y2ExNS1jYWIyLTQ3NGQtYjFlMy1lMTNlMTA5YzUxNTM=
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
52f6ced1-e01e-003b-0749-064934000000
access-control-expose-headers
date
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-headers
*
segoeui_light.woff2
res-sdf.cdn.office.net/officehub/versionless/webfonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-sdf.cdn.office.net/officehub/versionless/webfonts/segoeui_light.woff2
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
57febfbad63b722a38bc668e67bc7c2dc02eca221f26db3a9303c1bd584a1a42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.officeppe.com/
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Dec 2022 12:24:39 GMT
x-azure-ref-originshield
0h+6JYwAAAACVMUkVjCuoTpcTpwPcAExyRlJBMjMxMDUwNDE3MDI1AGQ0ODhjYTE1LWNhYjItNDc0ZC1iMWUzLWUxM2UxMDljNTE1Mw==
x-cache
TCP_REMOTE_HIT
content-length
10544
last-modified
Thu, 01 Dec 2022 03:52:47 GMT
x-cdn-provider
Azure
x-azure-ref
0h+6JYwAAAABKa9cAB6HNQpbNSIC5tZCJRlJBMzFFREdFMDMxNABkNDg4Y2ExNS1jYWIyLTQ3NGQtYjFlMy1lMTNlMTA5YzUxNTM=
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
1bd4b264-901e-000e-20c4-052520000000
access-control-expose-headers
date
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-headers
*
segoeui_regular.woff2
res-sdf.cdn.office.net/officehub/versionless/webfonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-sdf.cdn.office.net/officehub/versionless/webfonts/segoeui_regular.woff2
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bb232fd09a6696ce21ec10a43b89933e12ad866dfde30a4a6a08e08082e6557d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.officeppe.com/
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Dec 2022 12:24:39 GMT
x-azure-ref-originshield
0h+6JYwAAAADlZDZskp7+TZVEbMfv2oiGRlJBMjMxMDUwNDE4MDIxAGQ0ODhjYTE1LWNhYjItNDc0ZC1iMWUzLWUxM2UxMDljNTE1Mw==
x-cache
TCP_REMOTE_HIT
content-length
11100
last-modified
Fri, 25 Nov 2022 09:23:24 GMT
x-cdn-provider
Azure
x-azure-ref
0h+6JYwAAAABGpL2M/kKuRLRIcutrUXfdRlJBMzFFREdFMDMxNABkNDg4Y2ExNS1jYWIyLTQ3NGQtYjFlMy1lMTNlMTA5YzUxNTM=
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
0c5d1c6a-b01e-0019-429f-048c2b000000
access-control-expose-headers
date
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-headers
*
segoeui_semibold.woff2
res-sdf.cdn.office.net/officehub/versionless/webfonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-sdf.cdn.office.net/officehub/versionless/webfonts/segoeui_semibold.woff2
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2cd3ef7b5b677b7827bfbe5b926a283e7ca687ddb6b021fa4289630671ebd061
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.officeppe.com/
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Dec 2022 12:24:39 GMT
x-azure-ref-originshield
0h+6JYwAAAABqmjEu4xF+QKqIl5xibk8XRlJBMjMxMDUwNDE3MDQ5AGQ0ODhjYTE1LWNhYjItNDc0ZC1iMWUzLWUxM2UxMDljNTE1Mw==
x-cache
TCP_MISS
content-length
11356
last-modified
Thu, 01 Dec 2022 03:52:50 GMT
x-cdn-provider
Azure
x-azure-ref
0h+6JYwAAAABnlq7y8421R67YmkwWiW/hRlJBMzFFREdFMDMxNABkNDg4Y2ExNS1jYWIyLTQ3NGQtYjFlMy1lMTNlMTA5YzUxNTM=
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
7a75e320-301e-0002-7649-061a1c000000
access-control-expose-headers
date
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-headers
*
segoeui_semilight.woff2
res-sdf.cdn.office.net/officehub/versionless/webfonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-sdf.cdn.office.net/officehub/versionless/webfonts/segoeui_semilight.woff2
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
633894cf845287f205f1b5bd26b7667dda186695fce3d789306f30c5fbdb14b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.officeppe.com/
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Dec 2022 12:24:39 GMT
x-azure-ref-originshield
0h+6JYwAAAAArrIsbzBbTT6hHs7nv9i/JRlJBMjMxMDUwNDE4MDM5AGQ0ODhjYTE1LWNhYjItNDc0ZC1iMWUzLWUxM2UxMDljNTE1Mw==
x-cache
TCP_REMOTE_HIT
content-length
12164
last-modified
Thu, 01 Dec 2022 03:52:47 GMT
x-cdn-provider
Azure
x-azure-ref
0h+6JYwAAAABnq+aFAOj1QJ3/FlGDE9MkRlJBMzFFREdFMDMxNABkNDg4Y2ExNS1jYWIyLTQ3NGQtYjFlMy1lMTNlMTA5YzUxNTM=
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
e721119c-901e-0053-5cc4-052fa4000000
access-control-expose-headers
date
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-headers
*
74-888e54
www.microsoft.com/onerfstatics/marketingsites-wcus-ppe/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/6f-d7d610/ 		167 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-wcus-ppe/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/6f-d7d610/74-888e54?ver=2.0&_cf=02242021_3231
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:1b2::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fcc62cfca9c9d128a7aad55254239bc3b8b5bfa1ec6861e570a21feab4b39912
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ms-operation-id
2e2ad6a37f1194449ad89c9b092c144c
date
Fri, 02 Dec 2022 12:24:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2022-11-30T20:48:20
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
58dc4ae9-de23-443b-a893-10127c6872f1
tls_version
tls1.3
ms-cv
W58B36tqZEiSv757.0
content-length
22701
x-xss-protection
1; mode=block
last-modified
Wed, 30 Nov 2022 20:48:20 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-wcus-ppe, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-11-30T04:36:46.0000000Z}
x-s1
2022-11-30T20:48:20
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31393420
timing-allow-origin
*
x-appversion
1.0.8368.37103
expires
Thu, 30 Nov 2023 20:48:19 GMT
override.css
statics-marketingsites-ppe-ms-com.akamaized.net/statics/ 		1 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://statics-marketingsites-ppe-ms-com.akamaized.net/statics/override.css
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.238.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-143.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 02 Dec 2022 12:24:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2019 23:22:13 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D6EEC3A2D67C35
Vary
Accept-Encoding
Content-Type
text/css
x-ms-request-id
7f142e1a-001e-000b-4739-49127e000000
x-ms-version
2009-09-19
Connection
keep-alive
Content-Length
473
RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:780::5f65:3670 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 12:24:39 GMT
last-modified
Tue, 15 Nov 2022 04:41:36 GMT
x-resizerversion
1.0
x-source-length
4054
x-datacenter
northeu
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=103115
x-activityid
f4c2fe6a-3219-4e4e-87c1-d16d89d96fcf
content-location
https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
timing-allow-origin
*
content-length
4054
expires
Sat, 03 Dec 2022 17:03:14 GMT
hero-xxl-b79c4b74fa.jpg
res-sdf.cdn.office.net/officehub/images/content/images/ 		515 KB
516 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-sdf.cdn.office.net/officehub/images/content/images/hero-xxl-b79c4b74fa.jpg
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eb4506c6341c8bed31416f698406b26cadf9773b1a70f65a6115bedf88960b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Dec 2022 12:24:39 GMT
x-azure-ref-originshield
0h+6JYwAAAAA55pkpB75kSrW7G9tUP3X0RlJBMjMxMDUwNDE4MDMxAGQ0ODhjYTE1LWNhYjItNDc0ZC1iMWUzLWUxM2UxMDljNTE1Mw==
x-cache
TCP_MISS
content-length
527605
last-modified
Thu, 01 Dec 2022 03:53:14 GMT
x-cdn-provider
Azure
x-azure-ref
0h+6JYwAAAADl75pqbfgUQo8WkBDKjoQXRlJBMzFFREdFMDkxMwBkNDg4Y2ExNS1jYWIyLTQ3NGQtYjFlMy1lMTNlMTA5YzUxNTM=
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
487b77eb-901e-000b-5149-065fcf000000
access-control-expose-headers
date
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-headers
*
for-home-22b0da7562.png
res-sdf.cdn.office.net/officehub/images/content/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-sdf.cdn.office.net/officehub/images/content/images/for-home-22b0da7562.png
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2faed8a5b8611ced29bd53267d47173058b5a448b3ff65b0fdf2fdb047cbf0da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Dec 2022 12:24:39 GMT
x-azure-ref-originshield
0h+6JYwAAAABW8OehzcN3S6Xqkdv8c83URlJBMjMxMDUwNDE3MDI5AGQ0ODhjYTE1LWNhYjItNDc0ZC1iMWUzLWUxM2UxMDljNTE1Mw==
x-cache
TCP_MISS
content-length
1444
last-modified
Thu, 01 Dec 2022 03:53:14 GMT
x-cdn-provider
Azure
x-azure-ref
0h+6JYwAAAAAf93uDkBjwTZFKpynv/PaARlJBMzFFREdFMDkxMwBkNDg4Y2ExNS1jYWIyLTQ3NGQtYjFlMy1lMTNlMTA5YzUxNTM=
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
9ffa56c4-801e-0038-5a49-060064000000
access-control-expose-headers
date
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-headers
*
for-business-7a6cb040bd.png
res-sdf.cdn.office.net/officehub/images/content/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-sdf.cdn.office.net/officehub/images/content/images/for-business-7a6cb040bd.png
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
38ccec1fc395d0e037e0898297a0fecb652dfefab7f5fbd110d468757f0681f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Dec 2022 12:24:40 GMT
x-azure-ref-originshield
0h+6JYwAAAAAceccUkNQFSLcYMvw9eU0jRlJBMjMxMDUwNDE3MDM1AGQ0ODhjYTE1LWNhYjItNDc0ZC1iMWUzLWUxM2UxMDljNTE1Mw==
x-cache
TCP_MISS
content-length
1590
last-modified
Thu, 01 Dec 2022 03:53:05 GMT
x-cdn-provider
Azure
x-azure-ref
0h+6JYwAAAACj8c7RbxcYRKfIWVJ7xJTVRlJBMzFFREdFMDkxMwBkNDg4Y2ExNS1jYWIyLTQ3NGQtYjFlMy1lMTNlMTA5YzUxNTM=
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
ac38b048-201e-0079-0449-06f0b4000000
access-control-expose-headers
date
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-headers
*
for-enterprise-b5e0072ea2.png
res-sdf.cdn.office.net/officehub/images/content/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-sdf.cdn.office.net/officehub/images/content/images/for-enterprise-b5e0072ea2.png
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ee74532919b86d147a917a5c87d7b3002fff7f7287693c7d1908b9bcd6556f61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Dec 2022 12:24:39 GMT
x-azure-ref-originshield
0h+6JYwAAAADsE0R1CVhTQrQkdP01ez2KRlJBMjMxMDUwNDE3MDUxAGQ0ODhjYTE1LWNhYjItNDc0ZC1iMWUzLWUxM2UxMDljNTE1Mw==
x-cache
TCP_MISS
content-length
1188
last-modified
Thu, 01 Dec 2022 03:53:17 GMT
x-cdn-provider
Azure
x-azure-ref
0h+6JYwAAAADqkaxyxST1SYqI4/6n9OWoRlJBMzFFREdFMDkxMwBkNDg4Y2ExNS1jYWIyLTQ3NGQtYjFlMy1lMTNlMTA5YzUxNTM=
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
83dad8e5-201e-001e-7949-06487c000000
access-control-expose-headers
date
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-headers
*
for-education-5ca7026e70.png
res-sdf.cdn.office.net/officehub/images/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-sdf.cdn.office.net/officehub/images/content/images/for-education-5ca7026e70.png
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f7eb4a6e059d1265c204a61a13c7c309304e5d2aa02962fa6627f6ede3da5096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Dec 2022 12:24:39 GMT
x-azure-ref-originshield
0h+6JYwAAAAC97eMNrI7FSalh742E45+rRlJBMjMxMDUwNDE4MDMxAGQ0ODhjYTE1LWNhYjItNDc0ZC1iMWUzLWUxM2UxMDljNTE1Mw==
x-cache
TCP_REMOTE_HIT
content-length
2678
last-modified
Fri, 25 Nov 2022 09:23:37 GMT
x-cdn-provider
Azure
x-azure-ref
0h+6JYwAAAAA2h/tcxS+zQpq+AZSFRvB9RlJBMzFFREdFMDkxMwBkNDg4Y2ExNS1jYWIyLTQ3NGQtYjFlMy1lMTNlMTA5YzUxNTM=
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
9d3c442f-701e-004b-2e34-04f0c3000000
access-control-expose-headers
date
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-headers
*
unauth-vendor-320f34a99e.js
res-sdf.cdn.office.net/officehub/bundles/ 		103 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-sdf.cdn.office.net/officehub/bundles/unauth-vendor-320f34a99e.js
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
71edbbdac41799addbc0f83b2286b4544e98215614a132708bcbd4f618cdcb80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.officeppe.com/
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 12:24:40 GMT
x-azure-ref-originshield
0h+6JYwAAAACHHHZKH3CWRqHCgfcTEIu3RlJBMjMxMDUwNDE3MDI5AGQ0ODhjYTE1LWNhYjItNDc0ZC1iMWUzLWUxM2UxMDljNTE1Mw==
x-cache
TCP_MISS
last-modified
Thu, 01 Dec 2022 03:51:09 GMT
x-cdn-provider
Azure
x-azure-ref
0h+6JYwAAAAAcM0vHcxsbTaCy23XQWUU6RlJBMzFFREdFMDMxNABkNDg4Y2ExNS1jYWIyLTQ3NGQtYjFlMy1lMTNlMTA5YzUxNTM=
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
93337f2b-e01e-0004-1149-068197000000
access-control-expose-headers
date
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-headers
*
sharedscripts-ff1c847af5.js
res-sdf.cdn.office.net/officehub/bundles/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-sdf.cdn.office.net/officehub/bundles/sharedscripts-ff1c847af5.js
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
87cb590bc4f521f9b76c44104dc7ab28b34eb25e3ab82a49137661eec47a27bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.officeppe.com/
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 12:24:39 GMT
x-azure-ref-originshield
0h+6JYwAAAAAy2ny3i/HCRp+6sqHL8IgfRlJBMjMxMDUwNDE3MDM1AGQ0ODhjYTE1LWNhYjItNDc0ZC1iMWUzLWUxM2UxMDljNTE1Mw==
x-cache
TCP_MISS
last-modified
Thu, 01 Dec 2022 03:52:35 GMT
x-cdn-provider
Azure
x-azure-ref
0h+6JYwAAAAATUvg6EnpJSIcxNkmLIMESRlJBMzFFREdFMDMxNABkNDg4Y2ExNS1jYWIyLTQ3NGQtYjFlMy1lMTNlMTA5YzUxNTM=
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
487b77d9-901e-000b-4149-065fcf000000
access-control-expose-headers
date
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-headers
*
unauth-59fa1432f4.js
res-sdf.cdn.office.net/officehub/bundles/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-sdf.cdn.office.net/officehub/bundles/unauth-59fa1432f4.js
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f5888af9e7759a8aaa8c11cbd5804debf7d84c758d95a06af791fc48e85ffd4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.officeppe.com/
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 12:24:40 GMT
x-azure-ref-originshield
0h+6JYwAAAACy7PbFBlKzTqAbl4nKE8L3RlJBMjMxMDUwNDE4MDM3AGQ0ODhjYTE1LWNhYjItNDc0ZC1iMWUzLWUxM2UxMDljNTE1Mw==
x-cache
TCP_MISS
last-modified
Thu, 01 Dec 2022 03:50:43 GMT
x-cdn-provider
Azure
x-azure-ref
0h+6JYwAAAABq5lF88Qi+QolgYQo744JBRlJBMzFFREdFMDMxNABkNDg4Y2ExNS1jYWIyLTQ3NGQtYjFlMy1lMTNlMTA5YzUxNTM=
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bf110f27-401e-0050-3349-06cec0000000
access-control-expose-headers
date
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-headers
*
wcp-consent.js
wcpstatic.microsoft.com/mscc/lib/v2/ 		273 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 02 Dec 2022 12:24:39 GMT
content-encoding
gzip
content-md5
X1JOIM5h9UISVFS6+GfEew==
age
41963
x-cache
CONFIG_NOCACHE
content-length
81726
x-ms-lease-status
unlocked
last-modified
Wed, 24 Aug 2022 17:34:36 GMT
etag
0x8DA85F6EA62BF74
vary
Accept-Encoding
x-azure-ref
0h+6JYwAAAAAUDdP6PIiqSLJlJUtypftlRlJBMzFFREdFMDMyMgAzOWI0NjE1Ny1jYjllLTQ5YjctYTY1YS04NzIyYTNmODI0ZTQ=
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ef0215b8-101e-008e-15e7-05c23b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
37-8473b9
www.microsoft.com/onerfstatics/marketingsites-wcus-ppe/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23... 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-wcus-ppe/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=02242021_3231&iife=1
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:1b2::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f1464d6010ed2930cf906e7e4573940b4b247929c847e81d0fe866ecc4158d4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ms-operation-id
af873163e90a6446addcc0c786666db0
x-edgeconnect-origin-mex-latency
644
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 12:24:39 GMT
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2022-10-13T02:56:24
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
422c1a4f-942e-4eeb-add4-fd76c626cfa4
tls_version
tls1.3
ms-cv
iroKaplMUES79OOt.0
content-length
35604
x-xss-protection
1; mode=block
last-modified
Thu, 13 Oct 2022 02:56:23 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-wcus-ppe, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-10-07T06:11:36.0000000Z}
x-s1
2022-10-13T02:56:23
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=27181905
vary
Accept-Encoding
timing-allow-origin
*
x-appversion
1.0.8314.39948
expires
Fri, 13 Oct 2023 02:56:24 GMT
meversion
mem.gfx.ms/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/meversion?partner=office&market=de-de&uhf=1
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3603c7fb85c452dbe8773e6eba4a7881560b6f277e393cbada9f0c90669dccec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-ua-compatible
IE=edge
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 12:24:38 GMT
x-azure-ref-originshield
0S1SJYwAAAACXY5jYmbw7S6DDlqHmwqupRlJBMjMxMDUwNDE4MDIxAGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-azure-ref
0h+6JYwAAAAC7xNgd/LZ1QIf4clq1anhYRlJBMzFFREdFMDkyMABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, no-transform, max-age=43200
expires
Fri, 02 Dec 2022 05:40:46 GMT
csp-report
www.officeppe.com/api/ 		0
126 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.officeppe.com/api/csp-report?page=Unauth&reportOnly=True
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::157 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.officeppe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/csp-report

Response headers

x-ua-compatible
IE=edge,chrome=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Dec 2022 12:24:40 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{ "report_to": "NelOfficeHubUpload1", "max_age": 3600, "include_subdomains":False, "failure_fraction":1, "success_fraction":0,01}
x-msedge-ref
Ref A: 7837D9261BBD48E7A5BC3C206262E86D Ref B: AMS231032601051 Ref C: 2022-12-02T12:24:40Z
x-frame-options
SAMEORIGIN
report-to
{ "group": "NelOfficeHubUpload1", "max_age": 3600, "endpoints": [{ "url": "https://officehub.nel.measure.office.net/api/report?TenantId=unknown&DestinationEndpoint=ncu&FrontEnd=AFD" }],"include_subdomains":False}
x-cache
CONFIG_NOCACHE
content-length
0
x-xss-protection
1; mode=block
request-context
appId=
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16ee9e65eecb22edde02df0c0b971edf9d6f72b4b0401606eb8052cc39c446cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25a22f01d97ff4ddde37b0ba8b2d934cf8a88d5239bdd44e158776ca646b667a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a82c6e3878d9522fde6caa3a4daf0a049b7cec0cf979bc1cb5e14da19013f6e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4bd80e92ce90b7824e08d7e54e2b73d4e71207fe21fd6066f388810ec458351

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		768 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e1b1da7a21e6051f74370893d904c910272cf815f5188e528648ae0301f6008

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df62c7a1b123bee0a4f986dcab7b3af1b37fc4fd09895cf1cf6e56bce449be32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca321c1e1ca9b03c8fa8391108aade2a4807fe2c428cefde4b75903a06dcc373

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-wcus-ppe/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/6f-d7d610/74-888e54?ver=2.0&_cf=02242021_3231
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:28d::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Referer
https://www.microsoft.com/
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 12:24:40 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"588d483e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=452101
accept-ranges
bytes
content-length
34052
expires
Wed, 07 Dec 2022 17:59:41 GMT
mwfmdl2-v3.54.woff
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-wcus-ppe/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/6f-d7d610/74-888e54?ver=2.0&_cf=02242021_3231
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:1b2::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.microsoft.com/onerfstatics/marketingsites-wcus-ppe/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/6f-d7d610/74-888e54?ver=2.0&_cf=02242021_3231
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

ms-operation-id
de53cf88c347d943a0b4dff8cf0cdcbc
date
Fri, 02 Dec 2022 12:24:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
dd382ec5-daf7-469a-83cb-25e9f359be5e
tls_version
tls1.3
ms-cv
GtWN4ZST2kGhb9H5.0
content-length
26288
x-xss-protection
1; mode=block
last-modified
Mon, 11 Apr 2022 05:50:02 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-04-01T07:52:08.0000000Z}
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=11208321
x-appversion
1.0.8125.42964
expires
Tue, 11 Apr 2023 05:50:01 GMT
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6b4512ebf7f02b8cc5aa165f44bf817ab86b214a0818e4823e38300d01c9fcd

Request headers

Referer
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7fd86ae31b712bbd8cc7108a0a0661ecf7c4eda429a36fde5c5c899cb81565b

Request headers

Referer
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
application/octet-stream
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-wcus-ppe/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/6f-d7d610/74-888e54?ver=2.0&_cf=02242021_3231
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:28d::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f

Request headers

Referer
https://www.microsoft.com/
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 12:24:40 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"5b68d583e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=277726
accept-ranges
bytes
content-length
29388
expires
Mon, 05 Dec 2022 17:33:26 GMT
csp-report
www.officeppe.com/api/ 		0
126 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.officeppe.com/api/csp-report?page=Unauth&reportOnly=True
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::157 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.officeppe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/csp-report

Response headers

x-ua-compatible
IE=edge,chrome=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Dec 2022 12:24:40 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{ "report_to": "NelOfficeHubUpload1", "max_age": 3600, "include_subdomains":False, "failure_fraction":1, "success_fraction":0,01}
x-msedge-ref
Ref A: 30F813C4F2F34FEEA3A037CAEB005FAF Ref B: AMS231032601051 Ref C: 2022-12-02T12:24:40Z
x-frame-options
SAMEORIGIN
report-to
{ "group": "NelOfficeHubUpload1", "max_age": 3600, "endpoints": [{ "url": "https://officehub.nel.measure.office.net/api/report?TenantId=unknown&DestinationEndpoint=ncu&FrontEnd=AFD" }],"include_subdomains":False}
x-cache
CONFIG_NOCACHE
content-length
0
x-xss-protection
1; mode=block
request-context
appId=
ms.shared.analytics.mectrl-3.2.6.gbl.min.js
js.monitor.azure.com/scripts/c/ 		88 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.shared.analytics.mectrl-3.2.6.gbl.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=office&market=de-de&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7d145b10d4a03fc22a08b2228f403779414c838430ce718ba52fb23e15837e55

Request headers

Referer
https://www.officeppe.com/
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 12:24:40 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.6
last-modified
Thu, 18 Aug 2022 21:40:45 GMT
x-azure-ref-originshield
0y9+JYwAAAAAX+DBC7Q/yQaZWQGOdFLinRlJBMjMxMDUwNDE4MDExAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
RlzwH95FOkmm6gksZWAC+w==
etag
0x8DA81624EF9033C
x-azure-ref
0ie6JYwAAAADblnyKVM7dQZ0EY8R6JPPIRlJBMzFFREdFMDMwOQBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e6f7faf1-d01e-001b-504d-050dbe000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000, immutable, no-transform
x-ms-version
2009-09-19
t.js
web.vortex.data.microsoft.com/collect/v1/ 		281 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272022-12-02T12%3A24%3A40.999Z%27&os=%27Windows%27&appId=%27JS%3Awww.office.com-unauth%27&*baseType=%27Ms.Content.PageView%27&-ver=%271.0%27&-impressionGuid=%27fbd4f727-a406-4c0a-8252-e34d79ddfa7b%27&-pageName=%27UnauthOhp%27&-uri=%27https%3A%2F%2Fwww.officeppe.com%2F%27&-pageTags=%27%7B%22metaTags%22%3A%7B%22expengine%22%3A%22office.com%22%2C%22expstatus%22%3A%22prod%22%2C%22ver%22%3A%225%22%2C%22ms.lang%22%3A%22de%22%2C%22ms.loc%22%3A%22DE%22%2C%22ms.ocpub.assetid%22%3A%22UnauthOhp%22%2C%22ms.env%22%3A%22prod%22%2C%22ms.sitever%22%3A%225%22%2C%22ms.flightid%22%3A%22P-R-1050304-2-3%7CP-R-1050613-2-2%7CP-R-1050538-2-2%7CP-R-1020934-8-32%7CP-R-95756-2-11%7CP-D-1050367-2-2%7CP-D-1050374-2-2%7CP-D-1050380-2-2%7CP-D-1050371-1-2%7CP-D-1050381-1-2%7CP-D-1049641-1-3%7CP-D-1049486-1-5%7CP-D-1049479-2-2%7CP-D-1048407-1-4%7CP-D-1048392-1-4%7CP-D-1042850-1-5%7CP-D-116695-2-13%7CP-D-68024-1-156%22%7D%7D%27&-behavior=0&-resHeight=1200&-resWidth=1600&-market=%27de-DE%27&*cookieEnabled=true&*flashInstalled=false&*isJs=true&*title=%27Office%20365-Anmeldung%20%7C%20Microsoft%20Office%27&*isLoggedIn=false&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.1.0%27&ext-javascript-domain=%27www.officeppe.com%27
Requested by
Host: res-sdf.cdn.office.net
URL: https://res-sdf.cdn.office.net/officehub/bundles/unauth-59fa1432f4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.43.200.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
93255a02c3d80582eb2a3ee84b31e83f7faea148ac5140b7a2fd5a8ca206d111
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Dec 2022 12:24:40 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/javascript
Cache-Control
no-cache, no-store
MS-CV
xf2KR+ucPECXGG9yS7ZdMA.0
Content-Length
281
Expires
0
office-apps-347d86a528.gif
res-sdf.cdn.office.net/officehub/images/content/images/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-sdf.cdn.office.net/officehub/images/content/images/office-apps-347d86a528.gif
Requested by
Host: www.officeppe.com
URL: https://www.officeppe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ead46caac003896735edae621ee4c3d439d82ca8d84f1a61cc81fab6aafb3174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Dec 2022 12:24:42 GMT
x-azure-ref-originshield
0ie6JYwAAAAAxTTt4JGErQ6MELZ8m/0CkRlJBMjMxMDUwNDE3MDA5AGQ0ODhjYTE1LWNhYjItNDc0ZC1iMWUzLWUxM2UxMDljNTE1Mw==
x-cache
TCP_MISS
content-length
2832075
last-modified
Thu, 01 Dec 2022 03:53:09 GMT
x-cdn-provider
Azure
x-azure-ref
0ie6JYwAAAACshGBboJr8TbdH5tN3Jy11RlJBMzFFREdFMDkxMwBkNDg4Y2ExNS1jYWIyLTQ3NGQtYjFlMy1lMTNlMTA5YzUxNTM=
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
52f6d90d-e01e-003b-4249-064934000000
access-control-expose-headers
date
cache-control
public, max-age=31536000
timing-allow-origin
*
access-control-allow-headers
*
meBoot.min.js
mem.gfx.ms/scripts/me/MeControl/10.22290.5/de-DE/ 		177 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.22290.5/de-DE/meBoot.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=office&market=de-de&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3e2efb412373ee14c08fd376217f5e1e7bd63e2c30596e49c69ca5c461fa1c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.officeppe.com/
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 12:24:40 GMT
last-modified
Wed, 02 Nov 2022 22:23:14 GMT
x-azure-ref-originshield
0A+6JYwAAAAC2fV51bATsQbe3zzwOVJZgRlJBMjMxMDUwNDE3MDI1AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
etag
"1d8ef445f1f8fc8"
x-azure-ref
0ie6JYwAAAACe/jydESj3T4er5+cLZ02JRlJBMzFFREdFMDkyMQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ua-compatible
IE=edge
truncated
/ 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: res-sdf.cdn.office.net
URL: https://res-sdf.cdn.office.net/officehub/bundles/unauth-59fa1432f4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.43.200.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.officeppe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.1&x-apikey=f2f1479f88ae422e99a52a31a63254f1-8630466a-9b3b-4883-9b2e-b0533b005adf-7273&client-time-epoch-millis=1669983881998&time-delta-to-apply-millis=use-collector-delta
Requested by
Host: res-sdf.cdn.office.net
URL: https://res-sdf.cdn.office.net/officehub/bundles/sharedscripts-ff1c847af5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 02 Dec 2022 12:24:42 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
472
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
/
browser.pipe.aria.microsoft.com/Collector/3.0/ 		0
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.1&x-apikey=f2f1479f88ae422e99a52a31a63254f1-8630466a-9b3b-4883-9b2e-b0533b005adf-7273&client-time-epoch-millis=1669983883000&time-delta-to-apply-millis=472
Requested by
Host: res-sdf.cdn.office.net
URL: https://res-sdf.cdn.office.net/officehub/bundles/sharedscripts-ff1c847af5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 02 Dec 2022 12:24:42 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
32
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		200 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.shared.analytics.mectrl-3.2.6.gbl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.3 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
9762633ca46ef19b709da3dafe7d4c1bfa8fc31713698f09dbd7b7365d2442c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1669983883109
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://www.officeppe.com/
apikey
b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 02 Dec 2022 12:24:43 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
1241
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://www.officeppe.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
200
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.3 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://www.officeppe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://www.officeppe.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Fri, 02 Dec 2022 12:24:42 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
meCore.min.js
mem.gfx.ms/scripts/me/MeControl/10.22290.5/de-DE/ 		99 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.22290.5/de-DE/meCore.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=office&market=de-de&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a2210b49ec2d26ee04248ec356597bd48c60256496104171649cbf3499fd8e98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.officeppe.com/
Origin
https://www.officeppe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 12:24:43 GMT
last-modified
Wed, 02 Nov 2022 22:23:24 GMT
x-azure-ref-originshield
0KFOJYwAAAACfrhinysXhQ4xsZhRzaThkRlJBMjMxMDUwNDE3MDIxAGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
etag
"1d8ef446512a56f"
x-azure-ref
0i+6JYwAAAADJy3PT9dLtR7v4P9kuFZ7eRlJBMzFFREdFMDkyMQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ua-compatible
IE=edge
mecache
mem.gfx.ms/me/ Frame DBEF 		739 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/me/mecache?partner=office&wreply=https%3A%2F%2Fwww.officeppe.com%2F
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.22290.5/de-DE/meBoot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c39ff531b6ee9ca894eb536e54eb8ceb3a5d77b1f0b75e6dfd13d6d0e1ed06d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.officeppe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, no-transform, max-age=7200
content-length
739
content-type
text/html; charset=utf-8
date
Fri, 02 Dec 2022 12:24:42 GMT
expires
Fri, 02 Dec 2022 14:24:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref
0i+6JYwAAAAAHNWPNTKT3RpQHtU70bRcVRlJBMzFFREdFMDkyMABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-azure-ref-originshield
0i+6JYwAAAAAmB7ktuzFIRaWJ/zgA1YR5RlJBMjMxMDUwNDE4MDM1AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache
TCP_MISS
x-content-type-options
nosniff
x-ua-compatible
IE=edge
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: res-sdf.cdn.office.net
URL: https://res-sdf.cdn.office.net/officehub/bundles/unauth-59fa1432f4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.43.200.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.officeppe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
c.gif
c1.microsoft.com/
Redirect Chain
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t=
  • https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=4BD56F50F201414B9A7B421282B7EDF6&RedC=c1.microsoft.com&MXFR=1325557B774562C5111C471573456475
  • https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=4BD56F50F201414B9A7B421282B7EDF6&MUID=04717B6CE7BC6A09027A6902E6BC6B0C
42 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=4BD56F50F201414B9A7B421282B7EDF6&MUID=04717B6CE7BC6A09027A6902E6BC6B0C
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.officeppe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 12:24:43 GMT
last-modified
Thu, 13 Oct 2022 20:07:05 GMT
server
Microsoft-IIS/10.0
etag
"40db785d3fdfd81:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 02 Dec 2022 12:24:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F4CB0CDAEB5F482BBC1CB89952A9D47C Ref B: FRAEDGE1711 Ref C: 2022-12-02T12:24:43Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=4BD56F50F201414B9A7B421282B7EDF6&MUID=04717B6CE7BC6A09027A6902E6BC6B0C
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
csp-report
www.officeppe.com/api/ 		0
125 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.officeppe.com/api/csp-report?page=Unauth&reportOnly=True
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::157 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.officeppe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/csp-report

Response headers

x-ua-compatible
IE=edge,chrome=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Dec 2022 12:24:43 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{ "report_to": "NelOfficeHubUpload1", "max_age": 3600, "include_subdomains":False, "failure_fraction":1, "success_fraction":0,01}
x-msedge-ref
Ref A: EA274E9AA27C422F938E71F44096AA91 Ref B: AMS231032601051 Ref C: 2022-12-02T12:24:43Z
x-frame-options
SAMEORIGIN
report-to
{ "group": "NelOfficeHubUpload1", "max_age": 3600, "endpoints": [{ "url": "https://officehub.nel.measure.office.net/api/report?TenantId=unknown&DestinationEndpoint=ncu&FrontEnd=AFD" }],"include_subdomains":False}
x-cache
CONFIG_NOCACHE
content-length
0
x-xss-protection
1; mode=block
request-context
appId=
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		202 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.shared.analytics.mectrl-3.2.6.gbl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.3 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
6ac464fa5fdaf421eaddb566fbda25919ce0ee54ae106be86d86e273cac364d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1669983885396
accept-language
de-DE,de;q=0.9
client-version
1DS-Web-JS-3.2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
time-delta-to-apply-millis
1241
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://www.officeppe.com/
apikey
b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 02 Dec 2022 12:24:45 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
235
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://www.officeppe.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
202
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.3 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://www.officeppe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://www.officeppe.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Fri, 02 Dec 2022 12:24:44 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange boolean| isSessionStorageAvailable function| dismissBanner function| getDefaultAadUser function| getDefaultMsaUser function| findDefaultSignedInUser function| convertAadUserData function| convertMsaUserData function| isValidMsaUser function| isValidAadUser function| getAadData function| getMsaData function| getAadMsaData function| getAccount object| AuthType object| Operation object| ErrorCode object| TimerUtils object| IframeUtils object| Constants object| LoggingUtils function| IdpUserResult function| DefaultSignInOptions boolean| enableConsoleLog boolean| msaFedEnabled function| $ function| jQuery object| StandaloneAriaLogger object| AWTPropertyType object| AWTPiiKind object| AWTEventPriority object| AWTEventsDroppedReason object| AWTEventsRejectedReason object| AWTCustomerContentKind object| AWTUserIdType object| AWTSessionState string| AWT_BEST_EFFORT string| AWT_NEAR_REAL_TIME string| AWT_REAL_TIME function| AWTEventProperties function| AWTLogger function| AWTLogManager function| AWTTransmissionManager function| AWTSerializer function| AWTSemanticContext string| AWT_COLLECTOR_URL_UNITED_STATES string| AWT_COLLECTOR_URL_GERMANY string| AWT_COLLECTOR_URL_JAPAN string| AWT_COLLECTOR_URL_AUSTRALIA string| AWT_COLLECTOR_URL_EUROPE string| AWT_COLLECTOR_URL_USGOV_DOD string| AWT_COLLECTOR_URL_USGOV_DOJ function| __awaiter function| __generator object| HomePage object| awa string| behaviorKey object| DefaultSignInHandler function| WcpConsent function| mscc object| el object| config string| signInUrl undefined| viewType undefined| myConfigOptions function| setShellOptions function| SendMeControlSignInEvent function| SetConsent object| shellOptions object| onShellReadyToLoad string| aadUserForgetUrlFormat function| clearStorage function| clearStorageWithExceptions object| MSA object| MeControl function| MeControlDefine function| MeControlImport object| lazyImages number| lazyLoadAnimationId object| msCommonShell object| oneDsMeControl object| siteConsent

12 Cookies

Domain/Path Name / Value
www.officeppe.com/ Name: OH.SID
Value: 15d3b8ed-179a-427c-af30-eee92cc438fb
www.officeppe.com/ Name: OH.DCAffinity
Value: OH-ncu
www.officeppe.com/ Name: OH.FLID
Value: 4866ee53-7923-4eb7-a33a-20e61afeb399
.microsoft.com/ Name: MC1
Value: GUID=b5a5b8b949f4498c9e24985e47bad94d&HASH=b5a5&LV=202212&V=4&LU=1669983881484
.microsoft.com/ Name: MS0
Value: 4ba0d83590684b4981086744ff71f832
www.officeppe.com/ Name: MSFPC
Value: GUID=b5a5b8b949f4498c9e24985e47bad94d&HASH=b5a5&LV=202212&V=4&LU=1669983881484
.c.bing.com/ Name: SRM_B
Value: 04717B6CE7BC6A09027A6902E6BC6B0C
.c.bing.com/ Name: SRM_I
Value: 04717B6CE7BC6A09027A6902E6BC6B0C
.c1.microsoft.com/ Name: SM
Value: C
.microsoft.com/ Name: MUID
Value: 04717B6CE7BC6A09027A6902E6BC6B0C
.c1.microsoft.com/ Name: SRM_I
Value: 04717B6CE7BC6A09027A6902E6BC6B0C
.c1.microsoft.com/ Name: ANONCHK
Value: 0

7 Console Messages

Source Level URL
Text
security error URL: https://www.officeppe.com/
Message:
The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security error URL: https://www.officeppe.com/(Line 652)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-/FmPiQx3O+eIWi372Bbl+g==' 'unsafe-inline' 'unsafe-eval' https: 'strict-dynamic'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security error URL: https://www.officeppe.com/(Line 995)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-/FmPiQx3O+eIWi372Bbl+g==' 'unsafe-inline' 'unsafe-eval' https: 'strict-dynamic'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security error URL: https://mem.gfx.ms/scripts/me/MeControl/10.22290.5/de-DE/meBoot.min.js
Message:
The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security error URL: https://mem.gfx.ms/
Message:
[Report Only] Refused to frame 'https://mem.gfx.ms/' because it violates the following Content Security Policy directive: "frame-src https://login.windows-ppe.net https://login.live.com https://login.live-int.com".
security error URL: https://mem.gfx.ms/
Message:
[Report Only] Refused to frame 'https://mem.gfx.ms/' because it violates the following Content Security Policy directive: "frame-src https://login.windows-ppe.net https://login.live.com https://login.live-int.com".
network error URL: https://mem.gfx.ms/me/mecache?partner=office&wreply=https%3A%2F%2Fwww.officeppe.com%2F
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.s-microsoft.com
c1.microsoft.com
img-prod-cms-rt-microsoft-com.akamaized.net
js.monitor.azure.com
mem.gfx.ms
officeppe.com
res-sdf.cdn.office.net
statics-marketingsites-ppe-ms-com.akamaized.net
wcpstatic.microsoft.com
web.vortex.data.microsoft.com
www.microsoft.com
www.officeppe.com
104.43.200.36
13.89.178.26
2.16.238.143
20.189.173.3
20.234.93.27
2620:1ec:a92::157
2620:1ec:bdf::45
2620:1ec:c11::200
2a02:26f0:1700:1b2::356e
2a02:26f0:480:28d::356e
2a02:26f0:780::5f65:3670
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
16ee9e65eecb22edde02df0c0b971edf9d6f72b4b0401606eb8052cc39c446cb
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
25a22f01d97ff4ddde37b0ba8b2d934cf8a88d5239bdd44e158776ca646b667a
2cd3ef7b5b677b7827bfbe5b926a283e7ca687ddb6b021fa4289630671ebd061
2faed8a5b8611ced29bd53267d47173058b5a448b3ff65b0fdf2fdb047cbf0da
3603c7fb85c452dbe8773e6eba4a7881560b6f277e393cbada9f0c90669dccec
38ccec1fc395d0e037e0898297a0fecb652dfefab7f5fbd110d468757f0681f5
3e2efb412373ee14c08fd376217f5e1e7bd63e2c30596e49c69ca5c461fa1c8a
4e1b1da7a21e6051f74370893d904c910272cf815f5188e528648ae0301f6008
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
57febfbad63b722a38bc668e67bc7c2dc02eca221f26db3a9303c1bd584a1a42
633894cf845287f205f1b5bd26b7667dda186695fce3d789306f30c5fbdb14b5
6ac464fa5fdaf421eaddb566fbda25919ce0ee54ae106be86d86e273cac364d8
71edbbdac41799addbc0f83b2286b4544e98215614a132708bcbd4f618cdcb80
768be81cbaedc6bb83cc2ca9257bc0edf46866747185d7cf87a42961b4bb385a
7d145b10d4a03fc22a08b2228f403779414c838430ce718ba52fb23e15837e55
87cb590bc4f521f9b76c44104dc7ab28b34eb25e3ab82a49137661eec47a27bd
93255a02c3d80582eb2a3ee84b31e83f7faea148ac5140b7a2fd5a8ca206d111
9762633ca46ef19b709da3dafe7d4c1bfa8fc31713698f09dbd7b7365d2442c5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a2210b49ec2d26ee04248ec356597bd48c60256496104171649cbf3499fd8e98
a6b4512ebf7f02b8cc5aa165f44bf817ab86b214a0818e4823e38300d01c9fcd
a7fd86ae31b712bbd8cc7108a0a0661ecf7c4eda429a36fde5c5c899cb81565b
a82c6e3878d9522fde6caa3a4daf0a049b7cec0cf979bc1cb5e14da19013f6e9
bb232fd09a6696ce21ec10a43b89933e12ad866dfde30a4a6a08e08082e6557d
c39ff531b6ee9ca894eb536e54eb8ceb3a5d77b1f0b75e6dfd13d6d0e1ed06d5
c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9
c8ad9c22eb148de817a1b86bcfc7ccef2151f798c0d8f26a7534ee0b9465ea34
ca321c1e1ca9b03c8fa8391108aade2a4807fe2c428cefde4b75903a06dcc373
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
df62c7a1b123bee0a4f986dcab7b3af1b37fc4fd09895cf1cf6e56bce449be32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead46caac003896735edae621ee4c3d439d82ca8d84f1a61cc81fab6aafb3174
eb4506c6341c8bed31416f698406b26cadf9773b1a70f65a6115bedf88960b02
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
ee74532919b86d147a917a5c87d7b3002fff7f7287693c7d1908b9bcd6556f61
f13df15a840fb1124ccdf4191f10b0448897dfd11373fd2dbbf0b4d55f9b1e5c
f1464d6010ed2930cf906e7e4573940b4b247929c847e81d0fe866ecc4158d4f
f4bd80e92ce90b7824e08d7e54e2b73d4e71207fe21fd6066f388810ec458351
f5888af9e7759a8aaa8c11cbd5804debf7d84c758d95a06af791fc48e85ffd4f
f7eb4a6e059d1265c204a61a13c7c309304e5d2aa02962fa6627f6ede3da5096
fcc62cfca9c9d128a7aad55254239bc3b8b5bfa1ec6861e570a21feab4b39912