onedrive.live.com Open in urlscan Pro
13.107.43.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/embed?cid=EA3AAEE16562DA45&resid=EA3AAEE16562DA45%21108&authkey=AFMPbenAzIhSXB0&em=2
Submission Tags: falconsandbox
Submission: On July 14 via api (July 14th 2022, 10:54:36 am UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 47 HTTP transactions. The main IP is 13.107.43.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com. The Cisco Umbrella rank of the primary domain is 3499.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on February 1st 2022. Valid for: a year.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.107.43.13 13.107.43.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2.21.20.155 2.21.20.155	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
18	2a02:26f0:350... 2a02:26f0:3500:588::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.109.136.29 52.109.136.29	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.111.237.183 104.111.237.183	16625 (AKAMAI-AS) (AKAMAI-AS)
3	20.189.173.7 20.189.173.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
47	9

1 13.107.43.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.21.20.155 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-155.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:26f0:3500:588::1c24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1h-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.109.136.29 (Cheyenne, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

messaging.engagement.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.237.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-183.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.189.173.7 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	office.net c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 6286	993 KB
16	live.com 1 redirects onedrive.live.com — Cisco Umbrella Rank: 3499 word-view.officeapps.live.com — Cisco Umbrella Rank: 9502 c.live.com — Cisco Umbrella Rank: 9273	240 KB
7	akamaihd.net spoprod-a.akamaihd.net — Cisco Umbrella Rank: 7411	300 KB
3	microsoft.com browser.events.data.microsoft.com — Cisco Umbrella Rank: 256 browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 131	1 KB
2	office.com messaging.engagement.office.com — Cisco Umbrella Rank: 647	440 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 235	1 KB
1	live.net js.live.net — Cisco Umbrella Rank: 13555	16 KB
47	7

	Domain	Requested by
18	c1h-word-view-15.cdn.office.net	word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
13	word-view.officeapps.live.com	onedrive.live.com word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
7	spoprod-a.akamaihd.net	onedrive.live.com
2	c.live.com	1 redirects
2	browser.events.data.microsoft.com	c1h-word-view-15.cdn.office.net
2	messaging.engagement.office.com	c1h-word-view-15.cdn.office.net
1	c.bing.com	1 redirects
1	browser.pipe.aria.microsoft.com	c1h-word-view-15.cdn.office.net
1	js.live.net	c1h-word-view-15.cdn.office.net
1	onedrive.live.com
47	10

This site contains no links.

Subject Issuer	Validity	Valid
onedrive.com Microsoft RSA TLS CA 02	`2022-02-01` - `2023-02-01`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2022-04-19` - `2023-04-18`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
messaging.engagement.office.com DigiCert Cloud Services CA-1	`2022-03-14` - `2023-03-13`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2021-09-29` - `2022-09-29`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02	`2022-05-21` - `2023-05-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://onedrive.live.com/embed?cid=EA3AAEE16562DA45&resid=EA3AAEE16562DA45%21108&authkey=AFMPbenAzIhSXB0&em=2
Frame ID: AA918832C5C3C896A13D3065027D2C03
Requests: 9 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem
Frame ID: 8DA8639F773E11EA7294FAE24E0B8231
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

96 %
HTTPS

33 %
IPv6

7
Domains

10
Subdomains

9
IPs

3
Countries

1550 kB
Transfer

6856 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://c.live.com/c.gif?DI=15347&wlxid=f3afe3ed-7097-47b2-b059-d9348fddef3c&reqid=00172ec151f&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF9C1F39%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D5561%26IR%3D1%26EX%3D0%26L.h%3D2086%26L.sjs%3D2299%26L.ttg%3D2086%26C.st%3D1657796069967%26N.domIn%3D2116%26N.dns%3D76%26N.tcp%3D66%26N.req%3D1784%26N.resp%3D5%26N.navType%3D0%26N.redirectCount%3D0&r=0.8887688652870069 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=f3afe3ed-7097-47b2-b059-d9348fddef3c&reqid=00172ec151f&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF9C1F39%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D5561%26IR%3D1%26EX%3D0%26L.h%3D2086%26L.sjs%3D2299%26L.ttg%3D2086%26C.st%3D1657796069967%26N.domIn%3D2116%26N.dns%3D76%26N.tcp%3D66%26N.req%3D1784%26N.resp%3D5%26N.navType%3D0%26N.redirectCount%3D0&r=0.8887688652870069&CtsSyncId=8380A3CDC61B4BCAA20DDE24893782AD&RedC=c.live.com&MXFR=3CFB3F97A65F67E1365B2E76A25F631F HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=f3afe3ed-7097-47b2-b059-d9348fddef3c&reqid=00172ec151f&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF9C1F39%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D5561%26IR%3D1%26EX%3D0%26L.h%3D2086%26L.sjs%3D2299%26L.ttg%3D2086%26C.st%3D1657796069967%26N.domIn%3D2116%26N.dns%3D76%26N.tcp%3D66%26N.req%3D1784%26N.resp%3D5%26N.navType%3D0%26N.redirectCount%3D0&r=0.8887688652870069&CtsSyncId=8380A3CDC61B4BCAA20DDE24893782AD&MUID=3CFB3F97A65F67E1365B2E76A25F631F

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request embed Show response
onedrive.live.com/ 61 KB
21 KB 1923ms
1780ms Document
text/html 13.107.43.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=EA3AAEE16562DA45&resid=EA3AAEE16562DA45%21108&authkey=AFMPbenAzIhSXB0&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.43.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

627b528d72323c5c6ddb8481903d2cd9edfe16570b132457acc9270cd9a68985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 14 Jul 2022 10:54:31 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-msedge-ref: Ref A: 1682B3C739C64A8599FC8DA0E3563AFE Ref B: VIEEDGE1511 Ref C: 2022-07-14T10:54:30Z
x-msnserver: RD0003FF9C1F39
x-odwebserver: canadacentral1-odwebpl

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 85 KB
16 KB 100ms
24ms Stylesheet
text/css 2.21.20.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EA3AAEE16562DA45&resid=EA3AAEE16562DA45%21108&authkey=AFMPbenAzIhSXB0&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-155.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jul 2022 10:54:31 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6f0a1371-501e-0080-4432-fbbe78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14175782
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 169 KB
30 KB 102ms
27ms Stylesheet
text/css 2.21.20.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EA3AAEE16562DA45&resid=EA3AAEE16562DA45%21108&authkey=AFMPbenAzIhSXB0&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-155.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jul 2022 10:54:31 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 9eaec477-701e-00b5-1896-fb102d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=10415881
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame 8DA8 133 KB
135 KB 227ms
64ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EA3AAEE16562DA45&resid=EA3AAEE16562DA45%21108&authkey=AFMPbenAzIhSXB0&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

51c29bebbc748a02638f7b3eb3d7bb9dcf7579da20c0b8d69d3d038280441a20

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Thu, 14 Jul 2022 10:54:32 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 87C1C88D7383422093E39BF93A92F690 Ref B: AMS04EDGE2816 Ref C: 2022-07-14T10:54:32Z
x-officecluster: PNL1
x-officefd: AM4PEPF00012379
x-officefe: AM4PEPF00012379
x-officeversion: 16.0.15506.41003
x-usersessionid: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0

GET
H3-Q050 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 92 KB
33 KB 64ms
34ms Script
application/javascript 2.21.20.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EA3AAEE16562DA45&resid=EA3AAEE16562DA45%21108&authkey=AFMPbenAzIhSXB0&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-155.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jul 2022 10:54:32 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 29c81963-d01e-00de-63ce-3d4d7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21461583
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 483 KB
133 KB 58ms
27ms Script
application/javascript 2.21.20.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EA3AAEE16562DA45&resid=EA3AAEE16562DA45%21108&authkey=AFMPbenAzIhSXB0&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-155.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jul 2022 10:54:32 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4acc2b98-201e-0043-0a8f-3e373b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21564194
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 47 KB
14 KB 24ms
23ms Script
application/javascript 2.21.20.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EA3AAEE16562DA45&resid=EA3AAEE16562DA45%21108&authkey=AFMPbenAzIhSXB0&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-155.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jul 2022 10:54:32 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ea603572-001e-0054-47e3-d5f758000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=10035559
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 203 KB
68 KB 24ms
24ms Script
application/javascript 2.21.20.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EA3AAEE16562DA45&resid=EA3AAEE16562DA45%21108&authkey=AFMPbenAzIhSXB0&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-155.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jul 2022 10:54:32 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 449c47a3-c01e-000d-37a6-eaf2de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=12318569
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 15 KB
6 KB 26ms
26ms Script
application/javascript 2.21.20.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EA3AAEE16562DA45&resid=EA3AAEE16562DA45%21108&authkey=AFMPbenAzIhSXB0&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-155.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jul 2022 10:54:32 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 14332129-701e-0024-0947-43708d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=22043486
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/h47D8BF0D0CF68DD4_resources/1031/ Frame 8DA8 271 KB
34 KB 93ms
22ms Stylesheet
text/css 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h47D8BF0D0CF68DD4_resources/1031/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

47d8bf0d0cf68dd4d25a1a370bc2983e384d5e6d5f079b035ca2b76f071df3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"cfce72ff292d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15501.41003
x-officefe: DB5PEPF000083EB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33830
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:43:07 GMT
x-officefd: DB5PEPF000083EB
x-msedge-ref: Ref A: 46DD643907A24600A549D8A63B788C11 Ref B: AM3EDGE0215 Ref C: 2022-07-08T17:43:07Z
x-usersessionid: 46a94d63-4368-4dd7-ae87-add781eb15ac
date: Thu, 14 Jul 2022 10:54:32 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 46a94d63-4368-4dd7-ae87-add781eb15ac
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/ Frame 8DA8 106 KB
31 KB 135ms
66ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7d7fa7fb90d87e699218623828dc3fc14eca17ea1b4f771b84acb4e4ea3ec222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "ff6526b86f92d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15501.41003
x-officefe: DB5PEPF00008420
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 30994
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Fri, 08 Jul 2022 02:09:13 GMT
x-officefd: DB5PEPF00008420
x-usersessionid: 79e0792f-39dc-459b-be62-0710769b368e
date: Thu, 14 Jul 2022 10:54:32 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 79e0792f-39dc-459b-be62-0710769b368e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hF011B3AE4CE6A59A_App_Scripts/1031/ Frame 8DA8 160 KB
33 KB 141ms
73ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hF011B3AE4CE6A59A_App_Scripts/1031/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f6fa8aae79427b990f726835bd3421a98ba3a86f722f53005a47dda8c3bd4a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"98c962ff292d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15501.41003
x-officefe: DB5PEPF0000F302
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33145
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:43:07 GMT
x-officefd: DB5PEPF0000F302
x-msedge-ref: Ref A: 143CBF43866A44C6AFC06C7331497885 Ref B: AM3EDGE0417 Ref C: 2022-07-08T17:43:07Z
x-usersessionid: 9cf678a5-9f31-498b-86ce-4d6e201b2f23
date: Thu, 14 Jul 2022 10:54:32 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 9cf678a5-9f31-498b-86ce-4d6e201b2f23
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame 8DA8 6 KB
2 KB 121ms
54ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "cfa83fbddb90d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15428.41018
x-officefe: DB5PEPF0000840D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1828
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 06 Jul 2022 01:57:25 GMT
x-officefd: DB5PEPF0000840D
x-msedge-ref: Ref A: 6E9913E8F661493082CB996E7EA8B7EF Ref B: AM3EDGE0606 Ref C: 2022-07-07T21:31:59Z
x-usersessionid: d199acfa-e63d-4048-9c97-1796f227f878
date: Thu, 14 Jul 2022 10:54:32 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: d199acfa-e63d-4048-9c97-1796f227f878
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/ Frame 8DA8 21 KB
5 KB 46ms
45ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "82347985878dd81:0"
x-officecluster: GEU3C
x-officeversion: 16.0.15428.41018
x-officefe: DU2PEPF00009237
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 4307
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Fri, 01 Jul 2022 20:17:00 GMT
x-officefd: DU2PEPF00009211
x-msedge-ref: Ref A: 6361347D3439448BBECA6D951BC5EFC7 Ref B: AM3EDGE0310 Ref C: 2022-07-02T15:43:02Z
x-usersessionid: 1053a7b4-4796-4a98-971d-fcec5ac37892
date: Thu, 14 Jul 2022 10:54:32 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 1053a7b4-4796-4a98-971d-fcec5ac37892
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h487251F964C6209C_App_Scripts/1031/ Frame 8DA8 476 KB
74 KB 90ms
21ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h487251F964C6209C_App_Scripts/1031/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

487251f964c6209c3f8b29340d1071f76b51f6d7d14029d6fd4b8310b2b0b35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"b059fd2ef292d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15501.41003
x-officefe: AM4PEPF000102D5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 75129
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:43:07 GMT
x-officefd: AM4PEPF000102D5
x-msedge-ref: Ref A: E5900A74031D412CA971F07448657258 Ref B: AMS04EDGE2811 Ref C: 2022-07-08T17:43:07Z
x-usersessionid: e1f7ff93-0579-4b43-9cc3-85e2ce362d70
date: Thu, 14 Jul 2022 10:54:32 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e1f7ff93-0579-4b43-9cc3-85e2ce362d70
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hB9187E90483583EC_App_Scripts/exp/ Frame 8DA8 7 KB
3 KB 111ms
42ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hB9187E90483583EC_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b9187e90483583ec7b7a5104979c0267c2b9e3f424609cdda257453a39154cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"b241437ff192d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15501.41003
x-officefe: AM4PEPF000131EE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2453
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:38:12 GMT
x-officefd: AM4PEPF000131EE
x-msedge-ref: Ref A: FCFA02593B424CF6ADE7756BECCA0162 Ref B: AMS04EDGE1711 Ref C: 2022-07-08T17:38:12Z
x-usersessionid: 67435c97-469a-4ef8-ac9b-12cc73d7f287
date: Thu, 14 Jul 2022 10:54:32 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 67435c97-469a-4ef8-ac9b-12cc73d7f287
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/ Frame 8DA8 3 MB
463 KB 61ms
60ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

daa57b7921ef47f44827a443d6ef6ed92897f33e34bc87e022819faa99aea948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"71c86d97f092d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15501.41003
x-officefe: AM4PEPF00006A0A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 472426
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:31:43 GMT
x-officefd: AM4PEPF00006A0A
x-msedge-ref: Ref A: 5AA9307C4979463CA2165E9E2C9A5D9E Ref B: AMS04EDGE2015 Ref C: 2022-07-08T17:31:43Z
x-usersessionid: ab9c4e4f-8999-4d83-9b3e-276340d619ae
date: Thu, 14 Jul 2022 10:54:32 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ab9c4e4f-8999-4d83-9b3e-276340d619ae
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 8DA8 0
462 B 170ms
169ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15506.41003&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BAFA
x-officeversion: 16.0.15506.41003
x-officefe: BL6PEPF0000BAFA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: d3951c76-8d49-4020-acc4-fe81038105f8
x-officecluster: PGTUS4
x-usersessionid: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
date: Thu, 14 Jul 2022 10:54:32 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 4B7F2DBF565F42D9B45BE13294DFDEB9 Ref B: AMS04EDGE2816 Ref C: 2022-07-14T10:54:32Z

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 8DA8 37 KB
38 KB 3076ms
3076ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&access_token=4woJRQVGJ%2DCHdL8r2ryLdgmBzHRquE0zPSU%5F8knZrYv0AXLwTDjL6J5THBbO9QsA5VEv4yaZs%5F%5FTo4Ak0NrySYUm4TuOBSTgZhqfemqXgBsDSd2Ce81b3uTCY%5F5Gq0G6Od6TTcoyZZ4bs37JQWv1wcow&access_token_ttl=1659610471768&z=aRUEzQUFFRTE2NTYyREE0NSExMDguNQ&v=00000000-0000-0000-0000-000000000802&usid=b4ce3cea-c1f6-4dbd-abea-437ca732d3d0&splashscreen=1&build=16.0.15506.41003&PdfMode=1&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0b7c4fdff6061144ea18cfdc69a32e0b1e4387bb50c96844416ba08eeb8ddf96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF0001237E
x-officeversion: 16.0.15506.41003
x-officefe: AM4PEPF0001237E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 38274
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&access_token=4woJRQVGJ%2DCHdL8r2ryLdgmBzHRquE0zPSU%5F8knZrYv0AXLwTDjL6J5THBbO9QsA5VEv4yaZs%5F%5FTo4Ak0NrySYUm4TuOBSTgZhqfemqXgBsDSd2Ce81b3uTCY%5F5Gq0G6Od6TTcoyZZ4bs37JQWv1wcow&access_token_ttl=1659610471768&z=aRUEzQUFFRTE2NTYyREE0NSExMDguNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: a770befa-7578-4784-a009-0b6e084feab8
x-officefd: AM4PEPF0001237E
x-usersessionid: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
date: Thu, 14 Jul 2022 10:54:35 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: A43047F3260E480986ECAEE58784EF6E Ref B: AMS04EDGE2816 Ref C: 2022-07-14T10:54:32Z
timing-allow-origin: *
expires: Fri, 14 Jul 2023 10:54:35 GMT

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 8DA8 0
269 B 113ms
113ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15506.41003&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":163,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/h47D8BF0D0CF68DD4_resources/1031/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BB02
x-officeversion: 16.0.15506.41003
x-officefe: BL6PEPF0000BB02
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7dbc70e8-6355-44b0-83a8-18e96c0cc10f
x-officecluster: PGTUS4
x-usersessionid: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
date: Thu, 14 Jul 2022 10:54:32 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 2994EB37B2AD441F8CD248643C9530AB Ref B: AMS04EDGE2816 Ref C: 2022-07-14T10:54:32Z

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/h47D8BF0D0CF68DD4_resources/1031/ Frame 8DA8 22 KB
23 KB 40ms
40ms Font
font/x-woff 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h47D8BF0D0CF68DD4_resources/1031/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h47D8BF0D0CF68DD4_resources/1031/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/h47D8BF0D0CF68DD4_resources/1031/WordViewer.css
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"d7cbcf1b7395d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15501.41003
x-officefe: AM4PEPF0001293E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 22:11:02 GMT
x-officefd: AM4PEPF0001293E
x-msedge-ref: Ref A: ABB537259C7B41E29AF2D959E9153743 Ref B: AMS04EDGE3017 Ref C: 2022-07-11T22:11:02Z
x-usersessionid: 815b95d3-52e9-4ee2-8702-b90ea0289d01
date: Thu, 14 Jul 2022 10:54:32 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: 815b95d3-52e9-4ee2-8702-b90ea0289d01
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame 8DA8 356 B
1 KB 48ms
48ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&access_token=4woJRQVGJ%2DCHdL8r2ryLdgmBzHRquE0zPSU%5F8knZrYv0AXLwTDjL6J5THBbO9QsA5VEv4yaZs%5F%5FTo4Ak0NrySYUm4TuOBSTgZhqfemqXgBsDSd2Ce81b3uTCY%5F5Gq0G6Od6TTcoyZZ4bs37JQWv1wcow&access_token_ttl=1659610471768&z=aRUEzQUFFRTE2NTYyREE0NSExMDguNQ&type=png&o15=1&ui=de-DE&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

2ef64803ea810fdc64c0a40e7c4c7879e8d61029fd632eaa7bf56b2bf594ef9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012379
X-UserSessionId: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.41003
X-Key: kkJpMx62DwW3ThE81Avr25ORScocDEXg8XzqNx9gVhk=,637933928722874147
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012379
x-officeversion: 16.0.15506.41003
x-officefe: AM4PEPF00012379
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 350
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: a80b3055-dc7b-4e79-957a-5c13363c8aa3, a80b3055-dc7b-4e79-957a-5c13363c8aa3
x-officefd: AM4PEPF00006A30
x-usersessionid: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0, b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
x-powered-by: ARR/3.0
date: Thu, 14 Jul 2022 10:54:32 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 721163F92B134858843D511ECAD91918 Ref B: AMS04EDGE2816 Ref C: 2022-07-14T10:54:32Z
timing-allow-origin: *, *
expires: Fri, 14 Jul 2023 10:54:32 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/ Frame 8DA8 40 KB
7 KB 45ms
45ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ce0cb5e1645f246e4ce6f2f47a8b4793d4a72c8a0b7fb811081529010c53c0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"fea5f897f092d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15501.41003
x-officefe: DB5PEPF0000CE86
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 6020
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:31:44 GMT
x-officefd: DB5PEPF0000CE86
x-msedge-ref: Ref A: B61C345B858B4FEB9179473215D896B4 Ref B: AM3EDGE0217 Ref C: 2022-07-08T17:31:44Z
x-usersessionid: 0b7d834e-ee17-4519-8820-fb83ed4d8ead
date: Thu, 14 Jul 2022 10:54:32 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0b7d834e-ee17-4519-8820-fb83ed4d8ead
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wapsw.png
c1h-word-view-15.cdn.office.net/wv/s/161550641003_resources/1031/ Frame 8DA8 6 KB
6 KB 37ms
36ms Image
image/png 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_resources/1031/wapsw.png?b=1601550641003

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"b6d4e3236d95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15501.41003
x-officefe: DB5PEPF0000E800
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 5884
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Mon, 11 Jul 2022 21:28:19 GMT
x-officefd: DB5PEPF0000E800
x-msedge-ref: Ref A: EA8F9F568D0F416FB00EF6B3D0ADCD2C Ref B: AMS04EDGE2313 Ref C: 2022-07-11T21:28:19Z
x-usersessionid: b85a2f07-65c8-48ba-b553-75b440cdb2fc
date: Thu, 14 Jul 2022 10:54:32 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: b85a2f07-65c8-48ba-b553-75b440cdb2fc
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161550641003_resources/1031/ Frame 8DA8 34 KB
35 KB 45ms
44ms Image
image/png 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_resources/1031/wv.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"30b842246d95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15501.41003
x-officefe: AM4PEPF00010AB5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 21:28:19 GMT
x-officefd: AM4PEPF00010AB5
x-msedge-ref: Ref A: 22E4C79F8164411AB673040917369F25 Ref B: AM3EDGE0508 Ref C: 2022-07-11T21:28:19Z
x-usersessionid: a28f16cc-e920-4842-9a39-fbc56885ab8a
date: Thu, 14 Jul 2022 10:54:32 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: a28f16cc-e920-4842-9a39-fbc56885ab8a
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 8DA8 0
242 B 147ms
147ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15506.41003&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":366,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: SN3PEPF0000ED40
x-officeversion: 16.0.15506.41003
x-officefe: SN3PEPF0000ED40
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 8024cf80-fc0b-432f-aa3f-2ffbb28fdb80
x-officecluster: PGTUS5
x-usersessionid: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
date: Thu, 14 Jul 2022 10:54:32 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 83C2521A217140CDA7F4FB290B7866A9 Ref B: AMS04EDGE2816 Ref C: 2022-07-14T10:54:32Z

GET
BLOB 200
OK f9cac25c-ccfc-4b99-974b-d060aad0252d
https://word-view.officeapps.live.com/ Frame 8DA8 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/f9cac25c-ccfc-4b99-974b-d060aad0252d
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 8DA8 0
192 B 170ms
170ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15506.41003&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":601,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: SN3PEPF0000B3A8
x-officeversion: 16.0.15506.41003
x-officefe: SN3PEPF0000B3A8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: d667fe10-7ebb-454c-9bb9-388d6a079a4e
x-officecluster: PGTUS5
x-usersessionid: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
date: Thu, 14 Jul 2022 10:54:32 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: DFB7C985004E4850B5F6419FED545801 Ref B: AMS04EDGE2816 Ref C: 2022-07-14T10:54:33Z

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/ Frame 8DA8 839 KB
138 KB 22ms
21ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

29df3518ecf71f4ec87e5073cfd8bcb97344c1dd967b02d80955160893b4dff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d6e9898f092d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15501.41003
x-officefe: DB5PEPF0000F304
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 140481
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:31:44 GMT
x-officefd: DB5PEPF0000F304
x-msedge-ref: Ref A: 247E344575FB487E9AC7B21A8F3D9E41 Ref B: AM3EDGE0213 Ref C: 2022-07-08T17:31:44Z
x-usersessionid: 0aeffee7-4631-4b1c-9f35-086f11c34301
date: Thu, 14 Jul 2022 10:54:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0aeffee7-4631-4b1c-9f35-086f11c34301
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedback_floodgate.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/ Frame 8DA8 555 KB
103 KB 22ms
21ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22c386600572ad129d05b4504a5d68101d568893a4ee5e05703b866206e1654b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"60107e48f192d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15501.41003
x-officefe: DB5PEPF000083DB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 104906
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:36:40 GMT
x-officefd: DB5PEPF000083DB
x-msedge-ref: Ref A: 2F4824D5388844D39F66E71A238357C7 Ref B: AM3EDGE0720 Ref C: 2022-07-08T17:36:40Z
x-usersessionid: ec2ce232-6b1f-481b-83f3-430a6185a5ae
date: Thu, 14 Jul 2022 10:54:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ec2ce232-6b1f-481b-83f3-430a6185a5ae
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 8DA8 0
580 B 123ms
122ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15506.41003&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: AM4PEPF00012379
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.41003
X-Key: kkJpMx62DwW3ThE81Avr25ORScocDEXg8XzqNx9gVhk=,637933928722874147
X-bULS-SuppressionETag: BBE31633166256F2DB6D26B380223167D7A2039D
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4woJRQVGJ-CHdL8r2ryLdgmBzHRquE0zPSU_8knZrYv0AXLwTDjL6J5THBbO9QsA5VEv4yaZs__To4Ak0NrySYUm4TuOBSTgZhqfemqXgBsDSd2Ce81b3uTCY_5Gq0G6Od6TTcoyZZ4bs37JQWv1wcow
X-UserSessionId: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1659610471768
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.15506.41003
x-officefe: BL6PEPF0000BB02
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: BBE31633166256F2DB6D26B380223167D7A2039D
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: a13b00b7-f22d-4336-af13-8450c3a60414
x-officefd: BL6PEPF0000BB02
x-usersessionid: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
date: Thu, 14 Jul 2022 10:54:32 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 961CED7BE1E14F96A136CB8331B633FD Ref B: AMS04EDGE2816 Ref C: 2022-07-14T10:54:33Z

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161550641003_resources/1031/ Frame 8DA8 695 B
1 KB 23ms
23ms Image
image/gif 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_resources/1031/progress.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"aa201d246d95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15501.41003
x-officefe: DB5PEPF00008421
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 21:28:19 GMT
x-officefd: DB5PEPF00008421
x-msedge-ref: Ref A: DF01429C1FB3467EAD29A45ABB79459E Ref B: AM3EDGE0522 Ref C: 2022-07-11T21:28:19Z
x-usersessionid: 19244c66-2a35-4d9e-8035-1ea4b8f6909f
date: Thu, 14 Jul 2022 10:54:33 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: 19244c66-2a35-4d9e-8035-1ea4b8f6909f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 8DA8 37 KB
38 KB 165ms
165ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=b4ce3cea-c1f6-4dbd-abea-437ca732d3d0&build=16.0.15506.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&access_token=4woJRQVGJ-CHdL8r2ryLdgmBzHRquE0zPSU_8knZrYv0AXLwTDjL6J5THBbO9QsA5VEv4yaZs__To4Ak0NrySYUm4TuOBSTgZhqfemqXgBsDSd2Ce81b3uTCY_5Gq0G6Od6TTcoyZZ4bs37JQWv1wcow&access_token_ttl=1659610472165&z=aRUEzQUFFRTE2NTYyREE0NSExMDguNQ&waccluster=PNL1&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0b7c4fdff6061144ea18cfdc69a32e0b1e4387bb50c96844416ba08eeb8ddf96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF0001030D
x-officeversion: 16.0.15506.41003
x-officefe: AM4PEPF0001030D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 38274
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&access_token=4woJRQVGJ%2DCHdL8r2ryLdgmBzHRquE0zPSU%5F8knZrYv0AXLwTDjL6J5THBbO9QsA5VEv4yaZs%5F%5FTo4Ak0NrySYUm4TuOBSTgZhqfemqXgBsDSd2Ce81b3uTCY%5F5Gq0G6Od6TTcoyZZ4bs37JQWv1wcow&access_token_ttl=1659610472165&z=aRUEzQUFFRTE2NTYyREE0NSExMDguNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 0116c413-327a-4f58-af32-f60a40efe0ad
x-officefd: AM4PEPF0001030D
x-usersessionid: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
date: Thu, 14 Jul 2022 10:54:33 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 88806860A8CA4AEA9AC3EB6B7D98A373 Ref B: AMS04EDGE2816 Ref C: 2022-07-14T10:54:33Z
timing-allow-origin: *
expires: Fri, 14 Jul 2023 10:54:33 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 8DA8 2 KB
1 KB 42ms
42ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=b4ce3cea-c1f6-4dbd-abea-437ca732d3d0&build=16.0.15506.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&access_token=4woJRQVGJ%2DCHdL8r2ryLdgmBzHRquE0zPSU%5F8knZrYv0AXLwTDjL6J5THBbO9QsA5VEv4yaZs%5F%5FTo4Ak0NrySYUm4TuOBSTgZhqfemqXgBsDSd2Ce81b3uTCY%5F5Gq0G6Od6TTcoyZZ4bs37JQWv1wcow&access_token_ttl=1659610471768&z=aRUEzQUFFRTE2NTYyREE0NSExMDguNQ&waccluster=PNL1&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

80e8d6f12c9744ea4a440fc3107bc2f47b70e52930ef5cc52de295094f13df36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012379
X-UserSessionId: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.41003
X-Key: kkJpMx62DwW3ThE81Avr25ORScocDEXg8XzqNx9gVhk=,637933928722874147
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012379
x-officeversion: 16.0.15506.41003
x-officefe: AM4PEPF00012379
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 927
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&access_token=4woJRQVGJ%2DCHdL8r2ryLdgmBzHRquE0zPSU%5F8knZrYv0AXLwTDjL6J5THBbO9QsA5VEv4yaZs%5F%5FTo4Ak0NrySYUm4TuOBSTgZhqfemqXgBsDSd2Ce81b3uTCY%5F5Gq0G6Od6TTcoyZZ4bs37JQWv1wcow&access_token_ttl=1659610471768&z=aRUEzQUFFRTE2NTYyREE0NSExMDguNQ00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: ecbf8400-a29c-4393-8832-f63356d48f01, ecbf8400-a29c-4393-8832-f63356d48f01
x-officefd: AM4PEPF000131FB
x-usersessionid: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0, b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
x-powered-by: ARR/3.0
date: Thu, 14 Jul 2022 10:54:32 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 1BA5E4B8E5DD42A6A58B98D94F66ACA1 Ref B: AMS04EDGE2816 Ref C: 2022-07-14T10:54:33Z
timing-allow-origin: *, *
expires: Fri, 14 Jul 2023 10:54:33 GMT

GET
H2 200 officebrowserfeedback.css
c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/ Frame 8DA8 18 KB
3 KB 34ms
33ms Stylesheet
text/css 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7f703fcf43b8a40a23eca3b9ae2d83f8cdb87e2e89164d575d86594fee60fe85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"1455154ef192d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15501.41003
x-officefe: AM4PEPF0001237B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2718
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:36:50 GMT
x-officefd: AM4PEPF0001237B
x-msedge-ref: Ref A: 9799157AED494996840E2C894E15319A Ref B: AMS04EDGE2609 Ref C: 2022-07-08T17:36:50Z
x-usersessionid: 782cff7a-a075-469d-aa0a-98bd110c01ef
date: Thu, 14 Jul 2022 10:54:33 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 782cff7a-a075-469d-aa0a-98bd110c01ef
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedbackstrings.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/Intl/de/ Frame 8DA8 2 KB
2 KB 32ms
31ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/Intl/de/officebrowserfeedbackstrings.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

519dc56ed053dbbb1df9327006ed3777c667f9c88ba36af49ae6e64fe6d4c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"29205f54f292d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15501.41003
x-officefe: DB5PEPF0000CE8E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1044
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:44:10 GMT
x-officefd: DB5PEPF0000CE8E
x-msedge-ref: Ref A: 7AC6A6E97A91467392027CC423CA0C36 Ref B: AM3EDGE0611 Ref C: 2022-07-08T17:44:10Z
x-usersessionid: 0e96b16c-a384-4553-a660-5c967db5517e
date: Thu, 14 Jul 2022 10:54:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0e96b16c-a384-4553-a660-5c967db5517e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 campaignmetadataaggregator Show response
messaging.engagement.office.com/ Frame 8DA8 107 B
440 B 193ms
192ms Fetch
text/plain 52.109.136.29
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://messaging.engagement.office.com/campaignmetadataaggregator?country=DE&locale=de-DE&app=2155&platform=Web&version=16.0.15506.41003&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%3Bwordfloodgateflight15%3Bwordfloodgateflight3%3Bwordfloodgateflight4%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3Bwordfloodgateflight15%3Bwordfloodgateflight3%3Bwordfloodgateflight4%3B&ageGroup=0&sessionUserType=2

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.136.29 Cheyenne, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

235935e5a4193a56a35bac70e03cefd0b90e25534209b4217147594f5d25da6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
x-correlationid: e24b8dc0-ecb5-49aa-faa7-3fc931efac20
x-usersessionid: 18aef0c8-27fd-4263-92dc-1bca4e7d6291
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 10:54:33 GMT
x-activitytraceid: 4e7e5ae42d59994d24238ba14417a407
x-correlationid: 4e7e5ae4-2d59-994d-2423-8ba14417a407
server: Microsoft-HTTPAPI/2.0
x-servicefabricrequestid: a1caf30d-163d-466f-af7f-f9c5b3943158
strict-transport-security: max-age=31536000
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-machine: OmexNodes000006__omexexternal-prod-wcus-000_6
x-buildversion: 22.4.10707.12235

OPTIONS
H2 204 campaignmetadataaggregator
messaging.engagement.office.com/ Frame 0
0 472ms
150ms Preflight 52.109.136.29
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.136.29 Cheyenne, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Access-Control-Request-Method: GET
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: x-correlationid,x-usersessionid
access-control-allow-methods: GET
access-control-allow-origin: *
date: Thu, 14 Jul 2022 10:54:33 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-activitytraceid: ce645976cdf31865f5a429b0be413dcf
x-buildversion: 22.4.10707.12235
x-correlationid: ce645976-cdf3-1865-f5a4-29b0be413dcf
x-machine: OmexNodes000004__omexexternal-prod-wcus-000_4
x-servicefabricrequestid: 0d95d13c-2d94-4b6d-8a4d-14efb993ca84

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 8DA8 42 KB
16 KB 134ms
24ms Script
application/javascript 104.111.237.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.111.237.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-183.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 10:54:33 GMT
X-MSNServer: RD0003FF242117
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=35313, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 8DA8 0
199 B 153ms
152ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15506.41003&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":789,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: SN3PEPF0000ED3A
x-officeversion: 16.0.15506.41003
x-officefe: SN3PEPF0000ED3A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 64621d2d-3bfc-48da-ad36-656b586b000a
x-officecluster: PGTUS5
x-usersessionid: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
date: Thu, 14 Jul 2022 10:54:33 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: F39A42FB57224AF38866C4198A3E4A44 Ref B: AMS04EDGE2816 Ref C: 2022-07-14T10:54:33Z

GET
H2 200 otelFull.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/ Frame 8DA8 99 KB
29 KB 22ms
22ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/otelFull.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"5a807398f092d81:0"
x-officecluster: GEU3C
x-officeversion: 16.0.15501.41003
x-officefe: DU2PEPF00009239
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 28874
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Fri, 08 Jul 2022 17:31:45 GMT
x-officefd: DU2PEPF0000920E
x-msedge-ref: Ref A: 16D962B2621647D49C32DDDC97C0A12C Ref B: AM3EDGE0217 Ref C: 2022-07-08T17:31:45Z
x-usersessionid: 69fe0503-30d8-473a-b4fa-c21de2ada32e
date: Thu, 14 Jul 2022 10:54:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 69fe0503-30d8-473a-b4fa-c21de2ada32e
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 8DA8 4 B
378 B 732ms
175ms XHR
application/json 20.189.173.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/ping

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/otelFull.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.7 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 14 Jul 2022 10:54:33 GMT
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 translation.ashx Show response
word-view.officeapps.live.com/wv/ Frame 8DA8 2 KB
2 KB 48ms
46ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&access_token=4woJRQVGJ%2DCHdL8r2ryLdgmBzHRquE0zPSU%5F8knZrYv0AXLwTDjL6J5THBbO9QsA5VEv4yaZs%5F%5FTo4Ak0NrySYUm4TuOBSTgZhqfemqXgBsDSd2Ce81b3uTCY%5F5Gq0G6Od6TTcoyZZ4bs37JQWv1wcow&access_token_ttl=1659610471768&z=aRUEzQUFFRTE2NTYyREE0NSExMDguNQ&uilang=de-DE

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

922201786205da9c51ac0752e274be6614d995d39e92d18908babf44c74517c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012379
X-UserSessionId: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.41003
X-Key: kkJpMx62DwW3ThE81Avr25ORScocDEXg8XzqNx9gVhk=,637933928722874147
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012379
x-officeversion: 16.0.15506.41003
x-officefe: AM4PEPF00012379
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1455
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: a50febda-e233-4f64-a1e5-90519f30cc26, a50febda-e233-4f64-a1e5-90519f30cc26
x-officefd: AM4PEPF0001293C
x-usersessionid: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0, b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
x-powered-by: ARR/3.0
date: Thu, 14 Jul 2022 10:54:33 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 876F6122305F4DF793B2693CC48B427D Ref B: AMS04EDGE2816 Ref C: 2022-07-14T10:54:34Z
timing-allow-origin: *, *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 8DA8 0
449 B 151ms
151ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15506.41003&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: AM4PEPF00012379
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.41003
X-Key: kkJpMx62DwW3ThE81Avr25ORScocDEXg8XzqNx9gVhk=,637933928722874147
X-bULS-SuppressionETag: BBE31633166256F2DB6D26B380223167D7A2039D
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4woJRQVGJ-CHdL8r2ryLdgmBzHRquE0zPSU_8knZrYv0AXLwTDjL6J5THBbO9QsA5VEv4yaZs__To4Ak0NrySYUm4TuOBSTgZhqfemqXgBsDSd2Ce81b3uTCY_5Gq0G6Od6TTcoyZZ4bs37JQWv1wcow
X-UserSessionId: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=qbs/cEHc+02lbDTYHQ7J1w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEA3AAEE16562DA45%21108&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1659610471768
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.15506.41003
x-officefe: BL6PEPF0000BB02
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: BBE31633166256F2DB6D26B380223167D7A2039D
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 94639dc5-6ba7-48d8-b331-ec9f7be8f40e
x-officefd: BL6PEPF0000BB02
x-usersessionid: b4ce3cea-c1f6-4dbd-abea-437ca732d3d0
date: Thu, 14 Jul 2022 10:54:35 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: F472503524D44D4AB72FFE8A6DF82803 Ref B: AMS04EDGE2816 Ref C: 2022-07-14T10:54:35Z

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 8DA8 0
442 B 1057ms
522ms XHR
application/json 20.189.173.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.7 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 14 Jul 2022 10:54:35 GMT
time-delta-millis: 613
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 8DA8 24 B
475 B 701ms
175ms XHR
application/json 20.189.173.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1657796075253&time-delta-to-apply-millis=use-collector-delta&w=2

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/otelFull.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.7 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 14 Jul 2022 10:54:35 GMT
time-delta-millis: 603
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

GET
H2

200

c.gif
c.live.com/
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=f3afe3ed-7097-47b2-b059-d9348fddef3c&reqid=00172ec151f&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF9C1F39%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=f3afe3ed-7097-47b2-b059-d9348fddef3c&reqid=00172ec151f&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF9C1F39%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=f3afe3ed-7097-47b2-b059-d9348fddef3c&reqid=00172ec151f&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF9C1F39%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
255 B

41ms
41ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=f3afe3ed-7097-47b2-b059-d9348fddef3c&reqid=00172ec151f&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF9C1F39%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D5561%26IR%3D1%26EX%3D0%26L.h%3D2086%26L.sjs%3D2299%26L.ttg%3D2086%26C.st%3D1657796069967%26N.domIn%3D2116%26N.dns%3D76%26N.tcp%3D66%26N.req%3D1784%26N.resp%3D5%26N.navType%3D0%26N.redirectCount%3D0&r=0.8887688652870069&CtsSyncId=8380A3CDC61B4BCAA20DDE24893782AD&MUID=3CFB3F97A65F67E1365B2E76A25F631F
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 10:54:35 GMT
last-modified: Sat, 02 Jul 2022 00:08:47 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8a177e6a78dd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 14 Jul 2022 10:54:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 87A5A1FD6D39495ABACCF186C20A0A5F Ref B: FRAEDGE1211 Ref C: 2022-07-14T10:54:35Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=f3afe3ed-7097-47b2-b059-d9348fddef3c&reqid=00172ec151f&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF9C1F39%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D5561%26IR%3D1%26EX%3D0%26L.h%3D2086%26L.sjs%3D2299%26L.ttg%3D2086%26C.st%3D1657796069967%26N.domIn%3D2116%26N.dns%3D76%26N.tcp%3D66%26N.req%3D1784%26N.resp%3D5%26N.navType%3D0%26N.redirectCount%3D0&r=0.8887688652870069&CtsSyncId=8380A3CDC61B4BCAA20DDE24893782AD&MUID=3CFB3F97A65F67E1365B2E76A25F631F
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.live.com/	1969-12-31 23:59:59	Name: E Value: P:lOtwOodl2og=:ekOr74eNNqsPZ1H9bYsfmGubxbJ9yECY9YDxj4Z4DN8=:F
.live.com/	1969-12-31 23:59:59	Name: xid Value: f3afe3ed-7097-47b2-b059-d9348fddef3c&&RD0003FF9C1F39&238
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 1
.live.com/	1970-01-20 04:40:00	Name: wla42 Value:
word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
.live.com/	1969-12-31 23:59:59	Name: BP Value: l=SDX.Skydrive&FR=&ST=
.live.com/	1970-01-20 13:51:32	Name: MUID Value: 3CFB3F97A65F67E1365B2E76A25F631F
.bing.com/	1970-01-20 13:51:32	Name: MUID Value: 3CFB3F97A65F67E1365B2E76A25F631F
.c.bing.com/	1970-01-20 13:51:32	Name: SRM_B Value: 3CFB3F97A65F67E1365B2E76A25F631F
.c.bing.com/	1970-01-20 13:51:32	Name: SRM_L Value: 3CFB3F97A65F67E1365B2E76A25F631F
.c.live.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.live.com/	1970-01-20 04:29:56	Name: ANONCHK Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.live.com
c1h-word-view-15.cdn.office.net
js.live.net
messaging.engagement.office.com
onedrive.live.com
spoprod-a.akamaihd.net
word-view.officeapps.live.com
104.111.237.183
13.107.43.13
2.21.20.155
20.189.173.7
20.234.93.27
2620:1ec:a92::171
2620:1ec:c11::200
2a02:26f0:3500:588::1c24
52.109.136.29
0b7c4fdff6061144ea18cfdc69a32e0b1e4387bb50c96844416ba08eeb8ddf96
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29
22c386600572ad129d05b4504a5d68101d568893a4ee5e05703b866206e1654b
235935e5a4193a56a35bac70e03cefd0b90e25534209b4217147594f5d25da6f
29df3518ecf71f4ec87e5073cfd8bcb97344c1dd967b02d80955160893b4dff6
2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48
2ef64803ea810fdc64c0a40e7c4c7879e8d61029fd632eaa7bf56b2bf594ef9e
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
47d8bf0d0cf68dd4d25a1a370bc2983e384d5e6d5f079b035ca2b76f071df3a9
487251f964c6209c3f8b29340d1071f76b51f6d7d14029d6fd4b8310b2b0b35d
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
519dc56ed053dbbb1df9327006ed3777c667f9c88ba36af49ae6e64fe6d4c67e
51c29bebbc748a02638f7b3eb3d7bb9dcf7579da20c0b8d69d3d038280441a20
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
627b528d72323c5c6ddb8481903d2cd9edfe16570b132457acc9270cd9a68985
7d7fa7fb90d87e699218623828dc3fc14eca17ea1b4f771b84acb4e4ea3ec222
7f703fcf43b8a40a23eca3b9ae2d83f8cdb87e2e89164d575d86594fee60fe85
80e8d6f12c9744ea4a440fc3107bc2f47b70e52930ef5cc52de295094f13df36
922201786205da9c51ac0752e274be6614d995d39e92d18908babf44c74517c0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
b9187e90483583ec7b7a5104979c0267c2b9e3f424609cdda257453a39154cf7
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
ce0cb5e1645f246e4ce6f2f47a8b4793d4a72c8a0b7fb811081529010c53c0d2
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
daa57b7921ef47f44827a443d6ef6ed92897f33e34bc87e022819faa99aea948
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6fa8aae79427b990f726835bd3421a98ba3a86f722f53005a47dda8c3bd4a49

onedrive.live.com Open in urlscan Pro 13.107.43.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

47 Requests

96 %HTTPS

33 %IPv6

7 Domains

10 Subdomains

9 IPs

3 Countries

1550 kBTransfer

6856 kBSize

12 Cookies

0 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onedrive.live.com Open in urlscan Pro
13.107.43.13 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

96 %
HTTPS

33 %
IPv6

7
Domains

10
Subdomains

9
IPs

3
Countries

1550 kB
Transfer

6856 kB
Size

12
Cookies

47 HTTP transactions
0 data transactions