onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/embed?cid=5B6506D749CB9012&resid=5B6506D749CB9012%21175&authkey=AB4WrHJnedcEdHY&em=2
Submission Tags: falconsandbox
Submission: On July 15 via api (July 15th 2022, 12:25:03 am UTC) from US — Scanned from DE

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 7 domains to perform 46 HTTP transactions. The main IP is 13.107.42.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com. The Cisco Umbrella rank of the primary domain is 3499.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on February 1st 2022. Valid for: a year.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	92.123.195.68 92.123.195.68	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
18	2a02:26f0:480... 2a02:26f0:480:28e::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.111.243.3 52.111.243.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.205.236.6 23.205.236.6	16625 (AKAMAI-AS) (AKAMAI-AS)
2	20.189.173.5 20.189.173.5	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.42.65.85 20.42.65.85	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
46	10

1 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 92.123.195.68 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-195-68.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:26f0:480:28e::1c24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1h-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.111.243.3 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

messaging.engagement.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.236.6 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-236-6.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.189.173.5 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.42.65.85 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	office.net c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 6286	995 KB
15	live.com 1 redirects onedrive.live.com — Cisco Umbrella Rank: 3499 word-view.officeapps.live.com — Cisco Umbrella Rank: 9502 c.live.com — Cisco Umbrella Rank: 9273	255 KB
7	akamaihd.net spoprod-a.akamaihd.net — Cisco Umbrella Rank: 7411	301 KB
3	microsoft.com browser.events.data.microsoft.com — Cisco Umbrella Rank: 256 browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 131	1 KB
2	office.com messaging.engagement.office.com — Cisco Umbrella Rank: 647	441 B
1	live.net js.live.net — Cisco Umbrella Rank: 13555	16 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 235	1 KB
46	7

	Domain	Requested by
18	c1h-word-view-15.cdn.office.net	word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
12	word-view.officeapps.live.com	onedrive.live.com word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
7	spoprod-a.akamaihd.net	onedrive.live.com
2	browser.events.data.microsoft.com	c1h-word-view-15.cdn.office.net
2	messaging.engagement.office.com	c1h-word-view-15.cdn.office.net
2	c.live.com	1 redirects
1	browser.pipe.aria.microsoft.com	c1h-word-view-15.cdn.office.net
1	js.live.net	c1h-word-view-15.cdn.office.net
1	c.bing.com	1 redirects
1	onedrive.live.com
46	10

This site contains no links.

Subject Issuer	Validity	Valid
onedrive.com Microsoft RSA TLS CA 02	`2022-02-01` - `2023-02-01`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2022-04-19` - `2023-04-18`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
messaging.engagement.office.com DigiCert Cloud Services CA-1	`2022-03-14` - `2023-03-13`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2021-09-29` - `2022-09-29`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02	`2022-05-21` - `2023-05-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://onedrive.live.com/embed?cid=5B6506D749CB9012&resid=5B6506D749CB9012%21175&authkey=AB4WrHJnedcEdHY&em=2
Frame ID: DA5FAD327A53C6B362C94FABC24AD36F
Requests: 9 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=J1Xqm5oHR0Csyxf5XD2P9w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&sc=host%3D%26qt%3DDefault%26pt%3Dem
Frame ID: 26326C17FBB413FBBA168C09308E5E37
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

96 %
HTTPS

30 %
IPv6

7
Domains

10
Subdomains

10
IPs

4
Countries

1568 kB
Transfer

6875 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://c.live.com/c.gif?DI=15347&wlxid=d75bffb5-52ea-4394-ab70-5c7c106617c9&reqid=00126dca5af&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F4BCA%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D2409%26IR%3D1%26EX%3D0%26L.h%3D1612%26L.sjs%3D1947%26L.ttg%3D1612%26C.st%3D1657844696809%26N.domIn%3D1630%26N.dns%3D603%26N.tcp%3D354%26N.req%3D542%26N.resp%3D2%26N.navType%3D0%26N.redirectCount%3D0&r=0.33888476095846065 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=d75bffb5-52ea-4394-ab70-5c7c106617c9&reqid=00126dca5af&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F4BCA%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D2409%26IR%3D1%26EX%3D0%26L.h%3D1612%26L.sjs%3D1947%26L.ttg%3D1612%26C.st%3D1657844696809%26N.domIn%3D1630%26N.dns%3D603%26N.tcp%3D354%26N.req%3D542%26N.resp%3D2%26N.navType%3D0%26N.redirectCount%3D0&r=0.33888476095846065&CtsSyncId=3E2341174979425FA5151757223B317B&RedC=c.live.com&MXFR=03445DE2E42E618319FC4C00E02E65CA HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=d75bffb5-52ea-4394-ab70-5c7c106617c9&reqid=00126dca5af&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F4BCA%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D2409%26IR%3D1%26EX%3D0%26L.h%3D1612%26L.sjs%3D1947%26L.ttg%3D1612%26C.st%3D1657844696809%26N.domIn%3D1630%26N.dns%3D603%26N.tcp%3D354%26N.req%3D542%26N.resp%3D2%26N.navType%3D0%26N.redirectCount%3D0&r=0.33888476095846065&CtsSyncId=3E2341174979425FA5151757223B317B&MUID=03445DE2E42E618319FC4C00E02E65CA

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request embed Show response
onedrive.live.com/ 61 KB
21 KB 1498ms
540ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=5B6506D749CB9012&resid=5B6506D749CB9012%21175&authkey=AB4WrHJnedcEdHY&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

502f8df8cc9f13132349999d4b8273840e51127a709e3661f2a01e3627c15e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 15 Jul 2022 00:24:58 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-msedge-ref: Ref A: 4184BDE9259F424EA75CB7A6BA2BB89B Ref B: FRAEDGE1215 Ref C: 2022-07-15T00:24:57Z
x-msnserver: RD00155D6F4BCA
x-odwebserver: northcentralus1-odwebpl

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 85 KB
16 KB 85ms
33ms Stylesheet
text/css 92.123.195.68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=5B6506D749CB9012&resid=5B6506D749CB9012%21175&authkey=AB4WrHJnedcEdHY&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.195.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-68.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Jul 2022 00:24:58 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6f0a1371-501e-0080-4432-fbbe78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14127018
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 169 KB
30 KB 72ms
21ms Stylesheet
text/css 92.123.195.68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=5B6506D749CB9012&resid=5B6506D749CB9012%21175&authkey=AB4WrHJnedcEdHY&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.195.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-68.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Jul 2022 00:24:58 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f5613635-d01e-011d-1258-d9826d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=10367239
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame 2632 132 KB
134 KB 113ms
60ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=J1Xqm5oHR0Csyxf5XD2P9w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&sc=host%3D%26qt%3DDefault%26pt%3Dem

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=5B6506D749CB9012&resid=5B6506D749CB9012%21175&authkey=AB4WrHJnedcEdHY&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

154c1971e732adf479fb2bd21fd208035f3b58ddb35c10dee2337088c2157591

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Fri, 15 Jul 2022 00:24:58 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: a9b89193-ae87-4dd2-8f06-79aebff5683c
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 25D7237F7BA440DEA8904478FD6E9629 Ref B: AM3EDGE0713 Ref C: 2022-07-15T00:24:58Z
x-officecluster: PIE1
x-officefd: DB5PEPF0000E7F6
x-officefe: DB5PEPF0000E7F6
x-officeversion: 16.0.15506.41003
x-usersessionid: a9b89193-ae87-4dd2-8f06-79aebff5683c

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 92 KB
33 KB 46ms
18ms Script
application/javascript 92.123.195.68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=5B6506D749CB9012&resid=5B6506D749CB9012%21175&authkey=AB4WrHJnedcEdHY&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.195.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-68.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Jul 2022 00:24:58 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 29c81963-d01e-00de-63ce-3d4d7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21412960
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 483 KB
133 KB 47ms
20ms Script
application/javascript 92.123.195.68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=5B6506D749CB9012&resid=5B6506D749CB9012%21175&authkey=AB4WrHJnedcEdHY&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.195.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-68.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Jul 2022 00:24:58 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4acc2b98-201e-0043-0a8f-3e373b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21515594
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H3-Q050 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 47 KB
14 KB 19ms
18ms Script
application/javascript 92.123.195.68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=5B6506D749CB9012&resid=5B6506D749CB9012%21175&authkey=AB4WrHJnedcEdHY&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.195.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-68.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Jul 2022 00:24:58 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ea603572-001e-0054-47e3-d5f758000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=9986913
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 203 KB
68 KB 16ms
16ms Script
application/javascript 92.123.195.68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=5B6506D749CB9012&resid=5B6506D749CB9012%21175&authkey=AB4WrHJnedcEdHY&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.195.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-68.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Jul 2022 00:24:58 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 449c47a3-c01e-000d-37a6-eaf2de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=12269918
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 15 KB
6 KB 24ms
23ms Script
application/javascript 92.123.195.68
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=5B6506D749CB9012&resid=5B6506D749CB9012%21175&authkey=AB4WrHJnedcEdHY&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.195.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-68.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Jul 2022 00:24:58 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dda5c441-801e-0105-09a7-37aff8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=20779637
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/h47D8BF0D0CF68DD4_resources/1031/ Frame 2632 271 KB
34 KB 64ms
8ms Stylesheet
text/css 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h47D8BF0D0CF68DD4_resources/1031/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=J1Xqm5oHR0Csyxf5XD2P9w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&sc=host%3D%26qt%3DDefault%26pt%3Dem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

47d8bf0d0cf68dd4d25a1a370bc2983e384d5e6d5f079b035ca2b76f071df3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "ed6c76f6f192d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15501.41003
x-officefe: AM4PEPF00011BC4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33830
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:41:32 GMT
x-officefd: AM4PEPF00011BC4
x-msedge-ref: Ref A: 551D1416FF8D42E0AF24B4026B427C0E Ref B: AMS04EDGE2011 Ref C: 2022-07-11T22:23:28Z
x-usersessionid: 09cde900-5aa5-4fff-9e05-6fa7b81494d4
date: Fri, 15 Jul 2022 00:24:58 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 09cde900-5aa5-4fff-9e05-6fa7b81494d4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/ Frame 2632 106 KB
31 KB 73ms
18ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7d7fa7fb90d87e699218623828dc3fc14eca17ea1b4f771b84acb4e4ea3ec222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "ff6526b86f92d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15501.41003
x-officefe: DB5PEPF00008420
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 30994
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Fri, 08 Jul 2022 02:09:13 GMT
x-officefd: DB5PEPF00008420
x-usersessionid: 79e0792f-39dc-459b-be62-0710769b368e
date: Fri, 15 Jul 2022 00:24:58 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 79e0792f-39dc-459b-be62-0710769b368e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hF011B3AE4CE6A59A_App_Scripts/1031/ Frame 2632 160 KB
33 KB 76ms
24ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hF011B3AE4CE6A59A_App_Scripts/1031/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f6fa8aae79427b990f726835bd3421a98ba3a86f722f53005a47dda8c3bd4a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"8ee945d87495d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15501.41003
x-officefe: AM4PEPF00011BB8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33145
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 22:23:28 GMT
x-officefd: AM4PEPF00011BB8
x-msedge-ref: Ref A: D5C10CCDC980418BB97C1DE9DAC04664 Ref B: AMS04EDGE3515 Ref C: 2022-07-11T22:23:28Z
x-usersessionid: 08604b58-1018-4587-8c4b-2a816a8693fc
date: Fri, 15 Jul 2022 00:24:58 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 08604b58-1018-4587-8c4b-2a816a8693fc
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame 2632 6 KB
2 KB 77ms
25ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "84ce21b8f91d81:0"
x-officecluster: GEU4C
x-officeversion: 16.0.15501.41003
x-officefe: DU2PEPF00008311
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 1373
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Wed, 06 Jul 2022 23:21:24 GMT
x-officefd: DU2PEPF00009246
x-msedge-ref: Ref A: F83ABA9A643B4A5F984F562879D1E11D Ref B: AMS04EDGE2116 Ref C: 2022-07-08T17:14:29Z
x-usersessionid: 7da171fe-ff34-4bf3-95e1-d152a3c0af4c
date: Fri, 15 Jul 2022 00:24:58 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 7da171fe-ff34-4bf3-95e1-d152a3c0af4c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/ Frame 2632 21 KB
6 KB 14ms
13ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "68bb40736d92d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15501.41003
x-officefe: AM4PEPF00012932
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5337
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 01:52:59 GMT
x-officefd: AM4PEPF00012932
x-msedge-ref: Ref A: 43EBE9FF4CF64D55AB800C7481F98E71 Ref B: AM3EDGE0717 Ref C: 2022-07-11T05:11:42Z
x-usersessionid: 3867a7e2-c2b0-41ad-9abd-0ae00c41d3a5
date: Fri, 15 Jul 2022 00:24:58 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 3867a7e2-c2b0-41ad-9abd-0ae00c41d3a5
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h487251F964C6209C_App_Scripts/1031/ Frame 2632 476 KB
74 KB 63ms
8ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h487251F964C6209C_App_Scripts/1031/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

487251f964c6209c3f8b29340d1071f76b51f6d7d14029d6fd4b8310b2b0b35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"c9d459d87495d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15501.41003
x-officefe: DB5PEPF0000E7F8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 75129
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 22:23:28 GMT
x-officefd: DB5PEPF0000E7F8
x-msedge-ref: Ref A: 70547E02B7384AE480FF70997E52CAEA Ref B: AMS04EDGE3522 Ref C: 2022-07-11T22:23:28Z
x-usersessionid: bdf8b09d-0b8c-4177-8969-9eb433e62a1d
date: Fri, 15 Jul 2022 00:24:58 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: bdf8b09d-0b8c-4177-8969-9eb433e62a1d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hB9187E90483583EC_App_Scripts/exp/ Frame 2632 7 KB
4 KB 71ms
16ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hB9187E90483583EC_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b9187e90483583ec7b7a5104979c0267c2b9e3f424609cdda257453a39154cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"503e788ef92d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15501.41003
x-officefe: AM4PEPF000131F7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3207
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:24:09 GMT
x-officefd: AM4PEPF000131F7
x-msedge-ref: Ref A: DD60B5015E484E0DA93AAB3198DE4412 Ref B: AMS04EDGE3019 Ref C: 2022-07-08T17:24:09Z
x-usersessionid: b647002a-d3bd-4e75-91c3-996bd99611fa
date: Fri, 15 Jul 2022 00:24:58 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b647002a-d3bd-4e75-91c3-996bd99611fa
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/ Frame 2632 3 MB
463 KB 15ms
14ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

daa57b7921ef47f44827a443d6ef6ed92897f33e34bc87e022819faa99aea948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"71c86d97f092d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15501.41003
x-officefe: AM4PEPF00006A0A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 472426
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:31:43 GMT
x-officefd: AM4PEPF00006A0A
x-msedge-ref: Ref A: 5AA9307C4979463CA2165E9E2C9A5D9E Ref B: AMS04EDGE2015 Ref C: 2022-07-08T17:31:43Z
x-usersessionid: ab9c4e4f-8999-4d83-9b3e-276340d619ae
date: Fri, 15 Jul 2022 00:24:58 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ab9c4e4f-8999-4d83-9b3e-276340d619ae
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2632 0
454 B 166ms
165ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15506.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=J1Xqm5oHR0Csyxf5XD2P9w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: a9b89193-ae87-4dd2-8f06-79aebff5683c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: MW1PEPF0000A189
x-officeversion: 16.0.15512.41018
x-officefe: MW1PEPF0000A189
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: b997743d-8d7f-4e94-8557-120e617f39c1
x-officecluster: PGTUS2
x-usersessionid: a9b89193-ae87-4dd2-8f06-79aebff5683c
date: Fri, 15 Jul 2022 00:24:58 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 74D1044626F54FD48CC2122EAF07F45E Ref B: AM3EDGE0713 Ref C: 2022-07-15T00:24:58Z

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 2632 45 KB
46 KB 239ms
238ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&access_token=4wmcR3v5G6M%2DuDm5OK6d0FS6ujDpPQHvBjUCmPyMBM78brPE6Dy%2Doxu0V%2D5FboyIvY5oQui4O461lVldSOxuAd7MEUkhR1r4XmSYTKkelicvXh3StAIxyu9irgDf5n55Q%2Dxzi6YmXkP6FGX8YYkEiyHg&access_token_ttl=1659659098204&z=aNUI2NTA2RDc0OUNCOTAxMiExNzUuNQ&v=00000000-0000-0000-0000-000000000802&usid=a9b89193-ae87-4dd2-8f06-79aebff5683c&splashscreen=1&build=16.0.15506.41003&PdfMode=1&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7e791675709a2cdd79245a502e95cc790a242272c1a55bb1850edc761802bae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=J1Xqm5oHR0Csyxf5XD2P9w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF0000F304
x-officeversion: 16.0.15506.41003
x-officefe: DB5PEPF0000F304
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 46113
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&access_token=4wmcR3v5G6M%2DuDm5OK6d0FS6ujDpPQHvBjUCmPyMBM78brPE6Dy%2Doxu0V%2D5FboyIvY5oQui4O461lVldSOxuAd7MEUkhR1r4XmSYTKkelicvXh3StAIxyu9irgDf5n55Q%2Dxzi6YmXkP6FGX8YYkEiyHg&access_token_ttl=1659659098204&z=aNUI2NTA2RDc0OUNCOTAxMiExNzUuNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: cc995cd0-e7c5-4a59-b6d4-938b2af79ce0
x-officefd: DB5PEPF0000F304
x-usersessionid: a9b89193-ae87-4dd2-8f06-79aebff5683c
date: Fri, 15 Jul 2022 00:24:59 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: F5521E476D3B405D9CB8C4E29799B17D Ref B: AM3EDGE0713 Ref C: 2022-07-15T00:24:58Z
timing-allow-origin: *
expires: Sat, 15 Jul 2023 00:24:59 GMT

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/h47D8BF0D0CF68DD4_resources/1031/ Frame 2632 22 KB
23 KB 8ms
8ms Font
font/x-woff 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h47D8BF0D0CF68DD4_resources/1031/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h47D8BF0D0CF68DD4_resources/1031/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/h47D8BF0D0CF68DD4_resources/1031/WordViewer.css
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "125e5fc82d92d81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15506.41003
x-officefe: AM4PEPF000141DB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 07 Jul 2022 18:17:14 GMT
x-officefd: AM4PEPF000141DB
x-msedge-ref: Ref A: E8B04E7B5A7B48F2B41BCA2C191A0CC5 Ref B: AM3EDGE1014 Ref C: 2022-07-11T21:36:09Z
x-usersessionid: 0e55f921-a601-4252-823a-129e7394c2c8
date: Fri, 15 Jul 2022 00:24:59 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: 0e55f921-a601-4252-823a-129e7394c2c8
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2632 356 B
729 B 44ms
44ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&access_token=4wmcR3v5G6M%2DuDm5OK6d0FS6ujDpPQHvBjUCmPyMBM78brPE6Dy%2Doxu0V%2D5FboyIvY5oQui4O461lVldSOxuAd7MEUkhR1r4XmSYTKkelicvXh3StAIxyu9irgDf5n55Q%2Dxzi6YmXkP6FGX8YYkEiyHg&access_token_ttl=1659659098204&z=aNUI2NTA2RDc0OUNCOTAxMiExNzUuNQ&type=png&o15=1&ui=de-DE&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

3e3fb20451b1c42b1f6a93ec0f701c20626de5bcf5a0ca00aa3e31156e520c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF0000E7F6
X-UserSessionId: a9b89193-ae87-4dd2-8f06-79aebff5683c
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.41003
X-Key: ojL6aPRm4ysPJf7R2rSGb+e92/ksdV/JTQgL8VgBn+E=,637934414987612993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=J1Xqm5oHR0Csyxf5XD2P9w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF0000E7F6
x-officeversion: 16.0.15506.41003
x-officefe: DB5PEPF0000E7F6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 352
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 5d6ef00f-4e09-41b5-8234-881b19b53339, 5d6ef00f-4e09-41b5-8234-881b19b53339
x-officefd: DB5PEPF00008422
x-usersessionid: a9b89193-ae87-4dd2-8f06-79aebff5683c, a9b89193-ae87-4dd2-8f06-79aebff5683c
x-powered-by: ARR/3.0
date: Fri, 15 Jul 2022 00:24:59 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: CCA4665C79D64E8E881466CB81BB608F Ref B: AM3EDGE0713 Ref C: 2022-07-15T00:24:59Z
timing-allow-origin: *, *
expires: Sat, 15 Jul 2023 00:24:59 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/ Frame 2632 40 KB
7 KB 8ms
8ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ce0cb5e1645f246e4ce6f2f47a8b4793d4a72c8a0b7fb811081529010c53c0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"fea5f897f092d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15501.41003
x-officefe: DB5PEPF0000CE86
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 6020
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:31:44 GMT
x-officefd: DB5PEPF0000CE86
x-msedge-ref: Ref A: B61C345B858B4FEB9179473215D896B4 Ref B: AM3EDGE0217 Ref C: 2022-07-08T17:31:44Z
x-usersessionid: 0b7d834e-ee17-4519-8820-fb83ed4d8ead
date: Fri, 15 Jul 2022 00:24:59 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0b7d834e-ee17-4519-8820-fb83ed4d8ead
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wapsw.png
c1h-word-view-15.cdn.office.net/wv/s/161550641003_resources/1031/ Frame 2632 6 KB
6 KB 8ms
7ms Image
image/png 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_resources/1031/wapsw.png?b=1601550641003

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"b6d4e3236d95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15501.41003
x-officefe: DB5PEPF0000E800
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 5884
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Mon, 11 Jul 2022 21:28:19 GMT
x-officefd: DB5PEPF0000E800
x-msedge-ref: Ref A: EA8F9F568D0F416FB00EF6B3D0ADCD2C Ref B: AMS04EDGE2313 Ref C: 2022-07-11T21:28:19Z
x-usersessionid: b85a2f07-65c8-48ba-b553-75b440cdb2fc
date: Fri, 15 Jul 2022 00:24:59 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: b85a2f07-65c8-48ba-b553-75b440cdb2fc
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161550641003_resources/1031/ Frame 2632 34 KB
35 KB 9ms
8ms Image
image/png 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_resources/1031/wv.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"519c26cd6f95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15501.41003
x-officefe: AM4PEPF00006A09
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 21:47:22 GMT
x-officefd: AM4PEPF00006A09
x-msedge-ref: Ref A: 226A5B0CBB754C2AB600C5987B58423A Ref B: AMS04EDGE3420 Ref C: 2022-07-11T21:47:22Z
x-usersessionid: 4a830626-394c-4be2-9696-a40014fd3eb2
date: Fri, 15 Jul 2022 00:24:59 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 4a830626-394c-4be2-9696-a40014fd3eb2
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2632 0
310 B 165ms
164ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15506.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=J1Xqm5oHR0Csyxf5XD2P9w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: a9b89193-ae87-4dd2-8f06-79aebff5683c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":92,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/h47D8BF0D0CF68DD4_resources/1031/WordViewer.css","Type":"ResourceDownloadSuccess"},{"Index":2,"MsSinceStart":253,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: MW1PEPF0000A18C
x-officeversion: 16.0.15512.41018
x-officefe: MW1PEPF0000A18C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 289bd23d-971f-4d97-b3d4-51451c82a233
x-officecluster: PGTUS2
x-usersessionid: a9b89193-ae87-4dd2-8f06-79aebff5683c
date: Fri, 15 Jul 2022 00:24:59 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: DE238E197387448F80BF23F85FAAFF75 Ref B: AM3EDGE0713 Ref C: 2022-07-15T00:24:59Z

GET
BLOB 200
OK f767d070-f681-4c54-9d92-ba3530b9c347
https://word-view.officeapps.live.com/ Frame 2632 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/f767d070-f681-4c54-9d92-ba3530b9c347
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=J1Xqm5oHR0Csyxf5XD2P9w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

GET
H2

200

c.gif
c.live.com/
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=d75bffb5-52ea-4394-ab70-5c7c106617c9&reqid=00126dca5af&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F4BCA%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=d75bffb5-52ea-4394-ab70-5c7c106617c9&reqid=00126dca5af&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F4BCA%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=d75bffb5-52ea-4394-ab70-5c7c106617c9&reqid=00126dca5af&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F4BCA%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
255 B

27ms
27ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=d75bffb5-52ea-4394-ab70-5c7c106617c9&reqid=00126dca5af&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F4BCA%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D2409%26IR%3D1%26EX%3D0%26L.h%3D1612%26L.sjs%3D1947%26L.ttg%3D1612%26C.st%3D1657844696809%26N.domIn%3D1630%26N.dns%3D603%26N.tcp%3D354%26N.req%3D542%26N.resp%3D2%26N.navType%3D0%26N.redirectCount%3D0&r=0.33888476095846065&CtsSyncId=3E2341174979425FA5151757223B317B&MUID=03445DE2E42E618319FC4C00E02E65CA
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 00:24:59 GMT
last-modified: Sat, 02 Jul 2022 00:08:47 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8a177e6a78dd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 15 Jul 2022 00:24:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E428767ED027499284432DC46FC6D2F8 Ref B: FRA31EDGE0710 Ref C: 2022-07-15T00:24:59Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=d75bffb5-52ea-4394-ab70-5c7c106617c9&reqid=00126dca5af&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F4BCA%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D2409%26IR%3D1%26EX%3D0%26L.h%3D1612%26L.sjs%3D1947%26L.ttg%3D1612%26C.st%3D1657844696809%26N.domIn%3D1630%26N.dns%3D603%26N.tcp%3D354%26N.req%3D542%26N.resp%3D2%26N.navType%3D0%26N.redirectCount%3D0&r=0.33888476095846065&CtsSyncId=3E2341174979425FA5151757223B317B&MUID=03445DE2E42E618319FC4C00E02E65CA
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2632 0
365 B 107ms
107ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15506.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=J1Xqm5oHR0Csyxf5XD2P9w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: a9b89193-ae87-4dd2-8f06-79aebff5683c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":490,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BN3PEPF00003859
x-officeversion: 16.0.15506.41003
x-officefe: BN3PEPF00003859
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid: 040482d6-073d-430a-a8fb-3eb024736b2a
x-officecluster: PGTUS3
x-usersessionid: a9b89193-ae87-4dd2-8f06-79aebff5683c
date: Fri, 15 Jul 2022 00:24:59 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: D2522FDDED7F415C8B11CBD80BDE330A Ref B: AM3EDGE0713 Ref C: 2022-07-15T00:24:59Z

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/ Frame 2632 839 KB
138 KB 9ms
8ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

29df3518ecf71f4ec87e5073cfd8bcb97344c1dd967b02d80955160893b4dff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d6e9898f092d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15501.41003
x-officefe: DB5PEPF0000F304
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 140481
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:31:44 GMT
x-officefd: DB5PEPF0000F304
x-msedge-ref: Ref A: 247E344575FB487E9AC7B21A8F3D9E41 Ref B: AM3EDGE0213 Ref C: 2022-07-08T17:31:44Z
x-usersessionid: 0aeffee7-4631-4b1c-9f35-086f11c34301
date: Fri, 15 Jul 2022 00:24:59 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0aeffee7-4631-4b1c-9f35-086f11c34301
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedback_floodgate.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/ Frame 2632 555 KB
103 KB 8ms
8ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22c386600572ad129d05b4504a5d68101d568893a4ee5e05703b866206e1654b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"60107e48f192d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15501.41003
x-officefe: DB5PEPF000083DB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 104906
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:36:40 GMT
x-officefd: DB5PEPF000083DB
x-msedge-ref: Ref A: 2F4824D5388844D39F66E71A238357C7 Ref B: AM3EDGE0720 Ref C: 2022-07-08T17:36:40Z
x-usersessionid: ec2ce232-6b1f-481b-83f3-430a6185a5ae
date: Fri, 15 Jul 2022 00:24:59 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ec2ce232-6b1f-481b-83f3-430a6185a5ae
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2632 0
441 B 163ms
162ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15506.41003&waccluster=PIE1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DB5PEPF0000E7F6
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.41003
X-Key: ojL6aPRm4ysPJf7R2rSGb+e92/ksdV/JTQgL8VgBn+E=,637934414987612993
X-bULS-SuppressionETag: BBE31633166256F2DB6D26B380223167D7A2039D
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wmcR3v5G6M-uDm5OK6d0FS6ujDpPQHvBjUCmPyMBM78brPE6Dy-oxu0V-5FboyIvY5oQui4O461lVldSOxuAd7MEUkhR1r4XmSYTKkelicvXh3StAIxyu9irgDf5n55Q-xzi6YmXkP6FGX8YYkEiyHg
X-UserSessionId: a9b89193-ae87-4dd2-8f06-79aebff5683c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=J1Xqm5oHR0Csyxf5XD2P9w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1659659098204
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS2
x-officeversion: 16.0.15512.41018
x-officefe: MW1PEPF0000789E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: BBE31633166256F2DB6D26B380223167D7A2039D
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid: 2e0d6210-b833-4554-8c7c-1326b3b06720
x-officefd: MW1PEPF0000789E
x-usersessionid: a9b89193-ae87-4dd2-8f06-79aebff5683c
date: Fri, 15 Jul 2022 00:24:59 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: A1359839C0B349ECA1B63F9C7B3B5C6C Ref B: AM3EDGE0713 Ref C: 2022-07-15T00:24:59Z

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161550641003_resources/1031/ Frame 2632 695 B
1 KB 10ms
10ms Image
image/gif 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_resources/1031/progress.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"8050f5537095d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15501.41003
x-officefe: AM4PEPF00010AB7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 21:51:08 GMT
x-officefd: AM4PEPF00010AB7
x-msedge-ref: Ref A: B151EAAD8E414FE88494BF0432DD6695 Ref B: AM3EDGE0120 Ref C: 2022-07-11T21:51:08Z
x-usersessionid: bd930f76-e738-4496-9b16-54146054f4ed
date: Fri, 15 Jul 2022 00:24:59 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: bd930f76-e738-4496-9b16-54146054f4ed
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 2632 45 KB
46 KB 191ms
191ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=a9b89193-ae87-4dd2-8f06-79aebff5683c&build=16.0.15506.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&access_token=4wmcR3v5G6M-uDm5OK6d0FS6ujDpPQHvBjUCmPyMBM78brPE6Dy-oxu0V-5FboyIvY5oQui4O461lVldSOxuAd7MEUkhR1r4XmSYTKkelicvXh3StAIxyu9irgDf5n55Q-xzi6YmXkP6FGX8YYkEiyHg&access_token_ttl=1659659098445&z=aNUI2NTA2RDc0OUNCOTAxMiExNzUuNQ&waccluster=PIE1&PdfMode=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7e791675709a2cdd79245a502e95cc790a242272c1a55bb1850edc761802bae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=J1Xqm5oHR0Csyxf5XD2P9w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF0000C628
x-officeversion: 16.0.15506.41003
x-officefe: DB5PEPF0000C628
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 46113
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&access_token=4wmcR3v5G6M%2DuDm5OK6d0FS6ujDpPQHvBjUCmPyMBM78brPE6Dy%2Doxu0V%2D5FboyIvY5oQui4O461lVldSOxuAd7MEUkhR1r4XmSYTKkelicvXh3StAIxyu9irgDf5n55Q%2Dxzi6YmXkP6FGX8YYkEiyHg&access_token_ttl=1659659098445&z=aNUI2NTA2RDc0OUNCOTAxMiExNzUuNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid: 58051b0c-eaab-4fd7-90f9-f4fe5ca0fe65
x-officefd: DB5PEPF0000C628
x-usersessionid: a9b89193-ae87-4dd2-8f06-79aebff5683c
date: Fri, 15 Jul 2022 00:24:59 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 4691CBA13D8549538DAACB51623835B5 Ref B: AM3EDGE0713 Ref C: 2022-07-15T00:24:59Z
timing-allow-origin: *
expires: Sat, 15 Jul 2023 00:24:59 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2632 7 KB
3 KB 43ms
43ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=a9b89193-ae87-4dd2-8f06-79aebff5683c&build=16.0.15506.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&access_token=4wmcR3v5G6M%2DuDm5OK6d0FS6ujDpPQHvBjUCmPyMBM78brPE6Dy%2Doxu0V%2D5FboyIvY5oQui4O461lVldSOxuAd7MEUkhR1r4XmSYTKkelicvXh3StAIxyu9irgDf5n55Q%2Dxzi6YmXkP6FGX8YYkEiyHg&access_token_ttl=1659659098204&z=aNUI2NTA2RDc0OUNCOTAxMiExNzUuNQ&waccluster=PIE1&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

31090b46707c39a41526acadcd35cb1c645689ef803d48f11e1b5385fae06c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF0000E7F6
X-UserSessionId: a9b89193-ae87-4dd2-8f06-79aebff5683c
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.41003
X-Key: ojL6aPRm4ysPJf7R2rSGb+e92/ksdV/JTQgL8VgBn+E=,637934414987612993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=J1Xqm5oHR0Csyxf5XD2P9w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF0000E7F6
x-officeversion: 16.0.15506.41003
x-officefe: DB5PEPF0000E7F6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 2155
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&access_token=4wmcR3v5G6M%2DuDm5OK6d0FS6ujDpPQHvBjUCmPyMBM78brPE6Dy%2Doxu0V%2D5FboyIvY5oQui4O461lVldSOxuAd7MEUkhR1r4XmSYTKkelicvXh3StAIxyu9irgDf5n55Q%2Dxzi6YmXkP6FGX8YYkEiyHg&access_token_ttl=1659659098204&z=aNUI2NTA2RDc0OUNCOTAxMiExNzUuNQ00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: b675ce8b-856e-45c2-9904-55fc267a1ac6, b675ce8b-856e-45c2-9904-55fc267a1ac6
x-officefd: DB5PEPF0000C627
x-usersessionid: a9b89193-ae87-4dd2-8f06-79aebff5683c, a9b89193-ae87-4dd2-8f06-79aebff5683c
x-powered-by: ARR/3.0
date: Fri, 15 Jul 2022 00:24:59 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 43EF8014F0934348A8FC3C24BE09FC29 Ref B: AM3EDGE0713 Ref C: 2022-07-15T00:24:59Z
timing-allow-origin: *, *
expires: Sat, 15 Jul 2023 00:24:59 GMT

GET
H2 200 officebrowserfeedback.css
c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/ Frame 2632 18 KB
3 KB 8ms
8ms Stylesheet
text/css 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7f703fcf43b8a40a23eca3b9ae2d83f8cdb87e2e89164d575d86594fee60fe85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"1455154ef192d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15501.41003
x-officefe: AM4PEPF0001237B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2718
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 17:36:50 GMT
x-officefd: AM4PEPF0001237B
x-msedge-ref: Ref A: 9799157AED494996840E2C894E15319A Ref B: AMS04EDGE2609 Ref C: 2022-07-08T17:36:50Z
x-usersessionid: 782cff7a-a075-469d-aa0a-98bd110c01ef
date: Fri, 15 Jul 2022 00:24:59 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 782cff7a-a075-469d-aa0a-98bd110c01ef
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedbackstrings.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/Intl/de/ Frame 2632 2 KB
2 KB 9ms
9ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/Intl/de/officebrowserfeedbackstrings.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

519dc56ed053dbbb1df9327006ed3777c667f9c88ba36af49ae6e64fe6d4c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "1f46bca6b95d81:0"
x-officecluster: GEU3C
x-officeversion: 16.0.15506.41003
x-officefe: DU2PEPF0000921D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 1353
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Mon, 11 Jul 2022 21:18:39 GMT
x-officefd: DU2PEPF000114BE
x-msedge-ref: Ref A: 6B2F35C90D3E44CBB5DF833F91A1AD57 Ref B: AMS04EDGE2615 Ref C: 2022-07-11T23:50:53Z
x-usersessionid: 3c42156a-0f18-4e16-92ee-2883d38d4955
date: Fri, 15 Jul 2022 00:24:59 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 3c42156a-0f18-4e16-92ee-2883d38d4955
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 campaignmetadataaggregator Show response
messaging.engagement.office.com/ Frame 2632 107 B
441 B 44ms
43ms Fetch
text/plain 52.111.243.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://messaging.engagement.office.com/campaignmetadataaggregator?country=DE&locale=de-DE&app=2155&platform=Web&version=16.0.15506.41003&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPIE1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%3Bwordfloodgateflight15%3Bwordfloodgateflight3%3Bwordfloodgateflight4%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3Bwordfloodgateflight15%3Bwordfloodgateflight3%3Bwordfloodgateflight4%3B&ageGroup=0&sessionUserType=2

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.111.243.3 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

235935e5a4193a56a35bac70e03cefd0b90e25534209b4217147594f5d25da6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
x-correlationid: 3d802258-f8e5-4272-1e78-3ef1eb5bd76e
x-usersessionid: da1fef94-d460-407b-e85c-bab2d06087cb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 00:24:59 GMT
x-activitytraceid: 5406182f80a3f74f85b952b4afa0e5e1
x-correlationid: 5406182f-80a3-f74f-85b9-52b4afa0e5e1
server: Microsoft-HTTPAPI/2.0
x-servicefabricrequestid: 23dd2fda-28b1-4d36-906a-95f4b92e07c6
strict-transport-security: max-age=31536000
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-machine: OMEXNODES000002__omexexternal-prod-weu-000_2
x-buildversion: 22.4.10707.12235

OPTIONS
H2 204 campaignmetadataaggregator
messaging.engagement.office.com/ Frame 0
0 84ms
19ms Preflight 52.111.243.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.111.243.3 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Access-Control-Request-Method: GET
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: x-correlationid,x-usersessionid
access-control-allow-methods: GET
access-control-allow-origin: *
date: Fri, 15 Jul 2022 00:24:59 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-activitytraceid: 39e6c664311258cb9e44b715ef96fa86
x-buildversion: 22.4.10707.12235
x-correlationid: 39e6c664-3112-58cb-9e44-b715ef96fa86
x-machine: OMEXNODES000006__omexexternal-prod-weu-000_6
x-servicefabricrequestid: 935fe8e5-c047-43a3-9451-36b00f3ada30

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 2632 42 KB
16 KB 73ms
8ms Script
application/javascript 23.205.236.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 23.205.236.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-236-6.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 00:24:59 GMT
X-MSNServer: RD0003FF23F6D7
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=64509, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2632 0
198 B 98ms
98ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15506.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=J1Xqm5oHR0Csyxf5XD2P9w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: a9b89193-ae87-4dd2-8f06-79aebff5683c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":708,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BB0D
x-officeversion: 16.0.15512.41018
x-officefe: BL6PEPF0000BB0D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid: 5d9f3b54-a553-4ec8-b169-0093d42a10fe
x-officecluster: PGTUS4
x-usersessionid: a9b89193-ae87-4dd2-8f06-79aebff5683c
date: Fri, 15 Jul 2022 00:24:59 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 4D5A4ABF54E2484D9977425594EA4206 Ref B: AM3EDGE0713 Ref C: 2022-07-15T00:24:59Z

GET
H2 200 otelFull.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/ Frame 2632 99 KB
29 KB 8ms
8ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/otelFull.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hDAA57B7921EF47F4_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"5a807398f092d81:0"
x-officecluster: GEU3C
x-officeversion: 16.0.15501.41003
x-officefe: DU2PEPF00009239
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 28874
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Fri, 08 Jul 2022 17:31:45 GMT
x-officefd: DU2PEPF0000920E
x-msedge-ref: Ref A: 16D962B2621647D49C32DDDC97C0A12C Ref B: AM3EDGE0217 Ref C: 2022-07-08T17:31:45Z
x-usersessionid: 69fe0503-30d8-473a-b4fa-c21de2ada32e
date: Fri, 15 Jul 2022 00:24:59 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 69fe0503-30d8-473a-b4fa-c21de2ada32e
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 2632 4 B
378 B 710ms
160ms XHR
application/json 20.189.173.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/ping

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/otelFull.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.5 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 15 Jul 2022 00:24:59 GMT
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 translation.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2632 2 KB
2 KB 47ms
47ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&access_token=4wmcR3v5G6M%2DuDm5OK6d0FS6ujDpPQHvBjUCmPyMBM78brPE6Dy%2Doxu0V%2D5FboyIvY5oQui4O461lVldSOxuAd7MEUkhR1r4XmSYTKkelicvXh3StAIxyu9irgDf5n55Q%2Dxzi6YmXkP6FGX8YYkEiyHg&access_token_ttl=1659659098204&z=aNUI2NTA2RDc0OUNCOTAxMiExNzUuNQ&uilang=de-DE

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

922201786205da9c51ac0752e274be6614d995d39e92d18908babf44c74517c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF0000E7F6
X-UserSessionId: a9b89193-ae87-4dd2-8f06-79aebff5683c
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.41003
X-Key: ojL6aPRm4ysPJf7R2rSGb+e92/ksdV/JTQgL8VgBn+E=,637934414987612993
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=J1Xqm5oHR0Csyxf5XD2P9w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF0000E7F6
x-officeversion: 16.0.15506.41003
x-officefe: DB5PEPF0000E7F6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 1455
pragma: no-cache
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: decb41e9-d383-4253-a33c-f88768290195, decb41e9-d383-4253-a33c-f88768290195
x-officefd: DB5PEPF0000F307
x-usersessionid: a9b89193-ae87-4dd2-8f06-79aebff5683c, a9b89193-ae87-4dd2-8f06-79aebff5683c
x-powered-by: ARR/3.0
date: Fri, 15 Jul 2022 00:25:00 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: D3C34F41ECA34F83B134F1250AA99949 Ref B: AM3EDGE0713 Ref C: 2022-07-15T00:25:00Z
timing-allow-origin: *, *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2632 0
400 B 139ms
138ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15506.41003&waccluster=PIE1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DB5PEPF0000E7F6
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.41003
X-Key: ojL6aPRm4ysPJf7R2rSGb+e92/ksdV/JTQgL8VgBn+E=,637934414987612993
X-bULS-SuppressionETag: BBE31633166256F2DB6D26B380223167D7A2039D
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wmcR3v5G6M-uDm5OK6d0FS6ujDpPQHvBjUCmPyMBM78brPE6Dy-oxu0V-5FboyIvY5oQui4O461lVldSOxuAd7MEUkhR1r4XmSYTKkelicvXh3StAIxyu9irgDf5n55Q-xzi6YmXkP6FGX8YYkEiyHg
X-UserSessionId: a9b89193-ae87-4dd2-8f06-79aebff5683c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=J1Xqm5oHR0Csyxf5XD2P9w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F5B6506D749CB9012%21175&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1659659098204
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS5
x-officeversion: 16.0.15506.41003
x-officefe: SN3PEPF0000C0ED
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: BBE31633166256F2DB6D26B380223167D7A2039D
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid: 862479cd-6c41-4cf4-8476-9bdc13137c51
x-officefd: SN3PEPF0000C0ED
x-usersessionid: a9b89193-ae87-4dd2-8f06-79aebff5683c
date: Fri, 15 Jul 2022 00:25:01 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 931AD9B57A7A46CBB3AB7AC69F7748EE Ref B: AM3EDGE0713 Ref C: 2022-07-15T00:25:01Z

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 2632 0
442 B 563ms
275ms XHR
application/json 20.42.65.85
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.42.65.85 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 15 Jul 2022 00:25:01 GMT
time-delta-millis: 331
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 2632 24 B
475 B 645ms
162ms XHR
application/json 20.189.173.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1657844701642&time-delta-to-apply-millis=use-collector-delta&w=2

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161550641003_App_Scripts/otelFull.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.5 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 15 Jul 2022 00:25:01 GMT
time-delta-millis: 556
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.live.com/	1969-12-31 23:59:59	Name: E Value: P:r3LFcvhl2og=:+xMDiSUjuVkSUf5IhN8M9Mfw8/H+fQmm6mOAMSF8xH4=:F
.live.com/	1969-12-31 23:59:59	Name: xid Value: d75bffb5-52ea-4394-ab70-5c7c106617c9&&RD00155D6F4BCA&239
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 1
.live.com/	1970-01-20 04:40:49	Name: wla42 Value:
word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
.live.com/	1969-12-31 23:59:59	Name: BP Value: l=SDX.Skydrive&FR=&ST=
.live.com/	1970-01-20 13:52:20	Name: MUID Value: 03445DE2E42E618319FC4C00E02E65CA
.bing.com/	1970-01-20 13:52:20	Name: MUID Value: 03445DE2E42E618319FC4C00E02E65CA
.c.bing.com/	1970-01-20 13:52:20	Name: SRM_B Value: 03445DE2E42E618319FC4C00E02E65CA
.c.bing.com/	1970-01-20 13:52:20	Name: SRM_L Value: 03445DE2E42E618319FC4C00E02E65CA
.c.live.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.live.com/	1970-01-20 04:30:45	Name: ANONCHK Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.live.com
c1h-word-view-15.cdn.office.net
js.live.net
messaging.engagement.office.com
onedrive.live.com
spoprod-a.akamaihd.net
word-view.officeapps.live.com
13.107.42.13
20.189.173.5
20.234.93.27
20.42.65.85
23.205.236.6
2620:1ec:a92::171
2620:1ec:c11::200
2a02:26f0:480:28e::1c24
52.111.243.3
92.123.195.68
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
154c1971e732adf479fb2bd21fd208035f3b58ddb35c10dee2337088c2157591
1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29
22c386600572ad129d05b4504a5d68101d568893a4ee5e05703b866206e1654b
235935e5a4193a56a35bac70e03cefd0b90e25534209b4217147594f5d25da6f
29df3518ecf71f4ec87e5073cfd8bcb97344c1dd967b02d80955160893b4dff6
2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48
31090b46707c39a41526acadcd35cb1c645689ef803d48f11e1b5385fae06c6d
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
3e3fb20451b1c42b1f6a93ec0f701c20626de5bcf5a0ca00aa3e31156e520c9e
47d8bf0d0cf68dd4d25a1a370bc2983e384d5e6d5f079b035ca2b76f071df3a9
487251f964c6209c3f8b29340d1071f76b51f6d7d14029d6fd4b8310b2b0b35d
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
502f8df8cc9f13132349999d4b8273840e51127a709e3661f2a01e3627c15e72
519dc56ed053dbbb1df9327006ed3777c667f9c88ba36af49ae6e64fe6d4c67e
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
7d7fa7fb90d87e699218623828dc3fc14eca17ea1b4f771b84acb4e4ea3ec222
7e791675709a2cdd79245a502e95cc790a242272c1a55bb1850edc761802bae5
7f703fcf43b8a40a23eca3b9ae2d83f8cdb87e2e89164d575d86594fee60fe85
922201786205da9c51ac0752e274be6614d995d39e92d18908babf44c74517c0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
b9187e90483583ec7b7a5104979c0267c2b9e3f424609cdda257453a39154cf7
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
ce0cb5e1645f246e4ce6f2f47a8b4793d4a72c8a0b7fb811081529010c53c0d2
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
daa57b7921ef47f44827a443d6ef6ed92897f33e34bc87e022819faa99aea948
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6fa8aae79427b990f726835bd3421a98ba3a86f722f53005a47dda8c3bd4a49

onedrive.live.com Open in urlscan Pro 13.107.42.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

46 Requests

96 %HTTPS

30 %IPv6

7 Domains

10 Subdomains

10 IPs

4 Countries

1568 kBTransfer

6875 kBSize

12 Cookies

0 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

96 %
HTTPS

30 %
IPv6

7
Domains

10
Subdomains

10
IPs

4
Countries

1568 kB
Transfer

6875 kB
Size

12
Cookies

46 HTTP transactions
0 data transactions