onedrive.live.com Open in urlscan Pro
13.107.43.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk
Submission Tags: falconsandbox
Submission: On July 12 via api (July 12th 2022, 7:04:41 pm UTC) from US — Scanned from DE

Summary HTTP 124 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 11 domains to perform 124 HTTP transactions. The main IP is 13.107.43.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com. The Cisco Umbrella rank of the primary domain is 3499.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on February 1st 2022. Valid for: a year.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	13.107.43.13 13.107.43.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2.19.126.158 2.19.126.158	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.81.118.91 13.81.118.91	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
15	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
70	2a02:26f0:350... 2a02:26f0:3500:588::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.18.232.120 2.18.232.120	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.92.84.173 104.92.84.173	16625 (AKAMAI-AS) (AKAMAI-AS)
2	20.223.144.60 20.223.144.60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:480... 2a02:26f0:480:290::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	13.78.111.198 13.78.111.198	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:40::45 2620:1ec:40::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1 1	40.90.128.21 40.90.128.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.126.32.133 40.126.32.133	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.111.237.183 104.111.237.183	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.111.236.5 52.111.236.5	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:480... 2a02:26f0:480:294::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	20.42.72.131 20.42.72.131	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
124	19

4 13.107.43.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.19.126.158 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-158.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.81.118.91 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.sfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

excel.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
shared.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 2a02:26f0:3500:588::1c24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1h-excel-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-120.deploy.static.akamaitechnologies.com

fs.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.84.173 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-84-173.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.223.144.60 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mrodevicemgr.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:290::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

shell.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.78.111.198 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:40::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

amcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

spoppe-b.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.90.128.21 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

storage.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.32.133 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.237.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-183.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.111.236.5 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

messaging.engagement.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:294::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1-shared-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.42.72.131 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	office.net c1h-excel-15.cdn.office.net — Cisco Umbrella Rank: 2743 shell.cdn.office.net — Cisco Umbrella Rank: 1047 c1-shared-15.cdn.office.net — Cisco Umbrella Rank: 5232	4 MB
25	live.com 2 redirects onedrive.live.com — Cisco Umbrella Rank: 3499 excel.officeapps.live.com — Cisco Umbrella Rank: 4715 mrodevicemgr.officeapps.live.com — Cisco Umbrella Rank: 571 c.live.com — Cisco Umbrella Rank: 9273 storage.live.com — Cisco Umbrella Rank: 145 login.live.com — Cisco Umbrella Rank: 77 shared.officeapps.live.com — Cisco Umbrella Rank: 3091	204 KB
10	akamaihd.net spoprod-a.akamaihd.net — Cisco Umbrella Rank: 7411	344 KB
8	microsoft.com fs.microsoft.com — Cisco Umbrella Rank: 1065 browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 131 browser.events.data.microsoft.com — Cisco Umbrella Rank: 256	1 MB
3	sfx.ms p.sfx.ms — Cisco Umbrella Rank: 18853	12 KB
2	office.com messaging.engagement.office.com — Cisco Umbrella Rank: 647	450 B
2	sharepointonline.com static2.sharepointonline.com — Cisco Umbrella Rank: 2794	68 KB
1	live.net js.live.net — Cisco Umbrella Rank: 13555	16 KB
1	azureedge.net spoppe-b.azureedge.net — Cisco Umbrella Rank: 2880	7 KB
1	msftauth.net amcdn.msftauth.net — Cisco Umbrella Rank: 1324	10 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 235	1 KB
124	11

	Domain	Requested by
70	c1h-excel-15.cdn.office.net	excel.officeapps.live.com c1h-excel-15.cdn.office.net
14	excel.officeapps.live.com	onedrive.live.com c1h-excel-15.cdn.office.net c1-shared-15.cdn.office.net
10	spoprod-a.akamaihd.net	onedrive.live.com spoprod-a.akamaihd.net
4	onedrive.live.com	onedrive.live.com
3	browser.events.data.microsoft.com	c1h-excel-15.cdn.office.net
3	browser.pipe.aria.microsoft.com	p.sfx.ms c1h-excel-15.cdn.office.net
3	p.sfx.ms	onedrive.live.com spoprod-a.akamaihd.net
2	messaging.engagement.office.com	c1h-excel-15.cdn.office.net
2	c.live.com	1 redirects
2	mrodevicemgr.officeapps.live.com	c1h-excel-15.cdn.office.net
2	static2.sharepointonline.com	excel.officeapps.live.com
2	fs.microsoft.com	excel.officeapps.live.com
1	c1-shared-15.cdn.office.net	shared.officeapps.live.com
1	js.live.net	c1h-excel-15.cdn.office.net
1	shared.officeapps.live.com	c1h-excel-15.cdn.office.net
1	login.live.com
1	storage.live.com	1 redirects
1	spoppe-b.azureedge.net
1	amcdn.msftauth.net	c1h-excel-15.cdn.office.net
1	c.bing.com	1 redirects
1	shell.cdn.office.net	c1h-excel-15.cdn.office.net
124	21

This site contains links to these domains. Also see Links.

Domain
profile.live.com

Subject Issuer	Validity	Valid
onedrive.com Microsoft RSA TLS CA 02	`2022-02-01` - `2023-02-01`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2022-04-19` - `2023-04-18`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
officecdn.microsoft.com Microsoft RSA TLS CA 02	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.sharepointonline.com Microsoft RSA TLS CA 01	`2022-04-26` - `2023-04-26`	a year	crt.sh
mrodevicemgr.officeapps.live.com DigiCert Cloud Services CA-1	`2022-05-19` - `2023-05-19`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2022-05-21` - `2023-05-16`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 02	`2022-05-11` - `2023-05-06`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2021-09-29` - `2022-09-29`	a year	crt.sh
messaging.engagement.office.com DigiCert Cloud Services CA-1	`2022-03-14` - `2023-03-13`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk
Frame ID: D9ECAE55FEBA9E6C7F75670AD62AC041
Requests: 19 HTTP requests in this frame

Frame: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
Frame ID: 11B27C5F982425F6F933C88D4094FF76
Requests: 103 HTTP requests in this frame

Frame: https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6&corrid=ef211675-ca51-4523-808d-65e83a623f48&NoAuth=true
Frame ID: D2CCB2F1979511CFA0EA9265D5309022
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Надходження та витрати 2021.xlsx - Microsoft Excel Online

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Hammer.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

hammer(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

124
Requests

98 %
HTTPS

35 %
IPv6

11
Domains

21
Subdomains

19
IPs

5
Countries

6432 kB
Transfer

26878 kB
Size

27
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://profile.live.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://c.live.com/c.gif?DI=15347&wlxid=4f3ceee5-12c2-44b6-8278-a56be88b47b6&reqid=0011931a4ee&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF119640%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.excel%26PLT%3D5086%26IR%3D1%26EX%3D0%26L.h%3D2376%26L.bc%3D2508%26L.ac%3D2528%26L.f%3D2532%26L.sjs%3D4987%26L.ttg%3D4212%26C.st%3D1657652670900%26N.jsPlt%3D4091%26N.domIn%3D2534%26N.dns%3D25%26N.tcp%3D39%26N.req%3D2247%26N.resp%3D21%26N.navType%3D0%26N.redirectCount%3D0&r=0.8720377755607158 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=4f3ceee5-12c2-44b6-8278-a56be88b47b6&reqid=0011931a4ee&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF119640%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.excel%26PLT%3D5086%26IR%3D1%26EX%3D0%26L.h%3D2376%26L.bc%3D2508%26L.ac%3D2528%26L.f%3D2532%26L.sjs%3D4987%26L.ttg%3D4212%26C.st%3D1657652670900%26N.jsPlt%3D4091%26N.domIn%3D2534%26N.dns%3D25%26N.tcp%3D39%26N.req%3D2247%26N.resp%3D21%26N.navType%3D0%26N.redirectCount%3D0&r=0.8720377755607158&CtsSyncId=92242C34E2FB4096AD37F694EADFFFEB&RedC=c.live.com&MXFR=1DC415C7471C6DDB36320418431C695A HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=4f3ceee5-12c2-44b6-8278-a56be88b47b6&reqid=0011931a4ee&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF119640%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.excel%26PLT%3D5086%26IR%3D1%26EX%3D0%26L.h%3D2376%26L.bc%3D2508%26L.ac%3D2528%26L.f%3D2532%26L.sjs%3D4987%26L.ttg%3D4212%26C.st%3D1657652670900%26N.jsPlt%3D4091%26N.domIn%3D2534%26N.dns%3D25%26N.tcp%3D39%26N.req%3D2247%26N.resp%3D21%26N.navType%3D0%26N.redirectCount%3D0&r=0.8720377755607158&CtsSyncId=92242C34E2FB4096AD37F694EADFFFEB&MUID=1DC415C7471C6DDB36320418431C695A

Request Chain 108

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1657652676726 HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1657652676&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

124 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request view.aspx Show response
onedrive.live.com/ 105 KB
34 KB 2291ms
2226ms Document
text/html 13.107.43.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.43.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6e0816f56cbe59001ee230b43c0d9598903419eda30139e1dd70b29bd901215b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 12 Jul 2022 19:04:32 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-msedge-ref: Ref A: 7A6FB61ED9334EBDB28A56D9C3602353 Ref B: VIEEDGE1912 Ref C: 2022-07-12T19:04:30Z
x-msnserver: RD0003FF119640
x-odwebserver: centralus1-odwebpl

GET
H2 200 maincss-3d633429.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002// 136 KB
26 KB 40ms
8ms Stylesheet
text/css 2.19.126.158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002//maincss-3d633429.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.19.126.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-158.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 19:04:33 GMT
content-encoding: gzip
content-md5: PWM0KdjmKRxU/0cF4Kv/Uw==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 25623
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:44:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA03009E55BE1C
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 9b4f526d-601e-0091-4786-86e39f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29580692
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002// 85 KB
16 KB 40ms
7ms Stylesheet
text/css 2.19.126.158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.19.126.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-158.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 19:04:33 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:52 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA0300990040FA
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 239c42a0-201e-004b-0f07-897a7e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29856012
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-7859787f.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002// 169 KB
30 KB 41ms
9ms Stylesheet
text/css 2.19.126.158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002//filescss2-7859787f.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.19.126.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-158.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 19:04:33 GMT
content-encoding: gzip
content-md5: eFl4f1R1WfMJocO6wVsUhA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 30612
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:53 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA030099A235A0
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: cc446b53-901e-002c-0486-866a82000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29580672
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 106 KB
29 KB 174ms
174ms Script
text/javascript 13.107.43.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=de-DE&group=Office&v=19.773.0927.2003&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.43.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d661acb8b10c2f2a2c11a22f7e95bdf3928f4fab33262197ca6c3791b4aa755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-msnserver: RD0003FF11E5EE
x-content-type-options: nosniff
x-msedge-ref: Ref A: 211D68C262704630BA270F140153935E Ref B: VIEEDGE1912 Ref C: 2022-07-12T19:04:33Z
x-odwebserver: centralus1-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
date: Tue, 12 Jul 2022 19:04:32 GMT
content-encoding: gzip
expires: Wed, 12 Jul 2023 19:04:33 GMT

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 4 KB
2 KB 162ms
161ms Script
text/javascript 13.107.43.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=de-DE&group=GroupFolders&v=19.773.0927.2003&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.43.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

42df7b44c464a201670e93455e2d9536d97d6adcae0ed4ba5d8125e83945dc89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-msnserver: RD0003FF119640
x-content-type-options: nosniff
x-msedge-ref: Ref A: 8DDFC58925954CDF93F313151CCA07DF Ref B: VIEEDGE1912 Ref C: 2022-07-12T19:04:33Z
x-odwebserver: centralus1-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
date: Tue, 12 Jul 2022 19:04:32 GMT
content-encoding: gzip
expires: Wed, 12 Jul 2023 19:04:33 GMT

GET
H2 200 aria-2.5.0.min.js Show response
p.sfx.ms//storage/ 45 KB
12 KB 71ms
16ms Script
application/javascript 13.81.118.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.sfx.ms//storage/aria-2.5.0.min.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.81.118.91 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 19:04:32 GMT
content-encoding: gzip
last-modified: Mon, 13 Jun 2022 19:51:16 GMT
server: Microsoft-IIS/10.0
etag: "09255f15e7fd81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
x-odwebserver: westeurope0-odwebp
accept-ranges: bytes
x-msnserver: RD0003FF1D945A
content-length: 12195

GET
H2 200 invis.gif
p.sfx.ms/is/ 43 B
130 B 15ms
14ms Image
image/gif 13.81.118.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.81.118.91 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 19:04:32 GMT
x-msnserver: RD0003FF1D945A
last-modified: Mon, 13 Jun 2022 19:50:52 GMT
server: Microsoft-IIS/10.0
etag: "0767e35e7fd81:0"
content-type: image/gif
cache-control: public,max-age=86400
x-odwebserver: westeurope0-odwebp
accept-ranges: bytes
content-length: 43

POST
H2 200 xlviewerinternal.aspx Show response
excel.officeapps.live.com/x/_layouts/ Frame 11B2 591 KB
106 KB 131ms
53ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b7b748d677327d686d437bda65982bc43c1a94f94756701957c8f184e5c5d01a

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1-excel-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-excel-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-excel-15.cdn.office.net c1-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' https:; child-src blob: * ms-excel: https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /x/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: font-src data: c1-excel-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-excel-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-excel-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' https:; child-src blob: * ms-excel: https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /x/reportcsp.ashx
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Jul 2022 19:04:33 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
reporting-endpoints: default="https://excel.officeapps.live.com/x/_layouts/BrowserReportingHandler.ashx"
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 983CD8B917D0453184453E8211455744 Ref B: AMS04EDGE3118 Ref C: 2022-07-12T19:04:33Z
x-officecluster: PNL1
x-officefd: AM4PEPF0000689F
x-officefe: AM4PEPF00006912
x-officeversion: 16.0.15506.37953
x-usersessionid: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6

GET
H2 200 EwrDefault.css
c1h-excel-15.cdn.office.net/x/s/hFFE579A37A263D4B__layouts/Resources/1031/ Frame 11B2 131 KB
20 KB 35ms
8ms Stylesheet
text/css 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hFFE579A37A263D4B__layouts/Resources/1031/EwrDefault.css

Requested by

Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ffe579a37a263d4bea4914242a045fd253b0ebec19c581d0773799899759b285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "f6db3f33838cd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15425.35901
x-officefe: AM4PEPF000068F0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 19599
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 30 Jun 2022 13:13:33 GMT
x-officefd: AM4PEPF000068A7
x-msedge-ref: Ref A: 3EE6193E4C214180BE2E7190A64866F2 Ref B: AMS04EDGE2606 Ref C: 2022-07-03T02:36:51Z
x-usersessionid: e459fb4a-3e2d-4ced-80a4-1fa503f6374b
date: Tue, 12 Jul 2022 19:04:33 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: e459fb4a-3e2d-4ced-80a4-1fa503f6374b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelframe.css
c1h-excel-15.cdn.office.net/x/s/hF2D0D726A5A1166E__layouts/Resources/1031/ Frame 11B2 61 KB
10 KB 39ms
12ms Stylesheet
text/css 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF2D0D726A5A1166E__layouts/Resources/1031/excelframe.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f2d0d726a5a1166eefcfb9c85ec2df5a7049f57c1fccd8f78bd274565da6cd7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "73d8c67728cd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15425.35901
x-officefe: AM4PEPF0000692F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 9915
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 30 Jun 2022 11:13:19 GMT
x-officefd: AM4PEPF000068B7
x-msedge-ref: Ref A: C1E68C1568A9497585C0C351FD4951C9 Ref B: AMS04EDGE2315 Ref C: 2022-07-03T02:36:51Z
x-usersessionid: df5b03d1-54f3-4d05-b6bb-890c6db8469d
date: Tue, 12 Jul 2022 19:04:33 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: df5b03d1-54f3-4d05-b6bb-890c6db8469d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-excel-15.cdn.office.net/x/s/h793E4EF4951E7E51__layouts/App_Scripts/ Frame 11B2 106 KB
24 KB 41ms
15ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h793E4EF4951E7E51__layouts/App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

793e4ef4951e7e51858eb21509bad1c5612ac636255129a4d9e5d5b3eebc85b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "85e2a781a92d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF00006925
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23675
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 07 Jul 2022 15:55:51 GMT
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: 386D2250993C4348B92F70F89BE67797 Ref B: AM3EDGE0114 Ref C: 2022-07-10T09:53:43Z
x-usersessionid: df751f08-290a-4a51-ac02-3b1ba278d0ed
date: Tue, 12 Jul 2022 19:04:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: df751f08-290a-4a51-ac02-3b1ba278d0ed
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.js Show response
c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/ Frame 11B2 3 MB
745 KB 44ms
18ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1a8a4f82322c80e6560af529382644945c413a69c930a38776cd3e02c915391f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"19119d8c7392d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF000068DD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 760178
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 02:36:38 GMT
x-officefd: AM4PEPF00018352
x-msedge-ref: Ref A: 600E69CEFD6A4B9995EABA25C8412D17 Ref B: AM3EDGE1009 Ref C: 2022-07-08T02:36:38Z
x-usersessionid: 772ce5db-2a26-4391-9d5d-b483d717bd3a
date: Tue, 12 Jul 2022 19:04:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 772ce5db-2a26-4391-9d5d-b483d717bd3a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.Strings.Wac.js Show response
c1h-excel-15.cdn.office.net/x/s/hFE21394A9EC524EE__layouts/App_Scripts/1031/ Frame 11B2 112 KB
28 KB 49ms
23ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hFE21394A9EC524EE__layouts/App_Scripts/1031/Ewa.Strings.Wac.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fe21394a9ec524ee555a774cca14affd1f35e275bab63ec688e6ccfe70215323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"53d7b88a7b90d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15425.35901
x-officefe: AM4PEPF000068F5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27840
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 05 Jul 2022 14:28:49 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: BBA036AC661B4ECCBC26825CCAA89982 Ref B: AM3EDGE0916 Ref C: 2022-07-05T14:28:48Z
x-usersessionid: 6c874f58-d360-46a8-bbf1-434787eb128c
date: Tue, 12 Jul 2022 19:04:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 6c874f58-d360-46a8-bbf1-434787eb128c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gridRenderer.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h053A7E3EDCECF170__layouts/App_Scripts/ Frame 11B2 609 KB
118 KB 49ms
24ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h053A7E3EDCECF170__layouts/App_Scripts/gridRenderer.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

053a7e3edcecf17039ad0ede862f003daf5ce09de799712b2c943c7fedacdd92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"cf1541776894d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF000114C0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 119858
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Sun, 10 Jul 2022 14:22:20 GMT
x-officefd: AM4PEPF0000689D
x-msedge-ref: Ref A: D5019FA87FFA43A491A7E5E3C775D48C Ref B: AMS04EDGE2617 Ref C: 2022-07-10T14:22:20Z
x-usersessionid: f0dbd629-984e-4e79-9009-c1d10412c761
date: Tue, 12 Jul 2022 19:04:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f0dbd629-984e-4e79-9009-c1d10412c761
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clientManifest.js Show response
c1h-excel-15.cdn.office.net/x/s/h80A1EF69845C59C7__layouts/Resources/de-DE/ Frame 11B2 115 KB
40 KB 50ms
24ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h80A1EF69845C59C7__layouts/Resources/de-DE/clientManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

80a1ef69845c59c705982f42b538c273ac1aa8e9061ffffb317822d8df085cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d873ba12995d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF000114B9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 40685
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 13:25:03 GMT
x-officefd: AM4PEPF000068B7
x-msedge-ref: Ref A: 2F51AA87811B4904BC46D35D16E33056 Ref B: AMS04EDGE2308 Ref C: 2022-07-11T13:25:03Z
x-usersessionid: c9f9da5a-ab09-49cb-875c-b6c71db446d7
date: Tue, 12 Jul 2022 19:04:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: c9f9da5a-ab09-49cb-875c-b6c71db446d7
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 richTextEditor.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hAFD6E7BDC576FFFB__layouts/App_Scripts/ Frame 11B2 304 KB
61 KB 17ms
16ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hAFD6E7BDC576FFFB__layouts/App_Scripts/richTextEditor.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

afd6e7bdc576fffb7796f8f1eb498bd0c1d42711628ec9d3f54072db8aa413ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e69e8e31b95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF000114BF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 61205
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:47:11 GMT
x-officefd: AM4PEPF0000689E
x-msedge-ref: Ref A: C3BBCE71FB4C4CCC97542CF33FAA8471 Ref B: AM3EDGE0411 Ref C: 2022-07-11T09:47:11Z
x-usersessionid: 7239e2a9-c998-4692-a238-ef3d3ce3b9b4
date: Tue, 12 Jul 2022 19:04:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 7239e2a9-c998-4692-a238-ef3d3ce3b9b4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.bootCommon.js Show response
c1h-excel-15.cdn.office.net/x/s/h864BFA99D701F78C__layouts/App_Scripts/ Frame 11B2 246 KB
58 KB 17ms
17ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h864BFA99D701F78C__layouts/App_Scripts/EwaDS.bootCommon.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

864bfa99d701f78c707fa3c31f89a895030287e1d6cea09c07a4cb31e431967b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d05f9d8c7392d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF0000693E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 58976
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 08 Jul 2022 02:36:38 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: 03E2DC68A8234E589A6482AE78ADCC3C Ref B: AM3EDGE0520 Ref C: 2022-07-08T02:36:38Z
x-usersessionid: 9d34d355-5e32-4698-bf05-41f703f6f87e
date: Tue, 12 Jul 2022 19:04:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 9d34d355-5e32-4698-bf05-41f703f6f87e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.CommonIntl.js Show response
c1h-excel-15.cdn.office.net/x/s/h91D320FB9FAC8B64__layouts/App_Scripts/1031/ Frame 11B2 157 KB
33 KB 19ms
18ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h91D320FB9FAC8B64__layouts/App_Scripts/1031/EwaDS.CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

19880a7b40f066871ab3ad213b0be380864eb1529aba6a100951a6c895730c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"793630a52995d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF0000D658
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 32883
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 13:25:10 GMT
x-officefd: DB5PEPF00006494
x-usersessionid: b671fc77-1721-4dfe-b043-7dd02e4bfc3c
date: Tue, 12 Jul 2022 19:04:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b671fc77-1721-4dfe-b043-7dd02e4bfc3c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 runtime.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h5B6749B2DB5CC1EE__layouts/App_Scripts/ Frame 11B2 30 KB
8 KB 19ms
19ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h5B6749B2DB5CC1EE__layouts/App_Scripts/runtime.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

5b6749b2db5cc1eea3737e44cbd9da4b6d2ad1e96d24e23b82cfa66ff89f5de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"8940b231b95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF0000D658
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 7996
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:11 GMT
x-officefd: DB5PEPF000082C6
x-usersessionid: f6c56771-cbb1-4058-a57e-cbdda187a677
date: Tue, 12 Jul 2022 19:04:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f6c56771-cbb1-4058-a57e-cbdda187a677
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChrome.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hBE3E834DCAE0A9CE__layouts/App_Scripts/ Frame 11B2 182 KB
39 KB 21ms
20ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hBE3E834DCAE0A9CE__layouts/App_Scripts/appChrome.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

be3e834dcae0a9ce13ad3021a5a20b75e7397aa6ecc8534fc4eb63c1f781e935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f527b931b95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF0000831C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 39191
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:11 GMT
x-officefd: DB5PEPF000082B6
x-usersessionid: 058f0ccb-0aee-4a05-bc83-6a1cfb98d35a
date: Tue, 12 Jul 2022 19:04:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 058f0ccb-0aee-4a05-bc83-6a1cfb98d35a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h2374065396ECF019__layouts/App_Scripts/ Frame 11B2 2 MB
351 KB 21ms
21ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2374065396ECF019__layouts/App_Scripts/common.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2374065396ecf01906c8fd65a044c0d98150d595cc915bbdb492b500a69043e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"533e531b95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF00006918
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 357641
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:47:12 GMT
x-officefd: AM4PEPF000068A6
x-msedge-ref: Ref A: 239D2BD4EFD841008EAFDD7E5A40C5E6 Ref B: AMS04EDGE3318 Ref C: 2022-07-11T09:47:12Z
x-usersessionid: 11ca8eac-61e0-4a72-afef-ea736bd861fa
date: Tue, 12 Jul 2022 19:04:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 11ca8eac-61e0-4a72-afef-ea736bd861fa
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-app-intl.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hE9008CBF03695844__layouts/App_Scripts/1031/ Frame 11B2 459 KB
72 KB 24ms
23ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE9008CBF03695844__layouts/App_Scripts/1031/excel-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e9008cbf0369584404fbc8f9f360a395d776cf9edf3f520fc3d24a1a21a8e53f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f8ed33a52995d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF00008311
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 73538
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 13:25:10 GMT
x-officefd: DB5PEPF000082C6
x-usersessionid: f1b0c597-df62-4b4e-a00f-96fd6d927027
date: Tue, 12 Jul 2022 19:04:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f1b0c597-df62-4b4e-a00f-96fd6d927027
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-app-mlr-sprite.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h8C1809FE4E0EB76E__layouts/App_Scripts/1031/ Frame 11B2 77 KB
13 KB 24ms
24ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h8C1809FE4E0EB76E__layouts/App_Scripts/1031/excel-app-mlr-sprite.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8c1809fe4e0eb76e610f7f6e8167a4bc854dcb7c151da33632f1916a572c83d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"817454276b8cd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15423.31877
x-officefe: AM4PEPF000068DD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 12550
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 30 Jun 2022 10:21:25 GMT
x-officefd: AM4PEPF000068BF
x-msedge-ref: Ref A: DEF219FDC22D438EAC9B65F66641A96A Ref B: AMS04EDGE2719 Ref C: 2022-06-30T10:21:25Z
x-usersessionid: 9ffa4d90-fcce-4a2c-86cb-a7817c6780dc
date: Tue, 12 Jul 2022 19:04:33 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 9ffa4d90-fcce-4a2c-86cb-a7817c6780dc
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 11B2 376 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46689198526f176cb3bb2881be2e8f1273be7293fea0625f2c3bfa2058c9b422

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 segoeui.woff
c1h-excel-15.cdn.office.net/x/s/hF2D0D726A5A1166E__layouts/Resources/1031/ Frame 11B2 22 KB
23 KB 9ms
9ms Font
font/x-woff 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF2D0D726A5A1166E__layouts/Resources/1031/segoeui.woff

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hF2D0D726A5A1166E__layouts/Resources/1031/excelframe.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-excel-15.cdn.office.net/x/s/hF2D0D726A5A1166E__layouts/Resources/1031/excelframe.css
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"6d8a1084248fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15425.35901
x-officefe: AM4PEPF0000693D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Sun, 03 Jul 2022 21:33:20 GMT
x-officefd: AM4PEPF0000601B
x-msedge-ref: Ref A: A0CCAF7F95204EF9AC359F967CB1CACD Ref B: AMS04EDGE2706 Ref C: 2022-07-03T21:33:20Z
x-usersessionid: ecf53027-f12e-4abb-adae-7ddf7b6e776d
date: Tue, 12 Jul 2022 19:04:34 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: ecf53027-f12e-4abb-adae-7ddf7b6e776d
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 44327025345
fs.microsoft.com/fs/4.7/rawguids/ Frame 11B2 1 MB
714 KB 62ms
10ms Font
application/octet-stream 2.18.232.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.7/rawguids/44327025345
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1522f5c0f14d035c42540d84ad4d00d92b72240e91784c15c59e12921a1f0d79

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 12 Jul 2022 19:04:34 GMT
ApiVersion: Distribute 1.1
Last-Modified: Tue, 23 Apr 2019 00:37:40 GMT
Content-Length: 730601
ETag: "0x3C2106B47456A73C36601651E03CDF12759BC76A9DB2B15BB1B25E0EADD314AF"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=159131
X-Azure-Ref: 0t6CoYgAAAABwx/8nS2gnS7oDZcryE/4bTE9OMjFFREdFMDExNABjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y=
Content-Disposition: attachment; filename=44327025345; filename*=UTF-8''44327025345
Connection: keep-alive
Accept-Ranges: bytes
Content-Encoding: gzip
X-CID: 2

GET
H2 200 excelOnline.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h8ED074E053FD982A__layouts/App_Scripts/ Frame 11B2 9 KB
3 KB 14ms
14ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h8ED074E053FD982A__layouts/App_Scripts/excelOnline.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

8ed074e053fd982aa5a9584c9a3f28bcd46932fd5681c9ad431ce84be45485a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d6a0df32b95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF0000D657
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 2589
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:13 GMT
x-officefd: DB5PEPF000082C6
x-usersessionid: 1287013b-03c7-467d-8a0b-ffe4e970a019
date: Tue, 12 Jul 2022 19:04:34 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 1287013b-03c7-467d-8a0b-ffe4e970a019
accept-ranges: bytes
timing-allow-origin: *

GET
BLOB 200
OK e8853242-699c-4c1a-977b-b6f82b1149f0
https://excel.officeapps.live.com/ Frame 11B2 193 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://excel.officeapps.live.com/e8853242-699c-4c1a-977b-b6f82b1149f0
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e38e9d3ac766eaffa7f98d417558b6ddf7d2f35ef57f61802d563080405cc074

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 193
Content-Type: application/javascript

GET
H2 200 EwaDS.tmcore.js Show response
c1h-excel-15.cdn.office.net/x/s/h0F61D4742B729983__layouts/App_Scripts/ Frame 11B2 22 KB
7 KB 8ms
7ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h0F61D4742B729983__layouts/App_Scripts/EwaDS.tmcore.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

0f61d4742b729983cffa51bcd484c91ddabbbcc2decda40cc18ca31cb59fcee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"9935e432b95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF00008318
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 6918
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:13 GMT
x-officefd: DB5PEPF000082E4
x-usersessionid: dec419b6-5c34-4020-b204-bda4b4b62079
date: Tue, 12 Jul 2022 19:04:34 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: dec419b6-5c34-4020-b204-bda4b4b62079
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 11B2 35 KB
36 KB 47ms
7ms Font
application/font-woff2 104.92.84.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.84.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-84-173.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 19:04:34 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 0e632f6c-601e-0126-1b11-16c033000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=17239180
x-ms-version: 2009-09-19
content-length: 36344

GET
H2 200 excel-app-intl-lazy-exp.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h97A4294D94547811__layouts/App_Scripts/1031/ Frame 11B2 489 KB
62 KB 16ms
16ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h97A4294D94547811__layouts/App_Scripts/1031/excel-app-intl-lazy-exp.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

97a4294d94547811572db43bc62932c4a94c14a031743a8ac7cbe24e979acc7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7149b81a6a8cd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15423.31877
x-officefe: AM4PEPF00006928
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 63042
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 30 Jun 2022 10:13:55 GMT
x-officefd: AM4PEPF0000689F
x-msedge-ref: Ref A: E7A87CF875C94A3CB538AA1B658A7D54 Ref B: AMS04EDGE3316 Ref C: 2022-06-30T10:13:55Z
x-usersessionid: f0a688d7-e003-4524-9e2e-61fd1df12b53
date: Tue, 12 Jul 2022 19:04:34 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f0a688d7-e003-4524-9e2e-61fd1df12b53
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common50.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h97D312140F3B9B55__layouts/App_Scripts/ Frame 11B2 1 MB
234 KB 24ms
24ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h97D312140F3B9B55__layouts/App_Scripts/common50.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h5B6749B2DB5CC1EE__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

97d312140f3b9b55c3b258657efa8f4e2ea4766c941edeb20cfe25cbc3850135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"a9e86933b95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF0000692D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 238087
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:14 GMT
x-officefd: AM4PEPF000068A5
x-usersessionid: 86521f96-22fe-4653-8565-facddbf65433
date: Tue, 12 Jul 2022 19:04:34 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 86521f96-22fe-4653-8565-facddbf65433
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChromeLazy.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h862664BB6257D84B__layouts/App_Scripts/ Frame 11B2 444 KB
102 KB 52ms
52ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h862664BB6257D84B__layouts/App_Scripts/appChromeLazy.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h5B6749B2DB5CC1EE__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

862664bb6257d84ba5f0140ef45b950fbb1daf9324ac1d50d8de0ab51ba9853e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ca54b033b95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF00013CB6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 103406
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:47:15 GMT
x-officefd: AM4PEPF0000601B
x-msedge-ref: Ref A: 46B44A6DC18F424090459FF8AF17AE1F Ref B: AMS04EDGE3115 Ref C: 2022-07-11T09:47:15Z
x-usersessionid: 26b5c11c-b8e0-4e88-bebc-785e00b99859
date: Tue, 12 Jul 2022 19:04:34 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 26b5c11c-b8e0-4e88-bebc-785e00b99859
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.tm.js Show response
c1h-excel-15.cdn.office.net/x/s/hC84F73DB3042BC26__layouts/App_Scripts/ Frame 11B2 179 KB
44 KB 66ms
65ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hC84F73DB3042BC26__layouts/App_Scripts/EwaDS.tm.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c84f73db3042bc26182035de8cf8ef86ac629b5cf84235a6305c934a6c0583f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"1811c35b95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF0000831D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 44017
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:17 GMT
x-officefd: DB5PEPF000082B6
x-usersessionid: 7e52a3f5-7af4-47eb-b600-ad8e8d681ffb
date: Tue, 12 Jul 2022 19:04:34 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 7e52a3f5-7af4-47eb-b600-ad8e8d681ffb
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.otherCommon.js Show response
c1h-excel-15.cdn.office.net/x/s/hC4A7A5F37F3159BE__layouts/App_Scripts/ Frame 11B2 275 KB
68 KB 74ms
74ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hC4A7A5F37F3159BE__layouts/App_Scripts/EwaDS.otherCommon.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c4a7a5f37f3159bee6b6f6ebf3515ab3bab2cc09325a6fcd92d700bc51323cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"404c5435b95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF00008312
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 68573
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:17 GMT
x-officefd: DB5PEPF00006495
x-usersessionid: c0a8c172-137e-4679-94c0-d96ed036c9af
date: Tue, 12 Jul 2022 19:04:34 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: c0a8c172-137e-4679-94c0-d96ed036c9af
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.acc.js Show response
c1h-excel-15.cdn.office.net/x/s/hCD1F2016E8D063BF__layouts/App_Scripts/ Frame 11B2 299 KB
72 KB 80ms
80ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hCD1F2016E8D063BF__layouts/App_Scripts/EwaDS.acc.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

cd1f2016e8d063bf735fc186f8aadd964771bc4f8ee79bdfb193b2a5409d37ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"6db76c35b95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF0000C9FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 72960
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:18 GMT
x-officefd: DB5PEPF00006494
x-usersessionid: 0d9e0e73-2fab-4487-8eab-1b52051c55c2
date: Tue, 12 Jul 2022 19:04:34 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0d9e0e73-2fab-4487-8eab-1b52051c55c2
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.FileMenuSlr.js Show response
c1h-excel-15.cdn.office.net/x/s/h20980A65C7B4760A__layouts/App_Scripts/1031/ Frame 11B2 16 KB
4 KB 81ms
81ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h20980A65C7B4760A__layouts/App_Scripts/1031/Ewa.FileMenuSlr.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

20980a65c7b4760aa7b34cd4d40966730ca8422a919feedb8b39ddd95820fd8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "28839177728cd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15425.35901
x-officefe: AM4PEPF00006930
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3333
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 30 Jun 2022 11:13:46 GMT
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: A81315D82800416CB1B2BDA2628A1AB7 Ref B: AMS04EDGE2018 Ref C: 2022-07-02T20:29:59Z
x-usersessionid: 42567828-3d08-4c18-9ec2-73fb3db69051
date: Tue, 12 Jul 2022 19:04:34 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 42567828-3d08-4c18-9ec2-73fb3db69051
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 11B2 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 11B2 31 KB
32 KB 15ms
14ms Font
application/font-woff2 104.92.84.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.84.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-84-173.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 19:04:34 GMT
last-modified: Thu, 26 Oct 2017 19:02:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ZtEeVbekE932qE6Fhpfntg==
etag: 0x8D51CA4122953A7
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 91c5063c-e01e-0038-0f11-165c8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=17239231
x-ms-version: 2009-09-19
content-length: 31824

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 11B2 0
2 KB 736ms
736ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15506.37953&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h793E4EF4951E7E51__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wq8xSg-KvTH7pDVjrzDsDsmR3-VKlr6S1_Ad8QuNnH0hEMo9zrI1zxSh69fUKc7-Fr1p2-6mZp9abziwRkWLtUf3yQ_A6DfckZl1Ruv70Pbe-owcm_6nVqX8xDj280ZSR_yZZv_hAoseyfo7cNAzIsg
X-UserSessionId: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.37953
X-Key: yyvQBQULreOGGqqAZ+DPTRo5cQAh7vdGFKITR0/hQbE=,637932494737059200
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1659467073054
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS1
x-officeversion: 16.0.15506.37953
x-officefe: BY3PEPF0000D5EB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: CA78EF8008219FD41B3BEECBDC5469C32D39C9D9
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-buls-suppressedtags: 378069,1671813,2209344,3290144,4298965,4298968,4298969,4751696,5306497,5904476,6375195,6572226,6948167,7463498,17085210,17085216,17162522,17358857,19743902,21627712,21631370,22401293,22410500,22558617,22598977,22680210,22680213,22680214,22836558,22946650,23909858,24401375,24462656,24515087,25514973,33592839,34388130,35682372,36472266,36546380,36546381,36546382,36569418,36708451,36773964,36791688,36811158,36811159,36963655,37288035,37876293,37876294,37889309,38293640,38535900,38543496,38580697,38637954,38922202,39076766,39076767,39105358,39408129,39613840,39966341,40437001,40935455,40957978,40957979,41003225,41207258,41502555,41711299,41952657,41964821,41964885,42272991,42496725,42513088,42815875,42857251,50406866,50431969,50619726,50622685,50622687,51451613,51504083,51667010,306230939,524883107,524883136,524883138,537159499,538542792,538543587,539874723,540378699,540378700,542700237,542994947,545783884,557077970,557322386,557389507,557670930,558735363,559423838,559424262,559486496,559760215,559760216,570507662,571549507,571786073,571786074,574468116,575157663,575157664,575157665,575157666,575157667,575157696,575157697,575157698,575157699,575157700,575157701,575157702,577295376,577626581,577831138,578164000,587862985,591684683,591729363,592259104,592556551,592843145,593780815,593838232,593862981,594134597,594396706,594830612,595137156,595714715,595895774,596115913,596444186,596464289,845836083,845836084,845836085,846166132,876178018,963472182,1630679666,1630679667,1633958006,1647605351,1664576567,1698260075,1718235956,1765045358,1802139698,1986689397,1986689633,1986689647,1986748791,1986748793,1986749030,1986749288,1986749546,2004443760,2004444278,2004448354
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 3813f8ae-1fbc-48f5-bfab-e9b7291d58b3
x-officefd: BY3PEPF0000D5EB
x-usersessionid: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
date: Tue, 12 Jul 2022 19:04:35 GMT
x-download-options: noopen
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: A023CE0B9DA14ED5BF9491FDAEB8D04D Ref B: AMS04EDGE3118 Ref C: 2022-07-12T19:04:34Z

GET
H/1.1 200
OK 50941620409
fs.microsoft.com/fs/4.7/rawguids/ Frame 11B2 910 KB
495 KB 8ms
8ms Font
application/octet-stream 2.18.232.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.7/rawguids/50941620409
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eb0ab622969875cccbaa658809cc6df6bfd73846f9c6c5e80774936cbc52845c

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 12 Jul 2022 19:04:34 GMT
ApiVersion: Distribute 1.1
Last-Modified: Tue, 23 Apr 2019 00:37:40 GMT
Content-Length: 506404
ETag: "0x178939ABA1E8A602911CDE0564920200E557D6568E6C74DF2AFEE537D0E55846"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=189419
X-Azure-Ref: 0ihupYgAAAADSUjv11pkeSItPECRgaIEHTE9OMjFFREdFMTUwNwBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y=
Content-Disposition: attachment; filename=50941620409; filename*=UTF-8''50941620409
Connection: keep-alive
Accept-Ranges: bytes
Content-Encoding: gzip
X-CID: 2

GET
H2 200 GetRangeContentJson Show response
excel.officeapps.live.com/x/_vti_bin/DynamicGridContent.json/ Frame 11B2 133 KB
14 KB 66ms
66ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_vti_bin/DynamicGridContent.json/GetRangeContentJson?context=%7B%22WorkbookMetadataParameter%22%3A%7B%22WorkbookMetadataState%22%3A%7B%22MetadataVersion%22%3A0%2C%22ServerEventVersion%22%3A0%7D%7D%2C%22ClientRequestId%22%3A%22a00d67e4-be72-4bd5-9df7-05fc4ddecd20%22%2C%22MakeInstantaneousChange%22%3Afalse%2C%22SessionId%22%3A%2215.AM4PEPF000069121.A81.1.V25.10357o15W6dJit6IW6XpkNeW214.5.de-DE5.en-US24.b0264747cbb7e393-Private1.S1.N16.16.0.15506.3795314.5.de-DE5.en-US1.V1.N0.1.S%22%2C%22TransientEditSessionToken%22%3Anull%2C%22PermissionFlags%22%3A786363%2C%22Configurations%22%3A1573648%2C%22CompleteResponseTimeout%22%3A0%2C%22IsWindowHidden%22%3Afalse%2C%22MachineCluster%22%3A%22PNL1%22%2C%22AjaxOptions%22%3A0%2C%22ReturnSheetProcessedData%22%3Afalse%7D&ewaControlId=%22m_excelWebRenderer_ewaCtl_m_ewa%22&currentObject=%22%D0%B7%D0%B2%D1%96%D1%82%D0%BD%D1%96%D1%81%D1%82%D1%8C%22&namedObjectViewData=%7B%22Mode%22%3A1%2C%22Settings%22%3A0%7D&row=28&column=0&rowCount=28&columnCount=30&blockPosition=%7B%22X%22%3A0%2C%22Y%22%3A1%2C%22PaneType%22%3A1%7D&revision=0&previousRevision=-1&digest=%22%22&renderingOptions=24&colorScheme=null&ecsSpreadsheetDigest=null&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h793E4EF4951E7E51__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

87b6766b27518ca5d3df96d96133ad36772b56dfa550a21402c57f25b6e29ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacNoAuth: 1
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.37953
X-Key: yyvQBQULreOGGqqAZ+DPTRo5cQAh7vdGFKITR0/hQbE=,637932494737059200
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-XL-SessionId: 15.AM4PEPF000069121.A81.1.V25.10357o15W6dJit6IW6XpkNeW214.5.de-DE5.en-US24.b0264747cbb7e393-Private1.S1.N16.16.0.15506.3795314.5.de-DE5.en-US1.V1.N0.1.S
haep: 1
X-AccessToken: 4wq8xSg-KvTH7pDVjrzDsDsmR3-VKlr6S1_Ad8QuNnH0hEMo9zrI1zxSh69fUKc7-Fr1p2-6mZp9abziwRkWLtUf3yQ_A6DfckZl1Ruv70Pbe-owcm_6nVqX8xDj280ZSR_yZZv_hAoseyfo7cNAzIsg
X-UserSessionId: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json; charset=utf-8
X-ClientBootEpochTimeStamp: 1657652673.70592
X-CorrelationId: 75a7763e-0a65-420a-86cf-dcf406f500de
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
X-UserType: WOPI
X-AccessTokenTtl: 1659467073054
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officefd: AM4PEPF000068BF
x-officeversion: 16.0.15506.37953
x-officefe: AM4PEPF00006912
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 13916
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 75a7763e-0a65-420a-86cf-dcf406f500de
x-officecluster: PNL1
x-usersessionid: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
date: Tue, 12 Jul 2022 19:04:34 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, max-age=604800
x-msedge-ref: Ref A: C5ECD97FEBAD45FCBDD0101AAB49DB68 Ref B: AMS04EDGE3118 Ref C: 2022-07-12T19:04:34Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 11B2 0
2 KB 150ms
149ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15506.37953&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h793E4EF4951E7E51__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wq8xSg-KvTH7pDVjrzDsDsmR3-VKlr6S1_Ad8QuNnH0hEMo9zrI1zxSh69fUKc7-Fr1p2-6mZp9abziwRkWLtUf3yQ_A6DfckZl1Ruv70Pbe-owcm_6nVqX8xDj280ZSR_yZZv_hAoseyfo7cNAzIsg
X-UserSessionId: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.37953
X-Key: yyvQBQULreOGGqqAZ+DPTRo5cQAh7vdGFKITR0/hQbE=,637932494737059200
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1659467073054
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS5
x-officeversion: 16.0.15506.37953
x-officefe: SN3PEPF0000CC55
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: CA78EF8008219FD41B3BEECBDC5469C32D39C9D9
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-buls-suppressedtags: 378069,1671813,2209344,3290144,4298965,4298968,4298969,4751696,5306497,5904476,6375195,6572226,6948167,7463498,17085210,17085216,17162522,17358857,19743902,21627712,21631370,22401293,22410500,22558617,22598977,22680210,22680213,22680214,22836558,22946650,23909858,24401375,24462656,24515087,25514973,33592839,34388130,35682372,36472266,36546380,36546381,36546382,36569418,36708451,36773964,36791688,36811158,36811159,36963655,37288035,37876293,37876294,37889309,38293640,38535900,38543496,38580697,38637954,38922202,39076766,39076767,39105358,39408129,39613840,39966341,40437001,40935455,40957978,40957979,41003225,41207258,41502555,41711299,41952657,41964821,41964885,42272991,42496725,42513088,42815875,42857251,50406866,50431969,50619726,50622685,50622687,51451613,51504083,51667010,306230939,524883107,524883136,524883138,537159499,538542792,538543587,539874723,540378699,540378700,542700237,542994947,545783884,557077970,557322386,557389507,557670930,558735363,559423838,559424262,559486496,559760215,559760216,570507662,571549507,571786073,571786074,574468116,575157663,575157664,575157665,575157666,575157667,575157696,575157697,575157698,575157699,575157700,575157701,575157702,577295376,577626581,577831138,578164000,587862985,591684683,591729363,592259104,592556551,592843145,593780815,593838232,593862981,594134597,594396706,594830612,595137156,595714715,595895774,596115913,596444186,596464289,845836083,845836084,845836085,846166132,876178018,963472182,1630679666,1630679667,1633958006,1647605351,1664576567,1698260075,1718235956,1765045358,1802139698,1986689397,1986689633,1986689647,1986748791,1986748793,1986749030,1986749288,1986749546,2004443760,2004444278,2004448354
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid: 2bb4a760-c16a-4225-8a34-55d94347fa5a
x-officefd: SN3PEPF0000CC55
x-usersessionid: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
date: Tue, 12 Jul 2022 19:04:35 GMT
x-download-options: noopen
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: F1097E45280C4D6F85B230C2F5F93B09 Ref B: AMS04EDGE3118 Ref C: 2022-07-12T19:04:35Z

GET
H2 200 EwaDS.cuixas.js Show response
c1h-excel-15.cdn.office.net/x/s/h3F4A7507E4B7FCF0__layouts/App_Scripts/ Frame 11B2 623 KB
126 KB 9ms
8ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h3F4A7507E4B7FCF0__layouts/App_Scripts/EwaDS.cuixas.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3f4a7507e4b7fcf06ad1a8782b46b948130270d4d9b2c2f91219b09f08dee07f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"396bcd35b95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF00006948
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 128150
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:47:18 GMT
x-officefd: AM4PEPF000068B6
x-msedge-ref: Ref A: 42F5EDAAA9DC4048998F9E356E20D3A8 Ref B: AMS04EDGE3318 Ref C: 2022-07-11T09:47:18Z
x-usersessionid: df703d21-e49e-4b91-ba6d-01a46e69888f
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: df703d21-e49e-4b91-ba6d-01a46e69888f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.StatusBar.js Show response
c1h-excel-15.cdn.office.net/x/s/h6F7AEBE64B7302A2__layouts/App_Scripts/1031/ Frame 11B2 13 KB
2 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h6F7AEBE64B7302A2__layouts/App_Scripts/1031/Ewa.StatusBar.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6f7aebe64b7302a244c2d3d4638435cdacb2e40942d2d766c4a8c7a7f5ad9cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "95581eadc95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15506.37953
x-officefe: AM4PEPF000114BB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1817
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 12 Jul 2022 10:48:25 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: C883BC5C27B14907B59910712D6769C1 Ref B: AMS04EDGE1717 Ref C: 2022-07-12T12:00:53Z
x-usersessionid: 56b2105c-07bf-4520-bd17-270580886c95
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 56b2105c-07bf-4520-bd17-270580886c95
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/ 92 KB
33 KB 32ms
7ms Script
application/javascript 2.19.126.158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.19.126.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-158.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 19:04:35 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:44:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA03009D7876E1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 98ff2db4-001e-003e-7bfa-871152000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29740417
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac_s_office-ec0768dc.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/ 335 KB
102 KB 32ms
8ms Script
application/javascript 2.19.126.158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac_s_office-ec0768dc.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.19.126.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-158.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 59e1ecc15f7639121d99a75dce05be39a43630398ff19de0258b0f5e1cfcbdb1

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 19:04:35 GMT
content-encoding: gzip
content-md5: 7Ado3M0q7A+Lv1sYG3wtIA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 103797
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:44:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA0300A3B0DFB4
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 70c58c69-b01e-0004-78fa-870b2a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29740439
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 EwaCommon.png
c1h-excel-15.cdn.office.net/x/s/h2F95CDDC41D79343__layouts/Resources/1031/ Frame 11B2 19 KB
20 KB 12ms
11ms Image
image/png 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2F95CDDC41D79343__layouts/Resources/1031/EwaCommon.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2f95cddc41d79343acd4194569538eb07ae5bdd1ec90469253f41ee5db530b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "a1fd251e798cd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15425.35901
x-officefe: AM4PEPF00013CB8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 19229
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Thu, 30 Jun 2022 12:01:23 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: 5E42A404E9674010A7EFE96D4A22C9C3 Ref B: AM3EDGE1009 Ref C: 2022-07-03T19:15:47Z
x-usersessionid: 80b30d66-3e72-448d-a844-82df8d6734ef
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 80b30d66-3e72-448d-a844-82df8d6734ef
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common50.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h97D312140F3B9B55__layouts/App_Scripts/ Frame 11B2 1 MB
234 KB 21ms
21ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h97D312140F3B9B55__layouts/App_Scripts/common50.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

97d312140f3b9b55c3b258657efa8f4e2ea4766c941edeb20cfe25cbc3850135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"a9e86933b95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF0000692D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 238087
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:14 GMT
x-officefd: AM4PEPF000068A5
x-usersessionid: 86521f96-22fe-4653-8565-facddbf65433
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 86521f96-22fe-4653-8565-facddbf65433
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 otelFull.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hC72A9FCF0CB9F411__layouts/App_Scripts/ Frame 11B2 99 KB
29 KB 14ms
13ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hC72A9FCF0CB9F411__layouts/App_Scripts/otelFull.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "4b2a1d62838cd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15425.35901
x-officefe: AM4PEPF00013CAE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 28874
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 30 Jun 2022 13:14:52 GMT
x-officefd: AM4PEPF0000601B
x-msedge-ref: Ref A: CC977297ED554091BD115C4AE86C2556 Ref B: AM3EDGE0912 Ref C: 2022-07-04T09:56:23Z
x-usersessionid: 1de4d80c-fb5e-4d43-9b54-4a391310acf3
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 1de4d80c-fb5e-4d43-9b54-4a391310acf3
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 11B2 0
353 B 175ms
175ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15506.37953&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h793E4EF4951E7E51__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wq8xSg-KvTH7pDVjrzDsDsmR3-VKlr6S1_Ad8QuNnH0hEMo9zrI1zxSh69fUKc7-Fr1p2-6mZp9abziwRkWLtUf3yQ_A6DfckZl1Ruv70Pbe-owcm_6nVqX8xDj280ZSR_yZZv_hAoseyfo7cNAzIsg
X-UserSessionId: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.37953
X-Key: yyvQBQULreOGGqqAZ+DPTRo5cQAh7vdGFKITR0/hQbE=,637932494737059200
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1659467073054
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS2
x-officeversion: 16.0.15510.35053
x-officefe: MW1PEPF0000855C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: CA78EF8008219FD41B3BEECBDC5469C32D39C9D9
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-buls-suppressedtags: 378069,1671813,2209344,3290144,4298965,4298968,4298969,4751696,5306497,5904476,6375195,6572226,6948167,7463498,17085210,17085216,17162522,17358857,19743902,21627712,21631370,22401293,22410500,22558617,22598977,22680210,22680213,22680214,22836558,22946650,23909858,24401375,24462656,24515087,25514973,33592839,34388130,35682372,36472266,36546380,36546381,36546382,36569418,36708451,36773964,36791688,36811158,36811159,36963655,37288035,37876293,37876294,37889309,38293640,38535900,38543496,38580697,38637954,38922202,39076766,39076767,39105358,39408129,39613840,39966341,40437001,40935455,40957978,40957979,41003225,41207258,41502555,41711299,41952657,41964821,41964885,42272991,42496725,42513088,42815875,42857251,50406866,50431969,50619726,50622685,50622687,51451613,51504083,51667010,306230939,524883107,524883136,524883138,537159499,538542792,538543587,539874723,540378699,540378700,542700237,542994947,545783884,557077970,557322386,557389507,557670930,558735363,559423838,559424262,559486496,559760215,559760216,570507662,571549507,571786073,571786074,574468116,575157663,575157664,575157665,575157666,575157667,575157696,575157697,575157698,575157699,575157700,575157701,575157702,577295376,577626581,577831138,578164000,587862985,591684683,591729363,592259104,592556551,592843145,593780815,593838232,593862981,594134597,594396706,594830612,595137156,595714715,595895774,596115913,596444186,596464289,845836083,845836084,845836085,846166132,876178018,963472182,1630679666,1630679667,1633958006,1647605351,1664576567,1698260075,1718235956,1765045358,1802139698,1986689397,1986689633,1986689647,1986748791,1986748793,1986749030,1986749288,1986749546,2004443760,2004444278,2004448354
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: c138c766-1ce9-4f44-bf9e-65de650bcd7e
x-officefd: MW1PEPF0000855C
x-usersessionid: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
date: Tue, 12 Jul 2022 19:04:35 GMT
x-download-options: noopen
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: FD307B2D87A0428F88B57D191B84542D Ref B: AMS04EDGE3118 Ref C: 2022-07-12T19:04:35Z

POST
H2 200 RemoteTelemetry.ashx Show response
excel.officeapps.live.com/x/_layouts/ Frame 11B2 0
489 B 43ms
43ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/RemoteTelemetry.ashx

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000601B
x-officeversion: 16.0.15506.37953
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: dbf233ae-6ff0-4edb-98f1-7634ae3c20a4
x-officecluster: PNL1
x-usersessionid: dbf233ae-6ff0-4edb-98f1-7634ae3c20a4
date: Tue, 12 Jul 2022 19:04:35 GMT
x-download-options: noopen
access-control-allow-origin: https://excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: E9D3DAEE3170409E88C2B89E1D4A4D37 Ref B: AMS04EDGE3118 Ref C: 2022-07-12T19:04:35Z
timing-allow-origin: *
x-officefe: AM4PEPF00006912

GET
H2 200 uiSlice20.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h97C59C48A88D164F__layouts/App_Scripts/ Frame 11B2 793 KB
143 KB 9ms
9ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h97C59C48A88D164F__layouts/App_Scripts/uiSlice20.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h5B6749B2DB5CC1EE__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

97c59c48a88d164fd52c3df5763ca7972a9ba7056f1881943ec69717ef521b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"de3dcd37b95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF0000D65B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 146091
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:22 GMT
x-officefd: DB5PEPF000082B6
x-usersessionid: dbb1642a-8a4c-4cdf-b580-55c269b32e9c
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: dbb1642a-8a4c-4cdf-b580-55c269b32e9c
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 wac2-d8541046.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/ 310 KB
107 KB 7ms
7ms Script
application/javascript 2.19.126.158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac2-d8541046.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.19.126.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-158.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c949982df7b0a15866feaa71641d1dd64f0bd6415013cbff9a5bf2a61d65b33c

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 19:04:35 GMT
content-encoding: gzip
content-md5: 2FQQRinE/bhgf3Cx3CcwlA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 109105
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:44:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA0300A39F2F0C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b9230adc-501e-009a-4207-8918f4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29856119
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 wac0-efa56458.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/ 15 KB
6 KB 8ms
8ms Script
application/javascript 2.19.126.158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac0-efa56458.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.19.126.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-158.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 09f6c8293dec26567f220f12acd488876fbbf40ad2c67e0f0f4766de6bda8981

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 19:04:35 GMT
content-encoding: gzip
content-md5: 76VkWOHqhHqIEEUyr6GMKg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 5910
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:44:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA0300A34EF7FB
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8eff254d-801e-000f-5607-89f041000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29856104
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 wac1-cdc297b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/ 47 KB
14 KB 8ms
8ms Script
application/javascript 2.19.126.158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac1-cdc297b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.19.126.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-158.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b323d86681653d7e2e92716f79f18a324b1337dd9ad3d456644ca9fb7493ffa3

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 19:04:35 GMT
content-encoding: gzip
content-md5: zcKXtFHbuejuppPFKcKOyw==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14062
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:44:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA0300A36B5567
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f9937ebc-901e-005e-2a3c-876dcd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29658975
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2 200 EwaCommon.png
c1h-excel-15.cdn.office.net/x/s/h2F95CDDC41D79343__layouts/Resources/1031/ Frame 11B2 19 KB
20 KB 8ms
8ms Image
image/png 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2F95CDDC41D79343__layouts/Resources/1031/EwaCommon.png

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h864BFA99D701F78C__layouts/App_Scripts/EwaDS.bootCommon.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2f95cddc41d79343acd4194569538eb07ae5bdd1ec90469253f41ee5db530b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "a1fd251e798cd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15425.35901
x-officefe: AM4PEPF00013CB8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 19229
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Thu, 30 Jun 2022 12:01:23 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: 5E42A404E9674010A7EFE96D4A22C9C3 Ref B: AM3EDGE1009 Ref C: 2022-07-03T19:15:47Z
x-usersessionid: 80b30d66-3e72-448d-a844-82df8d6734ef
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 80b30d66-3e72-448d-a844-82df8d6734ef
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaOther_m2.png
c1h-excel-15.cdn.office.net/x/s/hDDACFF985568D458__layouts/Resources/1031/ Frame 11B2 22 KB
22 KB 8ms
8ms Image
image/png 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hDDACFF985568D458__layouts/Resources/1031/EwaOther_m2.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ddacff985568d4587ff00bcd1e6ec886c89eb143994d862a67338c356e3c42d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "e6acb4e38c90d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15428.35901
x-officefe: AM4PEPF0000693F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22266
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 05 Jul 2022 16:32:59 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: 9D72E50BEDE944F7AF828DE89C61709B Ref B: AMS04EDGE2818 Ref C: 2022-07-06T07:12:30Z
x-usersessionid: 4926d489-f2fc-405b-a00c-44d3771df5a0
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 4926d489-f2fc-405b-a00c-44d3771df5a0
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 200 SDXReleaseDataPackages
mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/ Frame 0
0 248ms
32ms Preflight 20.223.144.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/SDXReleaseDataPackages
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.223.144.60 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,dmsactivityid,haep,x-accesstoken,x-accesstokenttl,x-key,x-officeversion,x-requested-with,x-usersessionid,x-usertype,x-waccluster,x-xhr
Access-Control-Request-Method: POST
Origin: https://excel.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type,dmsactivityid,haep,x-accesstoken,x-accesstokenttl,x-key,x-officeversion,x-requested-with,x-usersessionid,x-usertype,x-waccluster,x-xhr
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Tue, 12 Jul 2022 19:04:35 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 EwaDS.shell.js Show response
c1h-excel-15.cdn.office.net/x/s/h5C0D989878A0DF7D__layouts/App_Scripts/ Frame 11B2 3 KB
2 KB 8ms
8ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h5C0D989878A0DF7D__layouts/App_Scripts/EwaDS.shell.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5c0d989878a0df7da0c669241983e4c5504f00a2d0574ad3d616d41208ddb030

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ceadc037b95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF00013CBD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1272
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:47:21 GMT
x-officefd: AM4PEPF0000689F
x-msedge-ref: Ref A: 89A0C0A9E9084B8C90991C0F339DB4C8 Ref B: AM3EDGE1006 Ref C: 2022-07-11T09:47:21Z
x-usersessionid: 064f51d0-63e6-4bbc-b1a5-5a9f5981db00
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 064f51d0-63e6-4bbc-b1a5-5a9f5981db00
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 BeaconHandler.ashx
excel.officeapps.live.com/x/_layouts/ Frame 11B2 542 B
777 B 22ms
22ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/BeaconHandler.ashx?WacUserType=WOPI&usid=44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6&NoAuth=1&waccluster=PNL1&WebMethod=Xlplt

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5b40665a9c6eda7ee5b01320fae0bc3bda499e8df67c518193f944683dc70c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officefd: AM4PEPF000068A5
x-officeversion: 16.0.15506.37953
x-officefe: AM4PEPF00006912
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 421
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 6b431ece-430e-4906-924f-e7c58df2aadc
x-officecluster: PNL1
x-usersessionid: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
date: Tue, 12 Jul 2022 19:04:35 GMT
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: AFB37549FD034C54B7B7E6DCF4D6AB9A Ref B: AMS04EDGE3118 Ref C: 2022-07-12T19:04:35Z
timing-allow-origin: *

POST
H2 202 SDXReleaseDataPackages Show response
mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/ Frame 11B2 6 KB
6 KB 32ms
32ms XHR
application/json 20.223.144.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/SDXReleaseDataPackages
Requested by: Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h793E4EF4951E7E51__layouts/App_Scripts/MicrosoftAjaxDS.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.223.144.60 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0414c998ae4c450aecd5e7cab42eb0385fc5257f4b7cb80ecab3212c8b841d30

Request headers

DMSActivityId: 88c8f15c-3852-491c-8008-750739b2f0d2
haep: 1
X-AccessToken: 4wq8xSg-KvTH7pDVjrzDsDsmR3-VKlr6S1_Ad8QuNnH0hEMo9zrI1zxSh69fUKc7-Fr1p2-6mZp9abziwRkWLtUf3yQ_A6DfckZl1Ruv70Pbe-owcm_6nVqX8xDj280ZSR_yZZv_hAoseyfo7cNAzIsg
X-UserSessionId: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.37953
X-Key: yyvQBQULreOGGqqAZ+DPTRo5cQAh7vdGFKITR0/hQbE=,637932494737059200
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://excel.officeapps.live.com/
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1659467073054
X-WacCluster: PNL1

Response headers

pragma: no-cache
date: Tue, 12 Jul 2022 19:04:35 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 6394
expires: -1

GET
H2 200 tellme-strings.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hB030423759D3257B__layouts/App_Scripts/1031/ Frame 11B2 361 B
888 B 8ms
8ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hB030423759D3257B__layouts/App_Scripts/1031/tellme-strings.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b030423759d3257bf81fd7817114e8820b37c046e24d61b4aa1def6194d41b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "6ec2922092d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF00006942
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 225
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 07 Jul 2022 16:42:40 GMT
x-officefd: AM4PEPF0000689D
x-msedge-ref: Ref A: E3227125B5D0427288680CEE0DC43CB6 Ref B: AM3EDGE0616 Ref C: 2022-07-10T14:05:54Z
x-usersessionid: 987e9af9-458b-46ba-9e60-22affb396ae8
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 987e9af9-458b-46ba-9e60-22affb396ae8
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-uiSlice20-sprite-exp.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hD771E3E99B5584D4__layouts/App_Scripts/1031/ Frame 11B2 1 MB
127 KB 9ms
9ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hD771E3E99B5584D4__layouts/App_Scripts/1031/excel-uiSlice20-sprite-exp.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d771e3e99b5584d4624238e3c558493f5fa894fb0f4314eaa26e55e2b01b4081

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"2fe5961b6a8cd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15423.31877
x-officefe: AM4PEPF0000690C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 128808
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 30 Jun 2022 10:13:56 GMT
x-officefd: AM4PEPF000068A7
x-msedge-ref: Ref A: 3D62606DAEC94B0A96CF57EE9E2AB6F2 Ref B: AM3EDGE1016 Ref C: 2022-06-30T10:13:56Z
x-usersessionid: cbb13ac0-58c0-479d-b963-6b674ec8449e
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: cbb13ac0-58c0-479d-b963-6b674ec8449e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 de-de Show response
shell.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/ Frame 11B2 25 KB
5 KB 138ms
7ms XHR
application/json 2a02:26f0:480:290::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://shell.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/de-de

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h862664BB6257D84B__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:290::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

bde99fda56c44bacb839b16e77a11ae875e6f1509f1885d4856c4c35ab1836bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=2592000
content-encoding: gzip
x-content-type-options: nosniff
server: Kestrel
date: Tue, 12 Jul 2022 19:04:35 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache-start: 1657652555
cache-control: max-age=300
x-cdn: 120
timing-allow-origin: *
content-length: 5124
x-o365suiteuxshell-correlationid: bbd094b2-bc60-44a0-a18b-e4c4ce4cb2be

GET
H2 200 EwaDS.kpae.js Show response
c1h-excel-15.cdn.office.net/x/s/hFFAF6A1537D6F67A__layouts/App_Scripts/ Frame 11B2 606 KB
142 KB 18ms
18ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hFFAF6A1537D6F67A__layouts/App_Scripts/EwaDS.kpae.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ffaf6a1537d6f67a3911f72b90b0c9140a5bc5d48b634f1ca1650502bedae197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"8d44e37b95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF00006919
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 145055
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:20 GMT
x-officefd: AM4PEPF0000689F
x-usersessionid: 039ea107-41f1-407b-b57c-dc1e9db10369
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 039ea107-41f1-407b-b57c-dc1e9db10369
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.pi.js Show response
c1h-excel-15.cdn.office.net/x/s/h032CCDDB04E50D30__layouts/App_Scripts/ Frame 11B2 290 KB
69 KB 50ms
50ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h032CCDDB04E50D30__layouts/App_Scripts/EwaDS.pi.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

032ccddb04e50d30e9fff2d93b057c5d044deb17f967e4284020f256de4eedd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"34d7a938b95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF00013CAE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 69704
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:47:23 GMT
x-officefd: AM4PEPF0000689F
x-msedge-ref: Ref A: A40A062B90E1457CAC8309F3AD3E0151 Ref B: AM3EDGE0821 Ref C: 2022-07-11T09:47:23Z
x-usersessionid: 17a3b151-530d-4971-b8a9-371c4a54daac
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 17a3b151-530d-4971-b8a9-371c4a54daac
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.le.js Show response
c1h-excel-15.cdn.office.net/x/s/h25DB6FBF848DB452__layouts/App_Scripts/ Frame 11B2 84 KB
21 KB 87ms
87ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h25DB6FBF848DB452__layouts/App_Scripts/EwaDS.le.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

25db6fbf848db45236a76b4f2f53a35cd5e88d249ae54a8bffffe01336845eb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"eeeeac38b95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF00013CB3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 21379
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:23 GMT
x-officefd: AM4PEPF0000689F
x-usersessionid: 6eb83b2e-f61c-44d5-b6cc-91f9e234357b
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 6eb83b2e-f61c-44d5-b6cc-91f9e234357b
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 11B2 0
512 B 171ms
170ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15506.37953&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h793E4EF4951E7E51__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wq8xSg-KvTH7pDVjrzDsDsmR3-VKlr6S1_Ad8QuNnH0hEMo9zrI1zxSh69fUKc7-Fr1p2-6mZp9abziwRkWLtUf3yQ_A6DfckZl1Ruv70Pbe-owcm_6nVqX8xDj280ZSR_yZZv_hAoseyfo7cNAzIsg
X-UserSessionId: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.37953
X-Key: yyvQBQULreOGGqqAZ+DPTRo5cQAh7vdGFKITR0/hQbE=,637932494737059200
X-bULS-SuppressionETag: CA78EF8008219FD41B3BEECBDC5469C32D39C9D9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1659467073054
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS1
x-officeversion: 16.0.15506.37953
x-officefe: BY3PEPF0000D748
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: CA78EF8008219FD41B3BEECBDC5469C32D39C9D9
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 705e7258-cbb2-412f-8a2c-eec1a796a1d6
x-officefd: BY3PEPF0000D748
x-usersessionid: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
date: Tue, 12 Jul 2022 19:04:35 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 0768FDB0DD714E1AA0A876FE616D0B2D Ref B: AMS04EDGE3118 Ref C: 2022-07-12T19:04:35Z

GET
H2 200 interactivity.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hD7E322EBC2A30DB3__layouts/App_Scripts/ Frame 11B2 39 KB
9 KB 106ms
106ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hD7E322EBC2A30DB3__layouts/App_Scripts/interactivity.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

d7e322ebc2a30db3ba976e22f655cde2606ed8b1b08a3eadbfef09a757611a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"335aa39b95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF00008310
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 8180
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:24 GMT
x-officefd: DB5PEPF00006495
x-usersessionid: 12814132-8eb5-4ea5-b274-75d67dd4dfdf
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 12814132-8eb5-4ea5-b274-75d67dd4dfdf
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.oauth.js Show response
c1h-excel-15.cdn.office.net/x/s/h0FCEA79CB08BBC6E__layouts/App_Scripts/ Frame 11B2 33 KB
9 KB 125ms
125ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h0FCEA79CB08BBC6E__layouts/App_Scripts/EwaDS.oauth.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

0fcea79cb08bbc6eb8147d6b1fac1d8b1b9f3e434ef5e4b95b9c133e661a81ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"11355b39b95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF00008306
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 8539
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:24 GMT
x-officefd: DB5PEPF000082E4
x-usersessionid: 21c0d093-b8c4-4c17-ad9e-d9dffe19b2d4
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 21c0d093-b8c4-4c17-ad9e-d9dffe19b2d4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.savestatus.js Show response
c1h-excel-15.cdn.office.net/x/s/h2C6E3FEC7B718121__layouts/App_Scripts/ Frame 11B2 10 KB
4 KB 143ms
143ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2C6E3FEC7B718121__layouts/App_Scripts/EwaDS.savestatus.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2c6e3fec7b7181213be0579db97f5b97be0081abc68aeacc6a39804e83192374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e4ee8c39b95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF000114B7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2946
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_powerpointslice,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:47:25 GMT
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: 942EAF939D934819A43338F68E07AC50 Ref B: AM3EDGE0907 Ref C: 2022-07-11T09:47:24Z
x-usersessionid: 1cc0cb27-b11a-4cd4-881b-f051cdede41c
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 1cc0cb27-b11a-4cd4-881b-f051cdede41c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.agave.js Show response
c1h-excel-15.cdn.office.net/x/s/h7D35B0731CEA3C50__layouts/App_Scripts/ Frame 11B2 617 KB
130 KB 149ms
148ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h7D35B0731CEA3C50__layouts/App_Scripts/EwaDS.agave.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d35b0731cea3c50c61269dc5be985a0d91b708ea06f2969da5ca8b77c52b65b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"fca48839b95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF000068EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 132552
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:47:24 GMT
x-officefd: AM4PEPF0000689E
x-msedge-ref: Ref A: 76C37AB00C8F4C568D9BC4BC79A3974D Ref B: AM3EDGE0821 Ref C: 2022-07-11T09:47:24Z
x-usersessionid: 043b90ee-5f4b-4b60-9a3a-9b6bc155913f
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 043b90ee-5f4b-4b60-9a3a-9b6bc155913f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-uiSlice20-sprite.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hD41C9633C681A676__layouts/App_Scripts/1031/ Frame 11B2 460 KB
55 KB 159ms
159ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hD41C9633C681A676__layouts/App_Scripts/1031/excel-uiSlice20-sprite.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d41c9633c681a676dfbe164906ed4f47026a85a31062ec56bf9b3eb2dc01c12a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "22efe135788cd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15425.35901
x-officefe: AM4PEPF00006944
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 55065
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 30 Jun 2022 11:54:53 GMT
x-officefd: AM4PEPF000068B6
x-msedge-ref: Ref A: 92DF4F395C1C4E2C85261139DA258B51 Ref B: AM3EDGE0522 Ref C: 2022-07-02T19:10:12Z
x-usersessionid: 0a643f0e-b17d-4191-b056-c18a7687af0d
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0a643f0e-b17d-4191-b056-c18a7687af0d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.kffa.js Show response
c1h-excel-15.cdn.office.net/x/s/h5CA29FB948C03938__layouts/App_Scripts/ Frame 11B2 581 KB
118 KB 131ms
130ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h5CA29FB948C03938__layouts/App_Scripts/EwaDS.kffa.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

5ca29fb948c03938513174a9600686893a148f887e7e021a43a9c218245ca3c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"307243ab95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF0000830A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 120366
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:25 GMT
x-officefd: DB5PEPF000082B6
x-usersessionid: f6bab16c-03fc-4427-bf0a-b55ee912716b
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f6bab16c-03fc-4427-bf0a-b55ee912716b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.calc.js Show response
c1h-excel-15.cdn.office.net/x/s/h7F17D79349B54FAF__layouts/App_Scripts/ Frame 11B2 93 KB
22 KB 132ms
132ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h7F17D79349B54FAF__layouts/App_Scripts/EwaDS.calc.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7f17d79349b54fafcc941a7f7bc456e18f77cb0611ad0ed9da561ea474db51e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"5a51fa39b95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF000068F4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 22432
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:25 GMT
x-officefd: AM4PEPF0000689D
x-usersessionid: 5c8778b3-0e7a-460d-ba70-c860932b65df
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5c8778b3-0e7a-460d-ba70-c860932b65df
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.zoom.js Show response
c1h-excel-15.cdn.office.net/x/s/h63C0F731FA09A31B__layouts/App_Scripts/ Frame 11B2 23 KB
7 KB 134ms
133ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h63C0F731FA09A31B__layouts/App_Scripts/EwaDS.zoom.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

63c0f731fa09a31bf3a9e7d9c23824fd0876213c06a7ca60e63624929d182af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"bb8753ab95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF000068F6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 6127
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:47:26 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 77F7129E9FBB42C68ACA41AACB12D6C3 Ref B: AMS04EDGE2114 Ref C: 2022-07-11T09:47:26Z
x-usersessionid: 92853f34-4fa0-4b2b-a146-1ce047639c2b
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 92853f34-4fa0-4b2b-a146-1ce047639c2b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 shellstrings.json Show response
c1h-excel-15.cdn.office.net/x/s/161550637953__layouts/App_Scripts/suiteux-shell/strings/de/ Frame 11B2 15 KB
5 KB 114ms
113ms XHR
application/json 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161550637953__layouts/App_Scripts/suiteux-shell/strings/de/shellstrings.json

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h862664BB6257D84B__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

830e4427e1f26152e32038b7c0e2945a863823159eb1ed027aa5663a9df7c575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"0d945a72995d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF0000831C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 4947
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 13:25:14 GMT
x-officefd: DB5PEPF00006494
x-usersessionid: e6491b5d-1325-416f-8154-a7d82b347a82
date: Tue, 12 Jul 2022 19:04:35 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-correlationid: e6491b5d-1325-416f-8154-a7d82b347a82
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 invis.gif
p.sfx.ms/is/ 43 B
104 B 14ms
14ms Image
image/gif 13.81.118.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac2-d8541046.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.81.118.91 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 19:04:35 GMT
x-msnserver: RD0003FF1D945A
last-modified: Mon, 13 Jun 2022 19:50:52 GMT
server: Microsoft-IIS/10.0
etag: "0767e35e7fd81:0"
content-type: image/gif
cache-control: public,max-age=86400
x-odwebserver: westeurope0-odwebp
accept-ranges: bytes
content-length: 43

GET
DATA 200
OK truncated
/ Frame 11B2 2 KB
2 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df

Request headers

Referer
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H2 200 segoeui-semilight-final.woff
c1h-excel-15.cdn.office.net/x/s/hF2D0D726A5A1166E__layouts/Resources/1031/ Frame 11B2 25 KB
26 KB 42ms
42ms Font
font/x-woff 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF2D0D726A5A1166E__layouts/Resources/1031/segoeui-semilight-final.woff

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hF2D0D726A5A1166E__layouts/Resources/1031/excelframe.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-excel-15.cdn.office.net/x/s/hF2D0D726A5A1166E__layouts/Resources/1031/excelframe.css
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"32b0799ed68ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15425.35901
x-officefe: AM4PEPF00013CB3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 25997
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Sun, 03 Jul 2022 12:15:44 GMT
x-officefd: AM4PEPF0000689F
x-msedge-ref: Ref A: 0E8BA41BF15A40448A4EC561A8D7CD64 Ref B: AM3EDGE1013 Ref C: 2022-07-03T12:15:44Z
x-usersessionid: 1325e6cd-da66-4667-a9dc-f00c5d2bbece
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: 1325e6cd-da66-4667-a9dc-f00c5d2bbece
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 suiteux.shell.core.js Show response
c1h-excel-15.cdn.office.net/x/s/161550637953__layouts/App_Scripts/suiteux-shell/js/ Frame 11B2 257 KB
70 KB 11ms
7ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161550637953__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h862664BB6257D84B__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3f2d8e28b45b733672c14a22434c033edf9375e53ae7ace036d844ff8d5d9ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "126a66d2a95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF0000C9FE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 71204
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:44:31 GMT
x-officefd: DB5PEPF00006495
x-usersessionid: b48480e1-07be-4a20-8a06-03748cd73121
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b48480e1-07be-4a20-8a06-03748cd73121
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dialogControls.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h33691F05A4D4BA07__layouts/App_Scripts/ Frame 11B2 6 KB
2 KB 13ms
8ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h33691F05A4D4BA07__layouts/App_Scripts/dialogControls.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

33691f05a4d4ba078c14c8462022f15d3e8f93e7ecf9b94c1e0c3adbe312809f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"faa24638b95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF00008306
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 1240
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:22 GMT
x-officefd: DB5PEPF000082B6
x-usersessionid: 2947c886-5be9-452f-baee-25ad88746aad
date: Tue, 12 Jul 2022 19:04:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2947c886-5be9-452f-baee-25ad88746aad
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 suiteux.shell.consappdata.js Show response
c1h-excel-15.cdn.office.net/x/s/161550637953__layouts/App_Scripts/suiteux-shell/js/ Frame 11B2 7 KB
3 KB 9ms
8ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161550637953__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h862664BB6257D84B__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7754ecc83f107a1b9d1accf820762349d00bbfefa0f8ba7c4444a88b81921b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"66588eecb95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF00006918
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1932
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:52:25 GMT
x-officefd: AM4PEPF000068B7
x-msedge-ref: Ref A: 31D1530BF03B46829B7FDE669EAEAA8B Ref B: AM3EDGE0805 Ref C: 2022-07-11T09:52:25Z
x-usersessionid: f2bc9eca-8fc7-433a-84e6-2e3972760073
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f2bc9eca-8fc7-433a-84e6-2e3972760073
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 copyPasteInfra.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h9236747F85D305B0__layouts/App_Scripts/ Frame 11B2 123 KB
23 KB 8ms
8ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h9236747F85D305B0__layouts/App_Scripts/copyPasteInfra.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9236747f85d305b045a3156f11a73ef844656d385499ab89513c9d4a76e3b206

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"c73f973ab95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF000114BD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22972
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:47:26 GMT
x-officefd: AM4PEPF0000689F
x-msedge-ref: Ref A: 3B5BA94066184A9B839B594116381418 Ref B: AM3EDGE0119 Ref C: 2022-07-11T09:47:26Z
x-usersessionid: 4078ef6a-43f2-4171-8954-9252d489b4c3
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4078ef6a-43f2-4171-8954-9252d489b4c3
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clipboardPlatform.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hEE1E53882B14FCE2__layouts/App_Scripts/ Frame 11B2 190 KB
38 KB 9ms
9ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hEE1E53882B14FCE2__layouts/App_Scripts/clipboardPlatform.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ee1e53882b14fce21c514c6946091f714da917f12c51d0e8d512e044a38400a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"754acb3ab95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF000114B6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 38395
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Mon, 11 Jul 2022 09:47:27 GMT
x-officefd: AM4PEPF0000601B
x-msedge-ref: Ref A: 1E625C9FFFF541308046252697D11880 Ref B: AMS04EDGE3115 Ref C: 2022-07-11T09:47:27Z
x-usersessionid: 86c58dcd-b1ab-4c3b-8617-662c2d5b0322
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 86c58dcd-b1ab-4c3b-8617-662c2d5b0322
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002// 8 KB
8 KB 71ms
20ms Image
text/css 2.19.126.158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002//filesbucket3-5286f09d.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.19.126.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-158.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 19:04:36 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA03009820140A
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 70c58e3c-b01e-0004-25fa-870b2a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29740370
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2

200

c.gif
c.live.com/
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=4f3ceee5-12c2-44b6-8278-a56be88b47b6&reqid=0011931a4ee&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF119640%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=4f3ceee5-12c2-44b6-8278-a56be88b47b6&reqid=0011931a4ee&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF119640%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=4f3ceee5-12c2-44b6-8278-a56be88b47b6&reqid=0011931a4ee&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF119640%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
255 B

28ms
28ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=4f3ceee5-12c2-44b6-8278-a56be88b47b6&reqid=0011931a4ee&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF119640%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.excel%26PLT%3D5086%26IR%3D1%26EX%3D0%26L.h%3D2376%26L.bc%3D2508%26L.ac%3D2528%26L.f%3D2532%26L.sjs%3D4987%26L.ttg%3D4212%26C.st%3D1657652670900%26N.jsPlt%3D4091%26N.domIn%3D2534%26N.dns%3D25%26N.tcp%3D39%26N.req%3D2247%26N.resp%3D21%26N.navType%3D0%26N.redirectCount%3D0&r=0.8720377755607158&CtsSyncId=92242C34E2FB4096AD37F694EADFFFEB&MUID=1DC415C7471C6DDB36320418431C695A
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jul 2022 19:04:35 GMT
last-modified: Sat, 02 Jul 2022 00:08:47 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8a177e6a78dd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 12 Jul 2022 19:04:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6532DEBC63114737B17F5954585F91EB Ref B: FRAEDGE1418 Ref C: 2022-07-12T19:04:36Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=4f3ceee5-12c2-44b6-8278-a56be88b47b6&reqid=0011931a4ee&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0003FF119640%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.excel%26PLT%3D5086%26IR%3D1%26EX%3D0%26L.h%3D2376%26L.bc%3D2508%26L.ac%3D2528%26L.f%3D2532%26L.sjs%3D4987%26L.ttg%3D4212%26C.st%3D1657652670900%26N.jsPlt%3D4091%26N.domIn%3D2534%26N.dns%3D25%26N.tcp%3D39%26N.req%3D2247%26N.resp%3D21%26N.navType%3D0%26N.redirectCount%3D0&r=0.8720377755607158&CtsSyncId=92242C34E2FB4096AD37F694EADFFFEB&MUID=1DC415C7471C6DDB36320418431C695A
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 EwaDS.tlv.js Show response
c1h-excel-15.cdn.office.net/x/s/hB44B22AE96C277AE__layouts/App_Scripts/ Frame 11B2 338 KB
68 KB 9ms
8ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hB44B22AE96C277AE__layouts/App_Scripts/EwaDS.tlv.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b44b22ae96c277ae4e979f7124aa33d57546d235733c6347174d8ec9c970fca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"47e3f43ab95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF000068DD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 68349
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:47:27 GMT
x-officefd: AM4PEPF0000601C
x-msedge-ref: Ref A: 5F35D72CEF6F4240A0D1126B2B17DC86 Ref B: AM3EDGE0119 Ref C: 2022-07-11T09:47:27Z
x-usersessionid: 093169c4-d492-4991-b19e-fcb4a8c45d93
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 093169c4-d492-4991-b19e-fcb4a8c45d93
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
442 B 919ms
223ms XHR
application/json 13.78.111.198
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157

Requested by

Host: p.sfx.ms
URL: https://p.sfx.ms//storage/aria-2.5.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.78.111.198 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 12 Jul 2022 19:04:36 GMT
time-delta-millis: 798
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 200 hammer.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h883922A710E857E9__layouts/App_Scripts/ Frame 11B2 24 KB
6 KB 8ms
7ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h883922A710E857E9__layouts/App_Scripts/hammer.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

883922a710e857e94b35fd6748792782280a859e154e4db2e4c0b4876dfa61ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "b97e241d8c90d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15428.35901
x-officefe: AM4PEPF00006941
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5366
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 05 Jul 2022 16:27:26 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: 24B58D800D4345ACBB77E261F6EBEA6F Ref B: AMS04EDGE2709 Ref C: 2022-07-06T18:44:20Z
x-usersessionid: 5aa5cf70-f2f8-4be0-bdde-86b5c1242f2e
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5aa5cf70-f2f8-4be0-bdde-86b5c1242f2e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelOnlineCalc.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h000EAD833F9AC487__layouts/App_Scripts/ Frame 11B2 2 MB
296 KB 8ms
7ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h000EAD833F9AC487__layouts/App_Scripts/excelOnlineCalc.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

000ead833f9ac4872af098fad0ce643061903f5c390651a16d9d880e74704732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"81dac43bb95d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15502.31875
x-officefe: DB5PEPF000082FF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 302397
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:28 GMT
x-officefd: DB5PEPF00006495
x-usersessionid: 9eaa680e-edad-4134-addc-9e496729e09e
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 9eaa680e-edad-4134-addc-9e496729e09e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 makerstorage.js Show response
c1h-excel-15.cdn.office.net/x/s/hF302BF6BEE53225E__layouts/App_Scripts/ Frame 11B2 111 KB
22 KB 8ms
8ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF302BF6BEE53225E__layouts/App_Scripts/makerstorage.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f302bf6bee53225e4a705907a6e8477d3daec0cc703fedc713acab48aea042da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "b0b7bd23868cd81:0"
x-officecluster: PUS4
x-officeversion: 16.0.15425.35901
x-officefe: BL6PEPF00007397
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 21570
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Thu, 30 Jun 2022 13:34:36 GMT
x-officefd: BL6PEPF00007A8C
x-msedge-ref: Ref A: 05996D7768164435BE2390F594FEEDDF Ref B: AMS04EDGE2615 Ref C: 2022-07-04T08:42:55Z
x-usersessionid: c4d3259a-bc24-4c61-b781-ff379343cfb1
date: Tue, 12 Jul 2022 19:04:36 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: c4d3259a-bc24-4c61-b781-ff379343cfb1
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 11B2 0
255 B 116ms
115ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15506.37953&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h793E4EF4951E7E51__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wq8xSg-KvTH7pDVjrzDsDsmR3-VKlr6S1_Ad8QuNnH0hEMo9zrI1zxSh69fUKc7-Fr1p2-6mZp9abziwRkWLtUf3yQ_A6DfckZl1Ruv70Pbe-owcm_6nVqX8xDj280ZSR_yZZv_hAoseyfo7cNAzIsg
X-UserSessionId: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.37953
X-Key: yyvQBQULreOGGqqAZ+DPTRo5cQAh7vdGFKITR0/hQbE=,637932494737059200
X-bULS-SuppressionETag: CA78EF8008219FD41B3BEECBDC5469C32D39C9D9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1659467073054
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS3
x-officeversion: 16.0.15506.37953
x-officefe: BN3PEPF0000373D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: CA78EF8008219FD41B3BEECBDC5469C32D39C9D9
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: e4c48697-64c7-4022-834f-aa16f78f25a0
x-officefd: BN3PEPF0000373D
x-usersessionid: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
date: Tue, 12 Jul 2022 19:04:36 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 6FBB3905AACE4B78A8D5A212F9C0A4C4 Ref B: AMS04EDGE3118 Ref C: 2022-07-12T19:04:36Z

GET
H2 200 EwaDS.kmhv.js Show response
c1h-excel-15.cdn.office.net/x/s/hF9F2D060627D3C36__layouts/App_Scripts/ Frame 11B2 489 KB
113 KB 9ms
9ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF9F2D060627D3C36__layouts/App_Scripts/EwaDS.kmhv.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f9f2d060627d3c36fd83356efaec7b3ecc97c54c6fcf1bee2bfa5d6a407298ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f8c2a3bb95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF00006924
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 114647
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:47:27 GMT
x-officefd: AM4PEPF0000689E
x-msedge-ref: Ref A: CF4C3EF6701D4000A3922F9D35146895 Ref B: AM3EDGE0710 Ref C: 2022-07-11T09:47:27Z
x-usersessionid: 5fb96f97-25de-41dd-8b20-159f420f115b
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5fb96f97-25de-41dd-8b20-159f420f115b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.commonui.js Show response
c1h-excel-15.cdn.office.net/x/s/h80F7D6AFA261DC8B__layouts/App_Scripts/ Frame 11B2 601 B
877 B 11ms
11ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h80F7D6AFA261DC8B__layouts/App_Scripts/EwaDS.commonui.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

80f7d6afa261dc8b19f15ab752a1fd80fdcd17ba24479284022aaf293b114342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"5edb643bb95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF000068D6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 371
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:28 GMT
x-officefd: AM4PEPF00018352
x-usersessionid: b1d2081a-6a08-4b8c-be2b-a83dd2660ec2
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b1d2081a-6a08-4b8c-be2b-a83dd2660ec2
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.tp.js Show response
c1h-excel-15.cdn.office.net/x/s/hCCBEADA282B59B93__layouts/App_Scripts/ Frame 11B2 64 KB
16 KB 13ms
13ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hCCBEADA282B59B93__layouts/App_Scripts/EwaDS.tp.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ccbeada282b59b932315651836c9efd5188ebae0ec32cb8daf7af15cfa890f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"38a6803bb95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF00006929
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 15453
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 11 Jul 2022 09:47:28 GMT
x-officefd: AM4PEPF0000689F
x-usersessionid: 0b5c58b8-b493-42ec-a8f0-4e564273fd43
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0b5c58b8-b493-42ec-a8f0-4e564273fd43
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedback_floodgate.js Show response
c1h-excel-15.cdn.office.net/x/s/hB5A00B910EB0D426__layouts/App_Scripts/Feedback/latest/ Frame 11B2 553 KB
148 KB 9ms
9ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hB5A00B910EB0D426__layouts/App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5a00b910eb0d426212e34de07a1672c9037ce8ee8412bf90be211a2fd6f389d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "188b443a788cd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15425.35901
x-officefe: AM4PEPF00006938
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 150048
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 30 Jun 2022 11:55:00 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: 30AE45CC154F4F349768B3C60500CDC2 Ref B: AM3EDGE0809 Ref C: 2022-07-03T14:04:59Z
x-usersessionid: e011b3f0-6263-427a-be7f-dc5b66579d18
date: Tue, 12 Jul 2022 19:04:36 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e011b3f0-6263-427a-be7f-dc5b66579d18
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 me Show response
amcdn.msftauth.net/ Frame 11B2 29 KB
10 KB 75ms
14ms Script
application/javascript 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://amcdn.msftauth.net/me?partner=ExcelOnline&version=10.21153.1&market=DE-DE&wrapperId=suiteshell

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/161550637953__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8facb474028cb5767f1b5da5bc8c0b7f835eca682a2507a39b2d7f3f7a34a1ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0U7rNYgAAAADw86rdG318TJLoglOY8P7RRlJBMjMxMDUwNDE4MDA5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
date: Tue, 12 Jul 2022 19:04:36 GMT
x-azure-ref: 0xMXNYgAAAACx31Um2TvIRob2gxrQt/EBRlJBMjMxMDUwNDE3MDQ1ADlmZTZjM2YxLTE3MTgtNGE5My05MjU1LTYzY2QzZjhjYTVhYg==
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43200
x-ua-compatible: IE=edge
expires: Tue, 12 Jul 2022 18:26:20 GMT

GET
H2 200 suiteux.shell.plus.js Show response
c1h-excel-15.cdn.office.net/x/s/161550637953__layouts/App_Scripts/suiteux-shell/js/ Frame 11B2 273 KB
60 KB 10ms
9ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161550637953__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h862664BB6257D84B__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d7ff83751040bf0f3f784d1d8d002c6e6045cc58f12a6a37f2badf2b3a0ebcb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"23149f3cb95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF000068F0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 60580
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:47:30 GMT
x-officefd: AM4PEPF0000601B
x-msedge-ref: Ref A: 7A7C879D9C824CF591D86FC8B6A81F1A Ref B: AM3EDGE0821 Ref C: 2022-07-11T09:47:30Z
x-usersessionid: 274c2c0f-9aee-41ed-b910-bf84b9724e0c
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 274c2c0f-9aee-41ed-b910-bf84b9724e0c
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002// 8 KB
2 KB 11ms
11ms Stylesheet
text/css 2.19.126.158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002//filesbucket3-5286f09d.css
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20220310.002/wac2-d8541046.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.19.126.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-158.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 19:04:36 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 01:43:51 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA03009820140A
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 70c58e3c-b01e-0004-25fa-870b2a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29740370
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2 200 officeonlinecpuprofiling.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h1D33682DDA6E5C8D__layouts/App_Scripts/ Frame 11B2 221 KB
28 KB 9ms
9ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1D33682DDA6E5C8D__layouts/App_Scripts/officeonlinecpuprofiling.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1d33682dda6e5c8dfd434eba019c66745f582d5835087dc72ff1e086ed46f800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"1954ab3bb95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF00013CBB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 28200
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:47:28 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: 6E2B4457CCAE4F9DB2120F985F0E1667 Ref B: AM3EDGE0617 Ref C: 2022-07-11T09:47:28Z
x-usersessionid: d726f670-7e49-475a-9272-852f0ad2651e
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: d726f670-7e49-475a-9272-852f0ad2651e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uiFabricLazy.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h7DAC2FA391642554__layouts/App_Scripts/ Frame 11B2 2 KB
1 KB 12ms
12ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h7DAC2FA391642554__layouts/App_Scripts/uiFabricLazy.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h5B6749B2DB5CC1EE__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7dac2fa3916425544867520cfe8703b5b2f1e97b5a2e26078d580a6b91a38aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"a47fea3bb95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF00006901
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 793
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Mon, 11 Jul 2022 09:47:28 GMT
x-officefd: AM4PEPF0000689D
x-msedge-ref: Ref A: 7EA27ABF2B85408C8BEDF3CC83AEE7A1 Ref B: AMS04EDGE3212 Ref C: 2022-07-11T09:47:28Z
x-usersessionid: 4effb289-2ed2-4be8-a6b6-f8dd861b1c3a
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4effb289-2ed2-4be8-a6b6-f8dd861b1c3a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwrNov.css
c1h-excel-15.cdn.office.net/x/s/hD23192ACFFFDA10B__layouts/Resources/1031/ Frame 11B2 11 KB
3 KB 9ms
9ms Stylesheet
text/css 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hD23192ACFFFDA10B__layouts/Resources/1031/EwrNov.css

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d23192acfffda10b0158f898cb643f68cf6a6dca7fb8d3c65676c4927dddd711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "c07c91271592d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF0000690F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2210
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 07 Jul 2022 15:20:56 GMT
x-officefd: AM4PEPF000068B7
x-msedge-ref: Ref A: 7BCB42E42A9A4F928B033314A7C3AA16 Ref B: AM3EDGE0721 Ref C: 2022-07-08T09:27:47Z
x-usersessionid: d5d7f3ec-0bf1-49a1-9c10-fcf40eab7bac
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: d5d7f3ec-0bf1-49a1-9c10-fcf40eab7bac
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaNov.png
c1h-excel-15.cdn.office.net/x/s/hF987E2D9828EAD77__layouts/Resources/ Frame 11B2 10 KB
11 KB 10ms
10ms Image
image/png 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF987E2D9828EAD77__layouts/Resources/EwaNov.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f987e2d9828ead776cb236e3efa082920c6605fd4bc3676bc93447ef677657c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "75e68a20838cd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15425.35901
x-officefe: AM4PEPF000068EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 10090
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Thu, 30 Jun 2022 13:13:02 GMT
x-officefd: AM4PEPF000068A7
x-msedge-ref: Ref A: 544F8DBF37BF40FDBAA7A450EB6C51F6 Ref B: AMS04EDGE2016 Ref C: 2022-07-03T05:36:09Z
x-usersessionid: c2802b17-a4eb-4530-bf15-2b20898f018e
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: c2802b17-a4eb-4530-bf15-2b20898f018e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fabric-icons-a13498cf.woff
spoppe-b.azureedge.net/files/fabric-cdn-prod_20210407.001/assets/icons/ Frame 11B2 7 KB
7 KB 30ms
7ms Font
font/woff 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://spoppe-b.azureedge.net/files/fabric-cdn-prod_20210407.001/assets/icons/fabric-icons-a13498cf.woff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F7A) /
Resource Hash: 43c551ea819a83b1100f566ecf6bd70db5a019f165d221200af2df11c4448627

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 19:04:36 GMT
content-md5: FOwtMfN7sPQ/1EHRHncdUA==
age: 22966207
x-cache: HIT
content-length: 6784
x-ms-lease-status: unlocked
last-modified: Wed, 07 Apr 2021 19:14:54 GMT
server: ECAcc (frc/8F7A)
etag: 0x8D8F9F96D1DC619
content-type: font/woff
access-control-allow-origin: *
x-ms-request-id: e00344a4-301e-0012-4241-c54077000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 suiteux.shell.otellogging.js Show response
c1h-excel-15.cdn.office.net/x/s/161550637953__layouts/App_Scripts/suiteux-shell/js/ Frame 11B2 74 KB
23 KB 13ms
13ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161550637953__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h862664BB6257D84B__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bc877f37633d6d9c21e9ae669b9a2aaddb9acccc227f16f79423eb0ef78385ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"63aa853db95d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF0000691F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23057
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 09:47:31 GMT
x-officefd: AM4PEPF000068B7
x-msedge-ref: Ref A: 9DD94DA0579D412CA63A2370801AA08F Ref B: AM3EDGE0614 Ref C: 2022-07-11T09:47:31Z
x-usersessionid: 170beb9b-d0a0-473c-8985-2aacd9d73c66
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 170beb9b-d0a0-473c-8985-2aacd9d73c66
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 11B2 17 KB
17 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 036f613df24075e14c8e36a580c10c2cea1b193268b8e6bac5e397f76d36fc88

Request headers

Referer
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H/1.1

200
OK

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1657652676726
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1657652676&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252f...

0
0

202ms
112ms

Image
text/html

40.126.32.133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1657652676&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
Protocol: HTTP/1.1
Server: 40.126.32.133 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: DB1PPF920D507FC
x-qosstats: {"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-asmversion: UNKNOWN; 19.946.620.2003
date: Tue, 12 Jul 2022 19:04:36 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1657652676&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
x-throwsite: 4212.9205
x-clienterrorcode: PassportAuthFail
ms-cv: dG1cwMGU/UyWcOw2lC1PWA.0
content-length: 0
x-errorcodechain: Unauthenticated

GET
H2 200 officebrowserfeedback.css
c1h-excel-15.cdn.office.net/x/s/h814F49578802CE5B__layouts/App_Scripts/Feedback/latest/ Frame 11B2 18 KB
3 KB 9ms
8ms Stylesheet
text/css 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h814F49578802CE5B__layouts/App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hB5A00B910EB0D426__layouts/App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "b1dc89b62a92d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF000068E7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2711
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 07 Jul 2022 17:55:15 GMT
x-officefd: AM4PEPF0000689F
x-msedge-ref: Ref A: 455E6274F32D428F930EDC5DEEEF3661 Ref B: AMS04EDGE3308 Ref C: 2022-07-12T07:01:44Z
x-usersessionid: 323eb694-aa3a-44d1-be6c-c332f656690b
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 323eb694-aa3a-44d1-be6c-c332f656690b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedbackstrings.js Show response
c1h-excel-15.cdn.office.net/x/s/161550637953__layouts/App_Scripts/Feedback/latest/Intl/de/ Frame 11B2 2 KB
2 KB 8ms
7ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161550637953__layouts/App_Scripts/Feedback/latest/Intl/de/officebrowserfeedbackstrings.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hB5A00B910EB0D426__layouts/App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

519dc56ed053dbbb1df9327006ed3777c667f9c88ba36af49ae6e64fe6d4c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"466718ac2995d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15502.31875
x-officefe: AM4PEPF0000693D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1044
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 11 Jul 2022 13:25:22 GMT
x-officefd: AM4PEPF000068B7
x-msedge-ref: Ref A: 132E69B6D415426796060B9FED7BD972 Ref B: AMS04EDGE1713 Ref C: 2022-07-11T13:25:22Z
x-usersessionid: 9f04d62d-ae54-49d1-ab61-d8aa4437b962
date: Tue, 12 Jul 2022 19:04:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 9f04d62d-ae54-49d1-ab61-d8aa4437b962
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 11B2 0
553 B 341ms
340ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15506.37953&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h793E4EF4951E7E51__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wq8xSg-KvTH7pDVjrzDsDsmR3-VKlr6S1_Ad8QuNnH0hEMo9zrI1zxSh69fUKc7-Fr1p2-6mZp9abziwRkWLtUf3yQ_A6DfckZl1Ruv70Pbe-owcm_6nVqX8xDj280ZSR_yZZv_hAoseyfo7cNAzIsg
X-UserSessionId: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.37953
X-Key: yyvQBQULreOGGqqAZ+DPTRo5cQAh7vdGFKITR0/hQbE=,637932494737059200
X-bULS-SuppressionETag: CA78EF8008219FD41B3BEECBDC5469C32D39C9D9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1659467073054
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS6
x-officeversion: 16.0.15506.37953
x-officefe: BL6PEPF0000C718
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: CA78EF8008219FD41B3BEECBDC5469C32D39C9D9
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid: 80983f46-5d8a-433d-aebf-ba3824265a46
x-officefd: BL6PEPF0000C718
x-usersessionid: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
date: Tue, 12 Jul 2022 19:04:36 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: C4988AAE9EE94E7292D2C951E13DB142 Ref B: AMS04EDGE3118 Ref C: 2022-07-12T19:04:36Z

GET
H2 200 shared.aspx Show response
shared.officeapps.live.com/clipboard/ Frame D2CC 2 KB
2 KB 168ms
22ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6&corrid=ef211675-ca51-4523-808d-65e83a623f48&NoAuth=true

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hEE1E53882B14FCE2__layouts/App_Scripts/clipboardPlatform.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4278b75933427a9d4dbe168356c44fb2f8653827e13315de9246364e8929a315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 1110
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
date: Tue, 12 Jul 2022 19:04:36 GMT
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: ef211675-ca51-4523-808d-65e83a623f48
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
x-msedge-ref: Ref A: 12942C0BE97C4A888CD30153D2445557 Ref B: AMS04EDGE3118 Ref C: 2022-07-12T19:04:36Z
x-officecluster: PNL1
x-officefd: AM4PEPF00018352
x-officefe: AM4PEPF00006948
x-officeversion: 16.0.15506.37953
x-usersessionid: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 11B2 42 KB
16 KB 60ms
10ms Script
application/javascript 104.111.237.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.111.237.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-183.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 12 Jul 2022 19:04:36 GMT
X-MSNServer: RD0003FF242117
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=23271, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H2 200 campaignmetadataaggregator Show response
messaging.engagement.office.com/ Frame 11B2 107 B
450 B 73ms
72ms Fetch
text/plain 52.111.236.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://messaging.engagement.office.com/campaignmetadataaggregator?country=DE&locale=de-DE&app=2156&platform=Web&version=16.0.15506.37953&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bexcelfloodgateflight15%3Bwordfloodgateflight14%3Bexcelfloodgateflight5cf%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=excelfloodgateflight15%3Bwordfloodgateflight14%3Bexcelfloodgateflight5cf%3B&ageGroup=0&sessionUserType=2

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hB5A00B910EB0D426__layouts/App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.111.236.5 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

235935e5a4193a56a35bac70e03cefd0b90e25534209b4217147594f5d25da6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
x-correlationid: af0b8f3a-b664-48c4-65e5-c1321fe03606
x-usersessionid: 7f65d8bd-f4e3-4c45-9d4d-c836572beff9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 19:04:37 GMT
x-activitytraceid: c5de8b85c3bf3e8ea25dc46168201c97
x-correlationid: c5de8b85-c3bf-3e8e-a25d-c46168201c97
server: Microsoft-HTTPAPI/2.0
x-servicefabricrequestid: bfce1a03-b254-49f6-888c-7b1eba30ee29
strict-transport-security: max-age=31536000
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-machine: OMEXNODES000001__omexexternal-prod-neu-000_1
x-buildversion: 22.4.10707.12235

OPTIONS
H2 204 campaignmetadataaggregator
messaging.engagement.office.com/ Frame 0
0 218ms
29ms Preflight 52.111.236.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.111.236.5 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Access-Control-Request-Method: GET
Origin: https://excel.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: x-correlationid,x-usersessionid
access-control-allow-methods: GET
access-control-allow-origin: *
date: Tue, 12 Jul 2022 19:04:37 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-activitytraceid: 40b17e2e942a5dfb5a5137332e4b530b
x-buildversion: 22.4.10707.12235
x-correlationid: 40b17e2e-942a-5dfb-5a51-37332e4b530b
x-machine: OMEXNODES000004__omexexternal-prod-neu-000_4
x-servicefabricrequestid: 69d06eb9-c8af-4f23-b72a-d94f42dd861e

GET
H2 200 GetHasUntrustedImageUrls Show response
excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/ Frame 11B2 1 KB
1 KB 32ms
32ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/GetHasUntrustedImageUrls?context=%7B%22WorkbookMetadataParameter%22%3A%7B%22WorkbookMetadataState%22%3A%7B%22MetadataVersion%22%3A0%2C%22ServerEventVersion%22%3A0%7D%7D%2C%22ClientRequestId%22%3A%22354790e0-4bee-4262-8b82-ff0656801af8%22%2C%22MakeInstantaneousChange%22%3Afalse%2C%22SessionId%22%3A%2215.AM4PEPF000069121.A81.1.V25.10357o15W6dJit6IW6XpkNeW214.5.de-DE5.en-US24.b0264747cbb7e393-Private1.S1.N16.16.0.15506.3795314.5.de-DE5.en-US1.V1.N0.1.S%22%2C%22TransientEditSessionToken%22%3Anull%2C%22PermissionFlags%22%3A786363%2C%22Configurations%22%3A1573648%2C%22CompleteResponseTimeout%22%3A0%2C%22IsWindowHidden%22%3Afalse%2C%22CollaborationParameter%22%3A%7B%22CollaborationState%22%3A%7B%22CollabStateId%22%3A0%2C%22UserListVersion%22%3A0%7D%7D%2C%22ViewModeStateId%22%3A0%2C%22MachineCluster%22%3A%22PNL1%22%2C%22AjaxOptions%22%3A0%2C%22ReturnSheetProcessedData%22%3Afalse%7D&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h793E4EF4951E7E51__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a9c78fdc608f9a2ae502e72a605285d456762043b786f7cecc6770f5ffbfd6b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacNoAuth: 1
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.37953
X-Key: yyvQBQULreOGGqqAZ+DPTRo5cQAh7vdGFKITR0/hQbE=,637932494737059200
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-XL-SessionId: 15.AM4PEPF000069121.A81.1.V25.10357o15W6dJit6IW6XpkNeW214.5.de-DE5.en-US24.b0264747cbb7e393-Private1.S1.N16.16.0.15506.3795314.5.de-DE5.en-US1.V1.N0.1.S
haep: 1
X-AccessToken: 4wq8xSg-KvTH7pDVjrzDsDsmR3-VKlr6S1_Ad8QuNnH0hEMo9zrI1zxSh69fUKc7-Fr1p2-6mZp9abziwRkWLtUf3yQ_A6DfckZl1Ruv70Pbe-owcm_6nVqX8xDj280ZSR_yZZv_hAoseyfo7cNAzIsg
X-UserSessionId: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json; charset=utf-8
X-CorrelationId: 88f8dd72-788a-4426-b2b0-03a8d4bd3fdb
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
X-UserType: WOPI
X-AccessTokenTtl: 1659467073054
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officefd: AM4PEPF00018352
x-officeversion: 16.0.15506.37953
x-officefe: AM4PEPF00006912
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 912
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid: 88f8dd72-788a-4426-b2b0-03a8d4bd3fdb
x-officecluster: PNL1
x-usersessionid: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
date: Tue, 12 Jul 2022 19:04:36 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
x-msedge-ref: Ref A: 4642DA262DCD4A89A547E134DB334401 Ref B: AMS04EDGE3118 Ref C: 2022-07-12T19:04:36Z
timing-allow-origin: *

GET
H/1.1 200
OK sharedclipboard.min.js Show response
c1-shared-15.cdn.office.net/clipboard/s/161550637953_App_Scripts/ Frame D2CC 79 KB
18 KB 38ms
7ms Script
application/javascript 2a02:26f0:480:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-shared-15.cdn.office.net/clipboard/s/161550637953_App_Scripts/sharedclipboard.min.js

Requested by

Host: shared.officeapps.live.com
URL: https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6&corrid=ef211675-ca51-4523-808d-65e83a623f48&NoAuth=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bf118365f7840c7d97bde2cda41aea2a7c6edf1f712acc4ef854347e281bcb7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shared.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"2bfc69beb95d81:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.15502.31875
X-OfficeFE: AM4PEPF00006930
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 16999
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 11 Jul 2022 09:51:07 GMT
X-OFFICEFD: AM4PEPF0000601A
X-MSEdge-Ref: Ref A: 167615EEDA8343988636C5BE7F4ABB54 Ref B: AMS04EDGE3507 Ref C: 2022-07-11T09:51:07Z
X-UserSessionId: 114f6e3d-d648-4dbd-a19a-4bd132c84b5f
Date: Tue, 12 Jul 2022 19:04:37 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 114f6e3d-d648-4dbd-a19a-4bd132c84b5f
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 11B2 0
353 B 142ms
142ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15506.37953&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h793E4EF4951E7E51__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wq8xSg-KvTH7pDVjrzDsDsmR3-VKlr6S1_Ad8QuNnH0hEMo9zrI1zxSh69fUKc7-Fr1p2-6mZp9abziwRkWLtUf3yQ_A6DfckZl1Ruv70Pbe-owcm_6nVqX8xDj280ZSR_yZZv_hAoseyfo7cNAzIsg
X-UserSessionId: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15506.37953
X-Key: yyvQBQULreOGGqqAZ+DPTRo5cQAh7vdGFKITR0/hQbE=,637932494737059200
X-bULS-SuppressionETag: CA78EF8008219FD41B3BEECBDC5469C32D39C9D9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1659467073054
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.15510.35053
x-officefe: BL6PEPF0000BA53
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: CA78EF8008219FD41B3BEECBDC5469C32D39C9D9
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid: 3842fe38-9464-460c-af69-d1da3b70224e
x-officefd: BL6PEPF0000BA53
x-usersessionid: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
date: Tue, 12 Jul 2022 19:04:36 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 541B91090BD24B0A84D0273A6346967A Ref B: AMS04EDGE3118 Ref C: 2022-07-12T19:04:37Z

POST
H2 200 RemoteUls.ashx
excel.officeapps.live.com/x/ Frame D2CC 0
0 22ms
21ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://excel.officeapps.live.com/x/RemoteUls.ashx?usid=44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
Requested by: Host: c1-shared-15.cdn.office.net
URL: https://c1-shared-15.cdn.office.net/clipboard/s/161550637953_App_Scripts/sharedclipboard.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shared.officeapps.live.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 BeaconHandler.ashx
excel.officeapps.live.com/x/_layouts/ Frame 11B2 542 B
740 B 22ms
22ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/BeaconHandler.ashx?WacUserType=WOPI&usid=44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6&NoAuth=1&waccluster=PNL1&WebMethod=XlpltWithPageLoadMetrics

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1A8A4F82322C80E6__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5b40665a9c6eda7ee5b01320fae0bc3bda499e8df67c518193f944683dc70c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=de-DE&rs=en-US&hid=JaPdWvs6MkCViFm6W1gUeg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FB0264747CBB7E393%2115717&wde=xlsx&sc=host%3D%26qt%3DDefault&wdp=7
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officefd: AM4PEPF000068B6
x-officeversion: 16.0.15506.37953
x-officefe: AM4PEPF00006912
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 421
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid: a4424ee2-6adc-49a6-810d-bb27c82d4344
x-officecluster: PNL1
x-usersessionid: 44e5be1f-c6d1-4a60-9bfa-9d2bb9d7ddb6
date: Tue, 12 Jul 2022 19:04:37 GMT
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 0790E41D3C204235A303E5CA2EFB18FE Ref B: AMS04EDGE3118 Ref C: 2022-07-12T19:04:37Z
timing-allow-origin: *

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 11B2 25 B
472 B 616ms
327ms XHR
application/json 20.42.72.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,fad3bd1d8e4b4c06894bd7bac80e4f02-67df67b4-f1fd-4ecd-9d55-4d41540b1757-7724,011776870b754a649aedc9456ac07a97-6bd8247c-11d3-4599-b599-ec9ef6d401f6-6722,31d9dd3e4c7046a696537586281d7ed1-06d11dd6-a946-4281-8ac3-a7c2ab4776f5-7063&upload-time=1657652677942&time-delta-to-apply-millis=use-collector-delta&w=2

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hC72A9FCF0CB9F411__layouts/App_Scripts/otelFull.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.42.72.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

1987c2d31ba54b15c2a42531125d1546fa9622162adab5c17074d8be4a1e49e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 12 Jul 2022 19:04:38 GMT
time-delta-millis: 358
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://excel.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 25

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 11B2 0
442 B 223ms
223ms XHR
application/json 13.78.111.198
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=c6c190a1b73c4a63bba89835d546cf28-f2a0482f-a00d-48d9-822e-e89cc89eb64d-7688&client-time-epoch-millis=1657652678708&time-delta-to-apply-millis=use-collector-delta

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/161550637953__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.78.111.198 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 12 Jul 2022 19:04:38 GMT
time-delta-millis: 111
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 11B2 24 B
471 B 120ms
119ms XHR
application/json 20.42.72.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.9&apikey=b0c82c6598ad49f3848b1d3dc0d8dd25-299cbfe9-b72e-4e9d-a5e3-20319efba5b5-7268&upload-time=1657652678873&time-delta-to-apply-millis=use-collector-delta&w=2

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/161550637953__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.42.72.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

cache-control: no-cache, no-store
Referer: https://excel.officeapps.live.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/x-json-stream

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 12 Jul 2022 19:04:38 GMT
time-delta-millis: 458
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://excel.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

OPTIONS
H/1.1 200
OK /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 387ms
105ms Preflight 20.42.72.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.9&apikey=b0c82c6598ad49f3848b1d3dc0d8dd25-299cbfe9-b72e-4e9d-a5e3-20319efba5b5-7268&upload-time=1657652678873&time-delta-to-apply-millis=use-collector-delta&w=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.42.72.131 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type
Access-Control-Request-Method: POST
Origin: https://excel.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://excel.officeapps.live.com
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Tue, 12 Jul 2022 19:04:38 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 11B2 0
442 B 470ms
445ms XHR
application/json 13.78.111.198
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hB5A00B910EB0D426__layouts/App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.78.111.198 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 12 Jul 2022 19:04:38 GMT
time-delta-millis: 130
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 200 Plt.mvc
onedrive.live.com/Handlers/ 42 B
467 B 156ms
155ms Image
image/gif 13.107.43.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onedrive.live.com/Handlers/Plt.mvc?bicild=&v=0.0.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.43.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/view.aspx?resid=B0264747CBB7E393%2115717&ithint=file%2Cxlsx&authkey=%21AB26WbOgj7BiNnk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-msnserver: RD0003FF11E5EE
x-content-type-options: nosniff
x-msedge-ref: Ref A: 3FE7788AE83049CFBF212AC017443084 Ref B: VIEEDGE1912 Ref C: 2022-07-12T19:04:40Z
x-odwebserver: centralus1-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: private, max-age=31536000
date: Tue, 12 Jul 2022 19:04:40 GMT
content-encoding: gzip
expires: Wed, 12 Jul 2023 19:04:41 GMT

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
excel.officeapps.live.com/x/_layouts	1970-01-20 13:13:08	Name: PageLoadSkeletonState Value: %7B%22IsEnabled%22%3Atrue%2C%22Options%22%3A3136%7D
excel.officeapps.live.com/x/_layouts	1970-01-20 13:13:08	Name: ExcelIsPreviousSessionSimplifiedRibbonOn Value: true
.officeapps.live.com/x	1970-01-20 13:13:08	Name: timeZoneId Value: Etc%2FUnknown
.live.com/	1969-12-31 23:59:59	Name: xid Value: 4f3ceee5-12c2-44b6-8278-a56be88b47b6&&RD0003FF119640&236
.live.com/	1970-01-20 04:37:37	Name: wla42 Value:
.live.com/	1970-01-20 13:12:00	Name: mkt Value: de-DE
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 2
.live.com/	1969-12-31 23:59:59	Name: E Value: P:jao7Wzlk2og=:3Qq4gdGRXGWjQ/TIB2OyySiTbwNH9RrmmFiEieIYxwo=:F
excel.officeapps.live.com/	1970-01-20 06:40:01	Name: DcLcid Value: ui=1031&data=1033
.excel.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-Excel-ARRAffinity Value: 2bbab86e18040d15a9778d411a1575d9ea9377198ec6246791809dca121014c2
excel.officeapps.live.com/	1969-12-31 23:59:59	Name: ShCLSessionID Value: 1657652675861_0.7172943247033654
.live.com/	1969-12-31 23:59:59	Name: BP Value: l=SDX.Skydrive&FR=&ST=
onedrive.live.com/	1970-01-22 21:57:35	Name: MicrosoftApplicationsTelemetryDeviceId Value: 105b7e0a-8969-8fbd-6046-d89c122a1023
onedrive.live.com/	1970-01-22 21:57:35	Name: MicrosoftApplicationsTelemetryFirstLaunchTime Value: 1657652675996
.live.com/	1970-01-20 13:49:08	Name: MUID Value: 1DC415C7471C6DDB36320418431C695A
.bing.com/	1970-01-20 13:49:08	Name: MUID Value: 1DC415C7471C6DDB36320418431C695A
.c.bing.com/	1970-01-20 13:49:08	Name: SRM_B Value: 1DC415C7471C6DDB36320418431C695A
.c.bing.com/	1970-01-20 13:49:08	Name: SRM_L Value: 1DC415C7471C6DDB36320418431C695A
.c.live.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.live.com/	1970-01-20 04:27:33	Name: ANONCHK Value: 0
shared.officeapps.live.com/	1970-01-20 06:40:01	Name: DcLcid Value: ui=1031&data=1031
.shared.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: ec582c752781bef94915da58c373089dac2495687eafafb69e9731b31b4360e8
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 4be81dbdcc7b46fc8cbf0f0d69fe176f
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=63539&lt=1657652677&co=1
.login.live.com/	1970-01-20 13:49:08	Name: MSCC Value: 178.162.209.140-DE
.login.live.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.DdV2vPqLgY6zjTnckU4T9tBX3C7ZHxGy0iaLvERWUaY8EH2hdvfk32YJpxPaLtUfgP6SHKXuRa3T7gVCgDN5TzRyTgWBr5b88!8aHaMnWN4o8BEFR403U3aDWhTd6goe2QJN6IP2sJioDOIwyWroWE3j7FxRZeDjoZGtMxWiClI93juS6hJ4wewtTBh3txCKzLuvozK8Ocr0rJQgyEU587wFV0Bb9U3xWt5RqmyHLJFsIUCQhZnYOnf0WbbJ4A4cP6vO!sP8VGPBToZhZXXxKKlSaOGkZp8d2DHDxfjYaiNgLoX1mKcRBm!EoOMRiUBTzSgG13Qn7O1vi8mIXTQOXMkO4lcIWuoQv!9BpIQOnSTToQCteqrHWObwyVtV8PNwBSAAsigdTsCEHPqSs5CUunkv1ksYFGRX97BARRd6W5q8eU7UsTE217BgIK7IJzeW2Mqn4F4A6tzyDVgl36YkXiWsnZrk6LQOGm
.login.live.com/	1969-12-31 23:59:59	Name: MSPOK Value: $uuid-6938cfee-048c-42c7-a238-3d859920e72c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amcdn.msftauth.net
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.live.com
c1-shared-15.cdn.office.net
c1h-excel-15.cdn.office.net
excel.officeapps.live.com
fs.microsoft.com
js.live.net
login.live.com
messaging.engagement.office.com
mrodevicemgr.officeapps.live.com
onedrive.live.com
p.sfx.ms
shared.officeapps.live.com
shell.cdn.office.net
spoppe-b.azureedge.net
spoprod-a.akamaihd.net
static2.sharepointonline.com
storage.live.com
104.111.237.183
104.92.84.173
13.107.43.13
13.78.111.198
13.81.118.91
2.18.232.120
2.19.126.158
20.223.144.60
20.234.93.27
20.42.72.131
2606:2800:133:206e:1315:22a5:2006:24fd
2620:1ec:40::45
2620:1ec:a92::171
2620:1ec:c11::200
2a02:26f0:3500:588::1c24
2a02:26f0:480:290::4b36
2a02:26f0:480:294::4b36
40.126.32.133
40.90.128.21
52.111.236.5
000ead833f9ac4872af098fad0ce643061903f5c390651a16d9d880e74704732
032ccddb04e50d30e9fff2d93b057c5d044deb17f967e4284020f256de4eedd4
036f613df24075e14c8e36a580c10c2cea1b193268b8e6bac5e397f76d36fc88
0414c998ae4c450aecd5e7cab42eb0385fc5257f4b7cb80ecab3212c8b841d30
053a7e3edcecf17039ad0ede862f003daf5ce09de799712b2c943c7fedacdd92
09f6c8293dec26567f220f12acd488876fbbf40ad2c67e0f0f4766de6bda8981
0f61d4742b729983cffa51bcd484c91ddabbbcc2decda40cc18ca31cb59fcee5
0fcea79cb08bbc6eb8147d6b1fac1d8b1b9f3e434ef5e4b95b9c133e661a81ea
1522f5c0f14d035c42540d84ad4d00d92b72240e91784c15c59e12921a1f0d79
1987c2d31ba54b15c2a42531125d1546fa9622162adab5c17074d8be4a1e49e6
19880a7b40f066871ab3ad213b0be380864eb1529aba6a100951a6c895730c5b
1a8a4f82322c80e6560af529382644945c413a69c930a38776cd3e02c915391f
1d33682dda6e5c8dfd434eba019c66745f582d5835087dc72ff1e086ed46f800
1d661acb8b10c2f2a2c11a22f7e95bdf3928f4fab33262197ca6c3791b4aa755
20980a65c7b4760aa7b34cd4d40966730ca8422a919feedb8b39ddd95820fd8a
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
235935e5a4193a56a35bac70e03cefd0b90e25534209b4217147594f5d25da6f
2374065396ecf01906c8fd65a044c0d98150d595cc915bbdb492b500a69043e2
25db6fbf848db45236a76b4f2f53a35cd5e88d249ae54a8bffffe01336845eb6
2c6e3fec7b7181213be0579db97f5b97be0081abc68aeacc6a39804e83192374
2f95cddc41d79343acd4194569538eb07ae5bdd1ec90469253f41ee5db530b67
33691f05a4d4ba078c14c8462022f15d3e8f93e7ecf9b94c1e0c3adbe312809f
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
3f2d8e28b45b733672c14a22434c033edf9375e53ae7ace036d844ff8d5d9ef0
3f4a7507e4b7fcf06ad1a8782b46b948130270d4d9b2c2f91219b09f08dee07f
4278b75933427a9d4dbe168356c44fb2f8653827e13315de9246364e8929a315
42df7b44c464a201670e93455e2d9536d97d6adcae0ed4ba5d8125e83945dc89
43c551ea819a83b1100f566ecf6bd70db5a019f165d221200af2df11c4448627
46689198526f176cb3bb2881be2e8f1273be7293fea0625f2c3bfa2058c9b422
519dc56ed053dbbb1df9327006ed3777c667f9c88ba36af49ae6e64fe6d4c67e
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
59e1ecc15f7639121d99a75dce05be39a43630398ff19de0258b0f5e1cfcbdb1
5b40665a9c6eda7ee5b01320fae0bc3bda499e8df67c518193f944683dc70c79
5b6749b2db5cc1eea3737e44cbd9da4b6d2ad1e96d24e23b82cfa66ff89f5de1
5c0d989878a0df7da0c669241983e4c5504f00a2d0574ad3d616d41208ddb030
5ca29fb948c03938513174a9600686893a148f887e7e021a43a9c218245ca3c6
63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5
63c0f731fa09a31bf3a9e7d9c23824fd0876213c06a7ca60e63624929d182af0
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e0816f56cbe59001ee230b43c0d9598903419eda30139e1dd70b29bd901215b
6f7aebe64b7302a244c2d3d4638435cdacb2e40942d2d766c4a8c7a7f5ad9cc8
7754ecc83f107a1b9d1accf820762349d00bbfefa0f8ba7c4444a88b81921b04
793e4ef4951e7e51858eb21509bad1c5612ac636255129a4d9e5d5b3eebc85b8
7d35b0731cea3c50c61269dc5be985a0d91b708ea06f2969da5ca8b77c52b65b
7dac2fa3916425544867520cfe8703b5b2f1e97b5a2e26078d580a6b91a38aeb
7f17d79349b54fafcc941a7f7bc456e18f77cb0611ad0ed9da561ea474db51e5
80a1ef69845c59c705982f42b538c273ac1aa8e9061ffffb317822d8df085cca
80f7d6afa261dc8b19f15ab752a1fd80fdcd17ba24479284022aaf293b114342
814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392
830e4427e1f26152e32038b7c0e2945a863823159eb1ed027aa5663a9df7c575
85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449
862664bb6257d84ba5f0140ef45b950fbb1daf9324ac1d50d8de0ab51ba9853e
864bfa99d701f78c707fa3c31f89a895030287e1d6cea09c07a4cb31e431967b
87b6766b27518ca5d3df96d96133ad36772b56dfa550a21402c57f25b6e29ddd
883922a710e857e94b35fd6748792782280a859e154e4db2e4c0b4876dfa61ae
8c1809fe4e0eb76e610f7f6e8167a4bc854dcb7c151da33632f1916a572c83d6
8ed074e053fd982aa5a9584c9a3f28bcd46932fd5681c9ad431ce84be45485a0
8facb474028cb5767f1b5da5bc8c0b7f835eca682a2507a39b2d7f3f7a34a1ca
9236747f85d305b045a3156f11a73ef844656d385499ab89513c9d4a76e3b206
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
97a4294d94547811572db43bc62932c4a94c14a031743a8ac7cbe24e979acc7e
97c59c48a88d164fd52c3df5763ca7972a9ba7056f1881943ec69717ef521b77
97d312140f3b9b55c3b258657efa8f4e2ea4766c941edeb20cfe25cbc3850135
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a9c78fdc608f9a2ae502e72a605285d456762043b786f7cecc6770f5ffbfd6b1
afd6e7bdc576fffb7796f8f1eb498bd0c1d42711628ec9d3f54072db8aa413ac
b030423759d3257bf81fd7817114e8820b37c046e24d61b4aa1def6194d41b0b
b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df
b323d86681653d7e2e92716f79f18a324b1337dd9ad3d456644ca9fb7493ffa3
b44b22ae96c277ae4e979f7124aa33d57546d235733c6347174d8ec9c970fca3
b5a00b910eb0d426212e34de07a1672c9037ce8ee8412bf90be211a2fd6f389d
b7b748d677327d686d437bda65982bc43c1a94f94756701957c8f184e5c5d01a
bc877f37633d6d9c21e9ae669b9a2aaddb9acccc227f16f79423eb0ef78385ff
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
bde99fda56c44bacb839b16e77a11ae875e6f1509f1885d4856c4c35ab1836bf
be3e834dcae0a9ce13ad3021a5a20b75e7397aa6ecc8534fc4eb63c1f781e935
bf118365f7840c7d97bde2cda41aea2a7c6edf1f712acc4ef854347e281bcb7d
c4a7a5f37f3159bee6b6f6ebf3515ab3bab2cc09325a6fcd92d700bc51323cf1
c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74
c84f73db3042bc26182035de8cf8ef86ac629b5cf84235a6305c934a6c0583f9
c949982df7b0a15866feaa71641d1dd64f0bd6415013cbff9a5bf2a61d65b33c
cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c
ccbeada282b59b932315651836c9efd5188ebae0ec32cb8daf7af15cfa890f79
cd1f2016e8d063bf735fc186f8aadd964771bc4f8ee79bdfb193b2a5409d37ca
d23192acfffda10b0158f898cb643f68cf6a6dca7fb8d3c65676c4927dddd711
d41c9633c681a676dfbe164906ed4f47026a85a31062ec56bf9b3eb2dc01c12a
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
d771e3e99b5584d4624238e3c558493f5fa894fb0f4314eaa26e55e2b01b4081
d7e322ebc2a30db3ba976e22f655cde2606ed8b1b08a3eadbfef09a757611a5d
d7ff83751040bf0f3f784d1d8d002c6e6045cc58f12a6a37f2badf2b3a0ebcb0
ddacff985568d4587ff00bcd1e6ec886c89eb143994d862a67338c356e3c42d6
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c
e38e9d3ac766eaffa7f98d417558b6ddf7d2f35ef57f61802d563080405cc074
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6
e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5
e9008cbf0369584404fbc8f9f360a395d776cf9edf3f520fc3d24a1a21a8e53f
eb0ab622969875cccbaa658809cc6df6bfd73846f9c6c5e80774936cbc52845c
ee1e53882b14fce21c514c6946091f714da917f12c51d0e8d512e044a38400a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d0d726a5a1166eefcfb9c85ec2df5a7049f57c1fccd8f78bd274565da6cd7e
f302bf6bee53225e4a705907a6e8477d3daec0cc703fedc713acab48aea042da
f987e2d9828ead776cb236e3efa082920c6605fd4bc3676bc93447ef677657c2
f9f2d060627d3c36fd83356efaec7b3ecc97c54c6fcf1bee2bfa5d6a407298ca
fe21394a9ec524ee555a774cca14affd1f35e275bab63ec688e6ccfe70215323
ffaf6a1537d6f67a3911f72b90b0c9140a5bc5d48b634f1ca1650502bedae197
ffe579a37a263d4bea4914242a045fd253b0ebec19c581d0773799899759b285

onedrive.live.com Open in urlscan Pro 13.107.43.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

124 Requests

98 %HTTPS

35 %IPv6

11 Domains

21 Subdomains

19 IPs

5 Countries

6432 kBTransfer

26878 kBSize

27 Cookies

1 Outgoing links

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

onedrive.live.com Open in urlscan Pro
13.107.43.13 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

98 %
HTTPS

35 %
IPv6

11
Domains

21
Subdomains

19
IPs

5
Countries

6432 kB
Transfer

26878 kB
Size

27
Cookies

124 HTTP transactions
4 data transactions