onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/embed?cid=D5C7B6C331929CC8&resid=D5C7B6C331929CC8%21123&authkey=AGTOD9_do-XnK-s&em=2
Submission Tags: falconsandbox
Submission: On March 07 via api (March 7th 2022, 6:20:13 am UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 49 HTTP transactions. The main IP is 13.107.42.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com. The Cisco Umbrella rank of the primary domain is 2374.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on February 1st 2022. Valid for: a year.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2.16.186.40 2.16.186.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
18	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.111.237.183 104.111.237.183	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.109.88.96 52.109.88.96	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.189.173.3 20.189.173.3	() ()
49	9

1 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.186.40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:26f0:6c00:2ae::1c24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1h-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.237.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-183.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.109.88.96 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

messaging.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.189.173.3 (None, )

ASN- ()

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	office.net c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 7208	973 KB
17	live.com 1 redirects onedrive.live.com — Cisco Umbrella Rank: 2374 word-view.officeapps.live.com — Cisco Umbrella Rank: 7400 c.live.com — Cisco Umbrella Rank: 8561	250 KB
7	akamaihd.net spoprod-a.akamaihd.net — Cisco Umbrella Rank: 2155	302 KB
2	office.com messaging.office.com — Cisco Umbrella Rank: 610 Failed
1	microsoft.com browser.events.data.microsoft.com	333 B
1	live.net js.live.net — Cisco Umbrella Rank: 4016	16 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 193	1 KB
49	7

	Domain	Requested by
18	c1h-word-view-15.cdn.office.net	word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
14	word-view.officeapps.live.com	onedrive.live.com word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
7	spoprod-a.akamaihd.net	onedrive.live.com
2	messaging.office.com	c1h-word-view-15.cdn.office.net
2	c.live.com	1 redirects
1	browser.events.data.microsoft.com	c1h-word-view-15.cdn.office.net
1	js.live.net	c1h-word-view-15.cdn.office.net
1	c.bing.com	1 redirects
1	onedrive.live.com
49	9

This site contains no links.

Subject Issuer	Validity	Valid
onedrive.com Microsoft RSA TLS CA 02	`2022-02-01` - `2023-02-01`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2021-09-29` - `2022-09-29`	a year	crt.sh
messaging.office.com Microsoft RSA TLS CA 01	`2021-06-15` - `2022-06-15`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 06	`2022-03-02` - `2023-02-25`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://onedrive.live.com/embed?cid=D5C7B6C331929CC8&resid=D5C7B6C331929CC8%21123&authkey=AGTOD9_do-XnK-s&em=2
Frame ID: 8D349585ED4A8344C2B5512603243CFF
Requests: 9 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem
Frame ID: 0AD87694E64BA551066DDB91A532FCCB
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

90 %
HTTPS

33 %
IPv6

7
Domains

9
Subdomains

9
IPs

4
Countries

1540 kB
Transfer

6711 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://c.live.com/c.gif?DI=15347&wlxid=d6735fc3-f2d3-465e-9c7f-3eaeec4951c6&reqid=001c104a821&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72141%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4457%26IR%3D1%26EX%3D0%26L.h%3D3897%26L.sjs%3D4005%26L.ttg%3D3897%26C.st%3D1646634004935%26N.domIn%3D3914%26N.dns%3D174%26N.tcp%3D18%26N.req%3D3623%26N.resp%3D3%26N.navType%3D0%26N.redirectCount%3D0&r=0.8995281407048599 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=d6735fc3-f2d3-465e-9c7f-3eaeec4951c6&reqid=001c104a821&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72141%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4457%26IR%3D1%26EX%3D0%26L.h%3D3897%26L.sjs%3D4005%26L.ttg%3D3897%26C.st%3D1646634004935%26N.domIn%3D3914%26N.dns%3D174%26N.tcp%3D18%26N.req%3D3623%26N.resp%3D3%26N.navType%3D0%26N.redirectCount%3D0&r=0.8995281407048599&CtsSyncId=010CDF18A36848FAA99F1B7CDFF35A23&RedC=c.live.com&MXFR=25299456B0E96D1A37E38536B4E969B7 HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=d6735fc3-f2d3-465e-9c7f-3eaeec4951c6&reqid=001c104a821&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72141%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4457%26IR%3D1%26EX%3D0%26L.h%3D3897%26L.sjs%3D4005%26L.ttg%3D3897%26C.st%3D1646634004935%26N.domIn%3D3914%26N.dns%3D174%26N.tcp%3D18%26N.req%3D3623%26N.resp%3D3%26N.navType%3D0%26N.redirectCount%3D0&r=0.8995281407048599&CtsSyncId=010CDF18A36848FAA99F1B7CDFF35A23&MUID=25299456B0E96D1A37E38536B4E969B7

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request embed Show response
onedrive.live.com/ 61 KB
21 KB 3813ms
3620ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=D5C7B6C331929CC8&resid=D5C7B6C331929CC8%21123&authkey=AGTOD9_do-XnK-s&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2c679449d900162cac8fcc2e7ae65e0bea46f4691c99804769660d505ec93227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD0004FFA72141
x-odwebserver: canadaeast0-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E07E08CF563D43D88DEA0557362A76D1 Ref B: FRAEDGE1407 Ref C: 2022-03-07T06:20:05Z
date: Mon, 07 Mar 2022 06:20:08 GMT

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 85 KB
16 KB 49ms
8ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=D5C7B6C331929CC8&resid=D5C7B6C331929CC8%21123&authkey=AGTOD9_do-XnK-s&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Mar 2022 06:20:08 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6d2753fc-501e-00e6-0ad5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=25337781
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// 169 KB
30 KB 50ms
9ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=D5C7B6C331929CC8&resid=D5C7B6C331929CC8%21123&authkey=AGTOD9_do-XnK-s&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Mar 2022 06:20:08 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 45647edb-101e-00c8-61d5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=21577962
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame 0AD8 120 KB
122 KB 147ms
61ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=D5C7B6C331929CC8&resid=D5C7B6C331929CC8%21123&authkey=AGTOD9_do-XnK-s&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

96cfac85453aca73bc6710def5c414cae47fca69e31f1fae7bdb6ffa670f0a94

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net messaging.growth.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 93abf364-a345-46a9-811b-4bf6a2c35f10
x-usersessionid: 93abf364-a345-46a9-811b-4bf6a2c35f10
strict-transport-security: max-age=31536000
timing-allow-origin: *
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
x-officefe: DB5PEPF0000CE8C
x-officeversion: 16.0.15028.41011
x-officecluster: PIE1
x-content-type-options: nosniff
content-security-policy: font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net messaging.growth.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
document-policy: js-profiling
x-officefd: DB5PEPF0000CE8C
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: DB6BAB3D461F41EF8383A933B1BCD22E Ref B: AM3EDGE0619 Ref C: 2022-03-07T06:20:08Z
date: Mon, 07 Mar 2022 06:20:08 GMT

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 92 KB
33 KB 21ms
7ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=D5C7B6C331929CC8&resid=D5C7B6C331929CC8%21123&authkey=AGTOD9_do-XnK-s&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Mar 2022 06:20:08 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 456481ad-101e-00c8-56d5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=4456376
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 483 KB
133 KB 22ms
9ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=D5C7B6C331929CC8&resid=D5C7B6C331929CC8%21123&authkey=AGTOD9_do-XnK-s&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Mar 2022 06:20:08 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4acc2b98-201e-0043-0a8f-3e373b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=4558877
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 47 KB
14 KB 7ms
7ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=D5C7B6C331929CC8&resid=D5C7B6C331929CC8%21123&authkey=AGTOD9_do-XnK-s&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Mar 2022 06:20:08 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ea603572-001e-0054-47e3-d5f758000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21197559
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 203 KB
68 KB 9ms
8ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=D5C7B6C331929CC8&resid=D5C7B6C331929CC8%21123&authkey=AGTOD9_do-XnK-s&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Mar 2022 06:20:08 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d2756be-501e-00e6-6fd5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=23480587
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ 15 KB
6 KB 13ms
13ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=D5C7B6C331929CC8&resid=D5C7B6C331929CC8%21123&authkey=AGTOD9_do-XnK-s&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Mar 2022 06:20:08 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dda5c441-801e-0105-09a7-37aff8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=3823137
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/hE8CAFCCE4BBCD48E_resources/1031/ Frame 0AD8 277 KB
34 KB 42ms
9ms Stylesheet
text/css 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hE8CAFCCE4BBCD48E_resources/1031/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e8cafcce4bbcd48e6fe124f647fc5a66ab01c46e991261cb2386f09f1920aca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "2d726894c2fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15028.41011
x-officefe: DB5PEPF0000CE8D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 34130
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 03 Mar 2022 22:17:57 GMT
x-officefd: DB5PEPF0000CE8D
x-msedge-ref: Ref A: CEBE69109B4E4DBA83593C637450BBFA Ref B: AM3EDGE0719 Ref C: 2022-03-05T12:13:03Z
x-usersessionid: 061b50d4-6b2f-4252-9d32-487691ef69a0
date: Mon, 07 Mar 2022 06:20:09 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 061b50d4-6b2f-4252-9d32-487691ef69a0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/ Frame 0AD8 106 KB
31 KB 56ms
24ms Script
application/javascript 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d8326bb4760631a8487732482af651a31c4d630a4a86a5c34e1bb44cce542e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "7e149720ed29d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15018.41016
x-officefe: AM4PEPF00012378
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 31042
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 25 Feb 2022 02:12:23 GMT
x-officefd: AM4PEPF00012378
x-msedge-ref: Ref A: 39F1F0969799444E9AF782C6916CF51A Ref B: AMS04EDGE2111 Ref C: 2022-02-25T12:16:13Z
x-usersessionid: cccca544-8c5b-448f-abf6-54a9a9e7d45a
date: Mon, 07 Mar 2022 06:20:09 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: cccca544-8c5b-448f-abf6-54a9a9e7d45a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h40A6CF021A1D9ADF_App_Scripts/1031/ Frame 0AD8 144 KB
31 KB 56ms
25ms Script
application/javascript 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h40A6CF021A1D9ADF_App_Scripts/1031/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b6a2dad9ce99d887707f27c547081c333b8f7cf7060be8fbd022432e24190c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"8a9545fbd72cd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15018.41016
x-officefe: DB5PEPF000083DB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 30883
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Feb 2022 19:18:35 GMT
x-officefd: DB5PEPF000083DB
x-msedge-ref: Ref A: D3B73503AB644941841B015DBBEC8226 Ref B: AM3EDGE0610 Ref C: 2022-02-28T19:18:35Z
x-usersessionid: 7e62e4ae-97ca-443c-839e-f46c2e06b549
date: Mon, 07 Mar 2022 06:20:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 7e62e4ae-97ca-443c-839e-f46c2e06b549
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame 0AD8 6 KB
2 KB 56ms
26ms Script
application/javascript 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "22555e43bd2dd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15025.41017
x-officefe: DB5PEPF0000C632
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1373
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 01 Mar 2022 22:39:50 GMT
x-officefd: DB5PEPF0000C632
x-msedge-ref: Ref A: 3D9B748D32FE4E54A5EE5F5A3E6D4DEF Ref B: AMS04EDGE1519 Ref C: 2022-03-03T04:22:04Z
x-usersessionid: b7842eae-2e06-41d8-ae8e-02437dce6c5f
date: Mon, 07 Mar 2022 06:20:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b7842eae-2e06-41d8-ae8e-02437dce6c5f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/ Frame 0AD8 21 KB
5 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "46f6c3e7592fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15028.41011
x-officefe: AM4PEPF00012940
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4307
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 03 Mar 2022 23:53:39 GMT
x-officefd: AM4PEPF00012940
x-msedge-ref: Ref A: BD06EDF2B08F4E859F5C5CCDF0AC81E1 Ref B: AMS04EDGE1719 Ref C: 2022-03-04T16:55:29Z
x-usersessionid: 64c16176-df44-4f77-90e0-41507050e5f6
date: Mon, 07 Mar 2022 06:20:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 64c16176-df44-4f77-90e0-41507050e5f6
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hD67C01063EB69E25_App_Scripts/1031/ Frame 0AD8 447 KB
72 KB 43ms
10ms Script
application/javascript 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hD67C01063EB69E25_App_Scripts/1031/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d67c01063eb69e25e0ec6b2d55f2812f3c6ae779611eb1c566b0c424cc1c9c1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"cbd23d16712ed81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15025.41017
x-officefe: DB5PEPF0000D039
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 72656
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 02 Mar 2022 20:07:04 GMT
x-officefd: DB5PEPF0000D039
x-msedge-ref: Ref A: 350A6A59E8254F28A6845863287F2AF5 Ref B: AMS04EDGE2111 Ref C: 2022-03-02T20:07:04Z
x-usersessionid: 9e4617ee-5cb1-401b-b01c-3a72dd68e967
date: Mon, 07 Mar 2022 06:20:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 9e4617ee-5cb1-401b-b01c-3a72dd68e967
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h3C0177E4ABFDAAA9_App_Scripts/exp/ Frame 0AD8 11 KB
4 KB 55ms
23ms Script
application/javascript 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h3C0177E4ABFDAAA9_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3c0177e4abfdaaa9e2c199b40fd5e4e503372ad3c25456a89c555956fdbd9751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"748c4eff6f2ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15025.41017
x-officefe: AM4PEPF00006A1F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3247
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 02 Mar 2022 19:59:16 GMT
x-officefd: AM4PEPF00006A1F
x-msedge-ref: Ref A: 17B7FC279BA645A7B4EFB2E7B0A926B0 Ref B: AMS04EDGE3417 Ref C: 2022-03-02T19:59:16Z
x-usersessionid: 022c2c3a-5535-4cd4-81b0-712cc3934ea4
date: Mon, 07 Mar 2022 06:20:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 022c2c3a-5535-4cd4-81b0-712cc3934ea4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h265F32046BF538E9_App_Scripts/ Frame 0AD8 3 MB
455 KB 11ms
11ms Script
application/javascript 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h265F32046BF538E9_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

265f32046bf538e930885923ed6a71c8f2489de1af8b0bc2e75b544933b03358

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"42bc2a76f2ed81:0"
x-officecluster: US1C
x-officeversion: 16.0.15025.41017
x-officefe: DM3PEPF00013941
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 464190
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 02 Mar 2022 19:56:48 GMT
x-officefd: DM3PEPF00008A23
x-msedge-ref: Ref A: A3E2EDFA365B4A799FAA8A53EB3C817C Ref B: AMS04EDGE1115 Ref C: 2022-03-02T19:56:47Z
x-usersessionid: efbda8d5-7775-4d62-bd27-16624c8d1e24
date: Mon, 07 Mar 2022 06:20:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: efbda8d5-7775-4d62-bd27-16624c8d1e24
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0AD8 0
452 B 97ms
96ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15028.41011&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 93abf364-a345-46a9-811b-4bf6a2c35f10
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BB0B
x-officeversion: 16.0.15028.41011
x-officefe: BL6PEPF0000BB0B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 1f78b74c-68b3-46c1-a98f-50574fd59121
x-officecluster: PGTUS4
x-usersessionid: 93abf364-a345-46a9-811b-4bf6a2c35f10
date: Mon, 07 Mar 2022 06:20:08 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: A0F341E2618E432593C0966185DDBF48 Ref B: AM3EDGE0619 Ref C: 2022-03-07T06:20:09Z

GET
H2 404 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 0AD8 1 KB
1 KB 170ms
170ms Image
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&access_token=4wQpgn4RndklkrcPkuv2S1buV%5FXF2ubOLv2g0CvJVliTY4bJycxTBWd0viwOQMWs7SgFcJ3V8%5Fb3yNWdgbLpF0ju7FXyYl5nAhkF7gHcDo3fnI2UW0U2DE%2DK7C1asl86uwRd4mNEnY80idbDH6Buurfw&access_token_ttl=1648448408650&z=aRDVDN0I2QzMzMTkyOUNDOCExMjMuNQ&v=00000000-0000-0000-0000-000000000802&usid=93abf364-a345-46a9-811b-4bf6a2c35f10&splashscreen=1&build=16.0.15028.41011&PdfMode=1&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF00008420
x-officeversion: 16.0.15028.41011
x-officefe: DB5PEPF00008420
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1245
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7bb22069-b8b2-40d5-83ef-5f2f0c5adb27
x-officefd: DB5PEPF00008420
x-usersessionid: 93abf364-a345-46a9-811b-4bf6a2c35f10
date: Mon, 07 Mar 2022 06:20:08 GMT
x-download-options: noopen
content-type: text/html
cache-control: no-cache
x-msedge-ref: Ref A: 4082818BEF5E4EC0937E2C00F2AF1AF6 Ref B: AM3EDGE0619 Ref C: 2022-03-07T06:20:09Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0AD8 0
284 B 102ms
102ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15028.41011&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 93abf364-a345-46a9-811b-4bf6a2c35f10
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":55,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/hE8CAFCCE4BBCD48E_resources/1031/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BAEE
x-officeversion: 16.0.15028.41011
x-officefe: BL6PEPF0000BAEE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 066cc515-6099-403b-9e19-28a2da71023d
x-officecluster: PGTUS4
x-usersessionid: 93abf364-a345-46a9-811b-4bf6a2c35f10
date: Mon, 07 Mar 2022 06:20:08 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: A522FE99577F46AA92BD28E65A21C173 Ref B: AM3EDGE0619 Ref C: 2022-03-07T06:20:09Z

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/hE8CAFCCE4BBCD48E_resources/1031/ Frame 0AD8 22 KB
23 KB 8ms
8ms Font
font/x-woff 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hE8CAFCCE4BBCD48E_resources/1031/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hE8CAFCCE4BBCD48E_resources/1031/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/hE8CAFCCE4BBCD48E_resources/1031/WordViewer.css
Origin: https://word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"e3f8152ff32bd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15018.41016
x-officefe: AM4PEPF000131F8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 27 Feb 2022 16:00:47 GMT
x-officefd: AM4PEPF000131F8
x-msedge-ref: Ref A: D2FB3478C2A848DAA5018FF2B4DE607A Ref B: AMS04EDGE1106 Ref C: 2022-02-27T16:00:47Z
x-usersessionid: c4e3c408-0885-40dc-b2fc-12f9cd29a69f
date: Mon, 07 Mar 2022 06:20:09 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: c4e3c408-0885-40dc-b2fc-12f9cd29a69f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0AD8 356 B
835 B 2785ms
2784ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&access_token=4wQpgn4RndklkrcPkuv2S1buV%5FXF2ubOLv2g0CvJVliTY4bJycxTBWd0viwOQMWs7SgFcJ3V8%5Fb3yNWdgbLpF0ju7FXyYl5nAhkF7gHcDo3fnI2UW0U2DE%2DK7C1asl86uwRd4mNEnY80idbDH6Buurfw&access_token_ttl=1648448408650&z=aRDVDN0I2QzMzMTkyOUNDOCExMjMuNQ&type=png&o15=1&ui=de-DE&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

9367f931f8480183d49682c3597d1fba62c9170ecc4151862d0aa7884660a0bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF0000CE8C
X-UserSessionId: 93abf364-a345-46a9-811b-4bf6a2c35f10
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15028.41011
X-Key: dLUL68Ew4rDAPvg6/jcIEg/BAxHvQ78MRrqoDvS3KU8=,637822308089583852
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF0000CE8C
x-officeversion: 16.0.15028.41011
x-officefe: DB5PEPF0000CE8C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 350
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 307865e0-83ad-4c60-8bdf-c9c36f684596, 46fa5314-05ce-4c0b-85a3-5737972bbb4d
x-officefd: DB5PEPF0000CE8E
x-usersessionid: 93abf364-a345-46a9-811b-4bf6a2c35f10, 93abf364-a345-46a9-811b-4bf6a2c35f10
x-powered-by: ARR/3.0
date: Mon, 07 Mar 2022 06:20:11 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 4163EB66861D43439A45148832E953EE Ref B: AM3EDGE0619 Ref C: 2022-03-07T06:20:09Z
timing-allow-origin: *, *
expires: Tue, 07 Mar 2023 06:20:12 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161502841011_App_Scripts/ Frame 0AD8 40 KB
7 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161502841011_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h265F32046BF538E9_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"93753a76f2ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15025.41017
x-officefe: AM4PEPF00010316
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5997
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 02 Mar 2022 19:56:49 GMT
x-officefd: AM4PEPF00010316
x-msedge-ref: Ref A: 302AD7B0708D4ADCB982BBBE0E99A9C9 Ref B: AM3EDGE0916 Ref C: 2022-03-02T19:56:49Z
x-usersessionid: 08b6708a-f964-4482-9644-950b9b6d9726
date: Mon, 07 Mar 2022 06:20:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 08b6708a-f964-4482-9644-950b9b6d9726
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wapsw.png
c1h-word-view-15.cdn.office.net/wv/s/161502841011_resources/1031/ Frame 0AD8 6 KB
6 KB 7ms
7ms Image
image/png 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161502841011_resources/1031/wapsw.png?b=1601502841011

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "e04e404aa12ed81:0"
x-officecluster: US1C
x-officeversion: 16.0.15028.41011
x-officefe: DM3PEPF00013966
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5884
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_onenoteslice,afd_visioslice,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 03 Mar 2022 01:52:07 GMT
x-officefd: DM3PEPF00008A23
x-msedge-ref: Ref A: 30D87F1CB0E141069A064197BD272905 Ref B: AM3EDGE0806 Ref C: 2022-03-03T01:58:58Z
x-usersessionid: af2b02b2-1bbe-42bc-909d-36429f26a2d0
date: Mon, 07 Mar 2022 06:20:09 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: af2b02b2-1bbe-42bc-909d-36429f26a2d0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161502841011_resources/1031/ Frame 0AD8 34 KB
35 KB 8ms
8ms Image
image/png 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161502841011_resources/1031/wv.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"dcddd916712ed81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15025.41017
x-officefe: DB5PEPF000083EB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 02 Mar 2022 20:07:05 GMT
x-officefd: DB5PEPF000083EB
x-msedge-ref: Ref A: 0A36C3A8A2154640926CC03053D4FAFC Ref B: AMS04EDGE3514 Ref C: 2022-03-02T20:07:05Z
x-usersessionid: 1705658d-63b9-4b0f-8144-32b226aa15a0
date: Mon, 07 Mar 2022 06:20:09 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 1705658d-63b9-4b0f-8144-32b226aa15a0
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0AD8 0
244 B 131ms
128ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15028.41011&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 93abf364-a345-46a9-811b-4bf6a2c35f10
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":214,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: SN3PEPF0000C108
x-officeversion: 16.0.15028.41011
x-officefe: SN3PEPF0000C108
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: c30218c0-c458-42b5-81cc-fe34e754725a
x-officecluster: PGTUS5
x-usersessionid: 93abf364-a345-46a9-811b-4bf6a2c35f10
date: Mon, 07 Mar 2022 06:20:08 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 9208ED967EF04B9284D8951C3B14D052 Ref B: AM3EDGE0619 Ref C: 2022-03-07T06:20:09Z

GET
BLOB 200
OK e0372f06-796a-4dbd-9216-db347887dd65
https://word-view.officeapps.live.com/ Frame 0AD8 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/e0372f06-796a-4dbd-9216-db347887dd65
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6581c42a8df061bde74f89c567379ffd74cd8a9447192f7d2c2bb366a476293a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

GET
H2

200

c.gif
c.live.com/
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=d6735fc3-f2d3-465e-9c7f-3eaeec4951c6&reqid=001c104a821&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72141%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=d6735fc3-f2d3-465e-9c7f-3eaeec4951c6&reqid=001c104a821&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72141%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=d6735fc3-f2d3-465e-9c7f-3eaeec4951c6&reqid=001c104a821&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72141%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
255 B

28ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=d6735fc3-f2d3-465e-9c7f-3eaeec4951c6&reqid=001c104a821&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72141%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4457%26IR%3D1%26EX%3D0%26L.h%3D3897%26L.sjs%3D4005%26L.ttg%3D3897%26C.st%3D1646634004935%26N.domIn%3D3914%26N.dns%3D174%26N.tcp%3D18%26N.req%3D3623%26N.resp%3D3%26N.navType%3D0%26N.redirectCount%3D0&r=0.8995281407048599&CtsSyncId=010CDF18A36848FAA99F1B7CDFF35A23&MUID=25299456B0E96D1A37E38536B4E969B7
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 06:20:09 GMT
last-modified: Mon, 28 Feb 2022 22:29:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7c5ed6a6f22cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 06:20:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9155F8631EA64E2D887EE59279F99D2E Ref B: FRAEDGE1311 Ref C: 2022-03-07T06:20:09Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=d6735fc3-f2d3-465e-9c7f-3eaeec4951c6&reqid=001c104a821&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72141%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4457%26IR%3D1%26EX%3D0%26L.h%3D3897%26L.sjs%3D4005%26L.ttg%3D3897%26C.st%3D1646634004935%26N.domIn%3D3914%26N.dns%3D174%26N.tcp%3D18%26N.req%3D3623%26N.resp%3D3%26N.navType%3D0%26N.redirectCount%3D0&r=0.8995281407048599&CtsSyncId=010CDF18A36848FAA99F1B7CDFF35A23&MUID=25299456B0E96D1A37E38536B4E969B7
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 0AD8 49 KB
50 KB 2305ms
2304ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

095b53973f0e504d29c5d6da0f83db0b1ceda41a04e069ee9564a2994d0c34dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF00008420
x-officeversion: 16.0.15028.41011
x-officefe: DB5PEPF00008420
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 50532
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&access_token=4wQpgn4RndklkrcPkuv2S1buV%5FXF2ubOLv2g0CvJVliTY4bJycxTBWd0viwOQMWs7SgFcJ3V8%5Fb3yNWdgbLpF0ju7FXyYl5nAhkF7gHcDo3fnI2UW0U2DE%2DK7C1asl86uwRd4mNEnY80idbDH6Buurfw&access_token_ttl=1648448408650&z=aRDVDN0I2QzMzMTkyOUNDOCExMjMuNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: cb81f179-976e-4731-88e7-4bb8e3bf3326
x-officefd: DB5PEPF00008420
x-usersessionid: 93abf364-a345-46a9-811b-4bf6a2c35f10
date: Mon, 07 Mar 2022 06:20:11 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: B0E06C0D191D449CA819759CC4742D51 Ref B: AM3EDGE0619 Ref C: 2022-03-07T06:20:09Z
timing-allow-origin: *
expires: Tue, 07 Mar 2023 06:20:12 GMT

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0AD8 0
440 B 102ms
101ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15028.41011&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 93abf364-a345-46a9-811b-4bf6a2c35f10
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":3038,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000E944
x-officeversion: 16.0.15028.41011
x-officefe: BL6PEPF0000E944
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 33256eb1-b5fb-43de-900b-1e1b3e800f35
x-officecluster: PGTUS6
x-usersessionid: 93abf364-a345-46a9-811b-4bf6a2c35f10
date: Mon, 07 Mar 2022 06:20:11 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: B5C1CC155FCB4AAD98585FF26EEF90A9 Ref B: AM3EDGE0619 Ref C: 2022-03-07T06:20:12Z

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h265F32046BF538E9_App_Scripts/ Frame 0AD8 827 KB
136 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h265F32046BF538E9_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h265F32046BF538E9_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e390d9eacf6215a24b85babc6b80bcbbc0b1a9c604637a2f821bd0bbab674d91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"58638ba76f2ed81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15025.41017
x-officefe: DB5PEPF0000C637
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 138409
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Wed, 02 Mar 2022 19:56:49 GMT
x-officefd: DB5PEPF0000C637
x-msedge-ref: Ref A: 249BD79B642F47AEBFACE4E1ED7D50FD Ref B: AM3EDGE0321 Ref C: 2022-03-02T19:56:49Z
x-usersessionid: e6a6b466-47e3-4f1a-b9cd-6a572cc286ac
date: Mon, 07 Mar 2022 06:20:12 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e6a6b466-47e3-4f1a-b9cd-6a572cc286ac
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedback_floodgate.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161502841011_App_Scripts/Feedback/latest/ Frame 0AD8 506 KB
97 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161502841011_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h265F32046BF538E9_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1cf7dec0e81ff1b5ff6f8c126725f2b1f6465f457acc87953e64b8be78c2f187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"8888ea76f2ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15025.41017
x-officefe: AM4PEPF00012375
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 98721
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 02 Mar 2022 19:56:49 GMT
x-officefd: AM4PEPF00012375
x-msedge-ref: Ref A: 1EC4E3651F634E47A4BD2EB33DCA17D9 Ref B: AM3EDGE0611 Ref C: 2022-03-02T19:56:49Z
x-usersessionid: caa2dd52-28d3-42d9-8a32-26dd6ce3904e
date: Mon, 07 Mar 2022 06:20:12 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: caa2dd52-28d3-42d9-8a32-26dd6ce3904e
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0AD8 0
264 B 105ms
104ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15028.41011&waccluster=PIE1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DB5PEPF0000CE8C
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15028.41011
X-Key: dLUL68Ew4rDAPvg6/jcIEg/BAxHvQ78MRrqoDvS3KU8=,637822308089583852
X-bULS-SuppressionETag: A05D16B8C45CAFC5B00015FE7CF9685222749EA0
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wQpgn4RndklkrcPkuv2S1buV_XF2ubOLv2g0CvJVliTY4bJycxTBWd0viwOQMWs7SgFcJ3V8_b3yNWdgbLpF0ju7FXyYl5nAhkF7gHcDo3fnI2UW0U2DE-K7C1asl86uwRd4mNEnY80idbDH6Buurfw
X-UserSessionId: 93abf364-a345-46a9-811b-4bf6a2c35f10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1648448408650
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS6
x-officeversion: 16.0.15028.41011
x-officefe: BL6PEPF0000E940
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: A05D16B8C45CAFC5B00015FE7CF9685222749EA0
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 65c62df4-d52c-41d2-a746-b8db211f1f64
x-officefd: BL6PEPF0000E940
x-usersessionid: 93abf364-a345-46a9-811b-4bf6a2c35f10
date: Mon, 07 Mar 2022 06:20:11 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: B14DAD41E54747778E9D9AA318F29FC1 Ref B: AM3EDGE0619 Ref C: 2022-03-07T06:20:12Z

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161502841011_resources/1031/ Frame 0AD8 695 B
1 KB 34ms
34ms Image
image/gif 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161502841011_resources/1031/progress.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"218c517712ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15025.41017
x-officefe: AM4PEPF00006A0D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 02 Mar 2022 20:07:05 GMT
x-officefd: AM4PEPF00006A0D
x-msedge-ref: Ref A: A19DC6BB1B6E402295BB87FE4D76D434 Ref B: AMS04EDGE1708 Ref C: 2022-03-02T20:07:05Z
x-usersessionid: 15d177c3-3332-40fc-b809-24c36c528ff3
date: Mon, 07 Mar 2022 06:20:12 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: 15d177c3-3332-40fc-b809-24c36c528ff3
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 0AD8 49 KB
50 KB 105ms
105ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=93abf364-a345-46a9-811b-4bf6a2c35f10&build=16.0.15028.41011&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&access_token=4wQpgn4RndklkrcPkuv2S1buV_XF2ubOLv2g0CvJVliTY4bJycxTBWd0viwOQMWs7SgFcJ3V8_b3yNWdgbLpF0ju7FXyYl5nAhkF7gHcDo3fnI2UW0U2DE-K7C1asl86uwRd4mNEnY80idbDH6Buurfw&access_token_ttl=1648448408900&z=aRDVDN0I2QzMzMTkyOUNDOCExMjMuNQ&waccluster=PIE1&PdfMode=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

095b53973f0e504d29c5d6da0f83db0b1ceda41a04e069ee9564a2994d0c34dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF0000CE86
x-officeversion: 16.0.15028.41011
x-officefe: DB5PEPF0000CE86
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 50532
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&access_token=4wQpgn4RndklkrcPkuv2S1buV%5FXF2ubOLv2g0CvJVliTY4bJycxTBWd0viwOQMWs7SgFcJ3V8%5Fb3yNWdgbLpF0ju7FXyYl5nAhkF7gHcDo3fnI2UW0U2DE%2DK7C1asl86uwRd4mNEnY80idbDH6Buurfw&access_token_ttl=1648448408900&z=aRDVDN0I2QzMzMTkyOUNDOCExMjMuNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: a6423ad9-ab39-4f7d-ac2e-dc69f8a3fd25
x-officefd: DB5PEPF0000CE86
x-usersessionid: 93abf364-a345-46a9-811b-4bf6a2c35f10
date: Mon, 07 Mar 2022 06:20:11 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: A0B413D766E74CB7926365060E1359AE Ref B: AM3EDGE0619 Ref C: 2022-03-07T06:20:12Z
timing-allow-origin: *
expires: Tue, 07 Mar 2023 06:20:12 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0AD8 243 B
901 B 53ms
53ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=93abf364-a345-46a9-811b-4bf6a2c35f10&build=16.0.15028.41011&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&access_token=4wQpgn4RndklkrcPkuv2S1buV%5FXF2ubOLv2g0CvJVliTY4bJycxTBWd0viwOQMWs7SgFcJ3V8%5Fb3yNWdgbLpF0ju7FXyYl5nAhkF7gHcDo3fnI2UW0U2DE%2DK7C1asl86uwRd4mNEnY80idbDH6Buurfw&access_token_ttl=1648448408650&z=aRDVDN0I2QzMzMTkyOUNDOCExMjMuNQ&waccluster=PIE1&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

1de25e41e7b48925ce0992d08b20868da2aed641e8acce7d6b7226a17e550f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF0000CE8C
X-UserSessionId: 93abf364-a345-46a9-811b-4bf6a2c35f10
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15028.41011
X-Key: dLUL68Ew4rDAPvg6/jcIEg/BAxHvQ78MRrqoDvS3KU8=,637822308089583852
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF0000CE8C
x-officeversion: 16.0.15028.41011
x-officefe: DB5PEPF0000CE8C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 298
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&access_token=4wQpgn4RndklkrcPkuv2S1buV%5FXF2ubOLv2g0CvJVliTY4bJycxTBWd0viwOQMWs7SgFcJ3V8%5Fb3yNWdgbLpF0ju7FXyYl5nAhkF7gHcDo3fnI2UW0U2DE%2DK7C1asl86uwRd4mNEnY80idbDH6Buurfw&access_token_ttl=1648448408650&z=aRDVDN0I2QzMzMTkyOUNDOCExMjMuNQ00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: fec89552-aeb4-4419-b25d-86b8b9f49df1, a505c366-dd7b-4499-bcb3-ccbc358540be
x-officefd: DB5PEPF000083EC
x-usersessionid: 93abf364-a345-46a9-811b-4bf6a2c35f10, 93abf364-a345-46a9-811b-4bf6a2c35f10
x-powered-by: ARR/3.0
date: Mon, 07 Mar 2022 06:20:11 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 1256033FC09A4AF8BCE0793C9F44D8B2 Ref B: AM3EDGE0619 Ref C: 2022-03-07T06:20:12Z
timing-allow-origin: *, *
expires: Tue, 07 Mar 2023 06:20:12 GMT

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0AD8 0
424 B 118ms
118ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h265F32046BF538E9_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF00007A94
x-officeversion: 16.0.15028.41011
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: aa1c5c4c-f897-4085-ac00-ed0c78d8942e
x-officecluster: PUS4
x-usersessionid: aa1c5c4c-f897-4085-ac00-ed0c78d8942e
date: Mon, 07 Mar 2022 06:20:11 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: C89AD156D53C4B448871BCD88E900173 Ref B: AM3EDGE0619 Ref C: 2022-03-07T06:20:12Z
timing-allow-origin: *
x-officefe: BL6PEPF00007670

GET
H2 200 officebrowserfeedback.css
c1h-word-view-15.cdn.office.net/wv/s/161502841011_App_Scripts/Feedback/latest/ Frame 0AD8 18 KB
3 KB 8ms
7ms Stylesheet
text/css 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161502841011_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161502841011_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

67ede0fc3ca08aaf330485c705fcd4f16e15c8786d39002ccd2488b04bac1bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"dae7a0ac6f2ed81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15025.41017
x-officefe: DB5PEPF0000C633
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2663
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 02 Mar 2022 19:56:57 GMT
x-officefd: DB5PEPF0000C633
x-msedge-ref: Ref A: 69A61F6BF48C4024B820484A34D152F1 Ref B: AMS04EDGE1311 Ref C: 2022-03-02T19:56:57Z
x-usersessionid: 381f80a2-f49c-447f-8d84-6f680a571b1e
date: Mon, 07 Mar 2022 06:20:12 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 381f80a2-f49c-447f-8d84-6f680a571b1e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedbackstrings.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161502841011_App_Scripts/Feedback/latest/Intl/de/ Frame 0AD8 2 KB
2 KB 10ms
10ms Script
application/javascript 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161502841011_App_Scripts/Feedback/latest/Intl/de/officebrowserfeedbackstrings.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161502841011_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b1efda9130cb305275e233083f3171c724fa41c21af6be7ad43919c77a1a906b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d943cb1b712ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15025.41017
x-officefe: AM4PEPF000069FE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1042
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 02 Mar 2022 20:07:13 GMT
x-officefd: AM4PEPF000069FE
x-msedge-ref: Ref A: 8351DFE3E75E4585A03CAED4F412B52D Ref B: AMS04EDGE1309 Ref C: 2022-03-02T20:07:13Z
x-usersessionid: 4ba91f03-966d-45d9-8bd9-483b1e5da0b8
date: Mon, 07 Mar 2022 06:20:12 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4ba91f03-966d-45d9-8bd9-483b1e5da0b8
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0AD8 0
429 B 129ms
129ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15028.41011&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 93abf364-a345-46a9-811b-4bf6a2c35f10
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":3168,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000B762
x-officeversion: 16.0.15028.41011
x-officefe: BL6PEPF0000B762
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 139b3fae-0e72-47bc-a661-ddcb26836594
x-officecluster: PGTUS6
x-usersessionid: 93abf364-a345-46a9-811b-4bf6a2c35f10
date: Mon, 07 Mar 2022 06:20:11 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: C03BFC1D89FA4158A68F349FC223DB9B Ref B: AM3EDGE0619 Ref C: 2022-03-07T06:20:12Z

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 0AD8 42 KB
16 KB 95ms
11ms Script
application/javascript 104.111.237.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h265F32046BF538E9_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.111.237.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-183.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 06:20:12 GMT
X-MSNServer: RD0003FF242117
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=35101, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 0AD8 243 B
716 B 51ms
50ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

1de25e41e7b48925ce0992d08b20868da2aed641e8acce7d6b7226a17e550f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF0000CE8C
X-UserSessionId: 93abf364-a345-46a9-811b-4bf6a2c35f10
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15028.41011
X-Key: dLUL68Ew4rDAPvg6/jcIEg/BAxHvQ78MRrqoDvS3KU8=,637822308089583852
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF0000CE8C
x-officeversion: 16.0.15028.41011
x-officefe: DB5PEPF0000CE8C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 298
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&access_token=4wQpgn4RndklkrcPkuv2S1buV%5FXF2ubOLv2g0CvJVliTY4bJycxTBWd0viwOQMWs7SgFcJ3V8%5Fb3yNWdgbLpF0ju7FXyYl5nAhkF7gHcDo3fnI2UW0U2DE%2DK7C1asl86uwRd4mNEnY80idbDH6Buurfw&access_token_ttl=1648448408650&z=aRDVDN0I2QzMzMTkyOUNDOCExMjMuNQ00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: d63158ae-36a4-4ea2-8802-0389ea0bf1b0, 43f29f0f-06b7-461f-ae7a-bf1f0f1382cc
x-officefd: DB5PEPF0000D03F
x-usersessionid: 93abf364-a345-46a9-811b-4bf6a2c35f10, 93abf364-a345-46a9-811b-4bf6a2c35f10
x-powered-by: ARR/3.0
date: Mon, 07 Mar 2022 06:20:11 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 7D61F28AAAA142809BE1411EAD093A7A Ref B: AM3EDGE0619 Ref C: 2022-03-07T06:20:12Z
timing-allow-origin: *, *
expires: Tue, 07 Mar 2023 06:20:12 GMT

GET CampaignMetadataAggregator
messaging.office.com/lifecycle/ Frame 0AD8 0
0

OPTIONS
H2 403 CampaignMetadataAggregator
messaging.office.com/lifecycle/ Frame 0
0 203ms
40ms Preflight 52.109.88.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=DE&locale=de-DE&app=2155&platform=Web&version=16.0.15028.41011&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPIE1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3B&ageGroup=0&authType=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.96 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Origin: https://word-view.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: private
server
x-correlationid: 1119f6be-4ec5-4e30-9f16-ac307788c251
x-usersessionid: 1119f6be-4ec5-4e30-9f16-ac307788c251
x-officefe: OmexMessagingStorefront_IN_33
x-officeversion: 22.4.10304.11723
x-officecluster: weu-000.omexmessaging.osi.office.net
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-machine: weu-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_33
x-gateids: AirTrafficControl.GovernanceRule
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000
x-frame-options: deny
date: Mon, 07 Mar 2022 06:20:11 GMT
content-length: 0

GET
H2 200 otelFullNext.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161502841011_App_Scripts/ Frame 0AD8 98 KB
29 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2ae::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161502841011_App_Scripts/otelFullNext.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h265F32046BF538E9_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7f681e88d5a43d0ba2222db361dd567431d06262a22c38c63eaa0329749c3a74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d388b4a76f2ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15025.41017
x-officefe: AM4PEPF00012381
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 28984
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 02 Mar 2022 19:56:49 GMT
x-officefd: AM4PEPF00012381
x-msedge-ref: Ref A: B1BF2891BF994A8688375E1632117273 Ref B: AM3EDGE0712 Ref C: 2022-03-02T19:56:49Z
x-usersessionid: a64bee2a-d67f-40f7-bfd7-10685b261368
date: Mon, 07 Mar 2022 06:20:12 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a64bee2a-d67f-40f7-bfd7-10685b261368
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 0AD8 4 B
333 B 694ms
153ms XHR
application/json 20.189.173.3

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161502841011_App_Scripts/otelFullNext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.189.173.3 -, , ASN (),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 06:20:12 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

OPTIONS
H2 403 CampaignMetadataAggregator
messaging.office.com/lifecycle/ Frame 0
0 30ms
30ms Preflight 52.109.88.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.88.96 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Origin: https://word-view.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: private
server
x-correlationid: 8d9994eb-d3af-42b3-bcd4-6291b79d25f4
x-usersessionid: 8d9994eb-d3af-42b3-bcd4-6291b79d25f4
x-officefe: OmexMessagingStorefront_IN_33
x-officeversion: 22.4.10304.11723
x-officecluster: weu-000.omexmessaging.osi.office.net
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-machine: weu-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_33
x-gateids: AirTrafficControl.GovernanceRule
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000
x-frame-options: deny
date: Mon, 07 Mar 2022 06:20:11 GMT
content-length: 0

GET CampaignMetadataAggregator
messaging.office.com/lifecycle/ Frame 0AD8 0
0

GET translation.ashx
word-view.officeapps.live.com/wv/ Frame 0AD8 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: messaging.office.com
URL: https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=DE&locale=de-DE&app=2155&platform=Web&version=16.0.15028.41011&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPIE1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3B&ageGroup=0&authType=2

Domain: messaging.office.com
URL: https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=DE&locale=de-DE&app=2155&platform=Web&version=16.0.15028.41011&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPIE1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3B&ageGroup=0&authType=2

Domain: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&access_token=4wQpgn4RndklkrcPkuv2S1buV%5FXF2ubOLv2g0CvJVliTY4bJycxTBWd0viwOQMWs7SgFcJ3V8%5Fb3yNWdgbLpF0ju7FXyYl5nAhkF7gHcDo3fnI2UW0U2DE%2DK7C1asl86uwRd4mNEnY80idbDH6Buurfw&access_token_ttl=1648448408650&z=aRDVDN0I2QzMzMTkyOUNDOCExMjMuNQ&uilang=de-DE

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.live.com/	1969-12-31 23:59:59	Name: E Value: P:kjI/hQIA2og=:4gVcrGshUCjQ+Yunj+Bx/s2o/NEAhls0XA8NHFp3FmA=:F
.live.com/	1969-12-31 23:59:59	Name: xid Value: d6735fc3-f2d3-465e-9c7f-3eaeec4951c6&&RD0004FFA72141&103
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 1
.live.com/	1970-01-20 01:33:58	Name: wla42 Value:
word-view.officeapps.live.com/	1970-01-20 03:36:19	Name: DcLcid Value: ui=1031&data=1033
word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
.live.com/	1969-12-31 23:59:59	Name: BP Value: l=SDX.Skydrive&FR=&ST=
.live.com/	1970-01-20 10:45:30	Name: MUID Value: 25299456B0E96D1A37E38536B4E969B7
.bing.com/	1970-01-20 10:45:30	Name: MUID Value: 25299456B0E96D1A37E38536B4E969B7
.c.bing.com/	1970-01-20 10:45:30	Name: SRM_B Value: 25299456B0E96D1A37E38536B4E969B7
.c.bing.com/	1970-01-20 10:45:30	Name: SRM_L Value: 25299456B0E96D1A37E38536B4E969B7
.c.live.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.live.com/	1970-01-20 01:23:54	Name: ANONCHK Value: 0
.word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: PUS4-ARRAffinity Value: dbab480dc5a6102d08cbfee0375548d46c4bdef18ceff7a4491a5b6588464ed3

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&access_token=4wQpgn4RndklkrcPkuv2S1buV%5FXF2ubOLv2g0CvJVliTY4bJycxTBWd0viwOQMWs7SgFcJ3V8%5Fb3yNWdgbLpF0ju7FXyYl5nAhkF7gHcDo3fnI2UW0U2DE%2DK7C1asl86uwRd4mNEnY80idbDH6Buurfw&access_token_ttl=1648448408650&z=aRDVDN0I2QzMzMTkyOUNDOCExMjMuNQ&v=00000000-0000-0000-0000-000000000802&usid=93abf364-a345-46a9-811b-4bf6a2c35f10&splashscreen=1&build=16.0.15028.41011&PdfMode=1&waccluster=PIE1 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem Message: Access to fetch at 'https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=DE&locale=de-DE&app=2155&platform=Web&version=16.0.15028.41011&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPIE1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3B&ageGroup=0&authType=2' from origin 'https://word-view.officeapps.live.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=DE&locale=de-DE&app=2155&platform=Web&version=16.0.15028.41011&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPIE1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3B&ageGroup=0&authType=2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=7TKdF0BNSE6y0NfAIZOCsA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FD5C7B6C331929CC8%21123&sc=host%3D%26qt%3DDefault%26pt%3Dem Message: Access to fetch at 'https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=DE&locale=de-DE&app=2155&platform=Web&version=16.0.15028.41011&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPIE1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3B&ageGroup=0&authType=2' from origin 'https://word-view.officeapps.live.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://messaging.office.com/lifecycle/CampaignMetadataAggregator?country=DE&locale=de-DE&app=2155&platform=Web&version=16.0.15028.41011&campaignParams=pageWidth%3D1600%26pageHeight%3D1200%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPIE1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3B&ageGroup=0&authType=2 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.live.com
c1h-word-view-15.cdn.office.net
js.live.net
messaging.office.com
onedrive.live.com
spoprod-a.akamaihd.net
word-view.officeapps.live.com
messaging.office.com
word-view.officeapps.live.com
104.111.237.183
13.107.42.13
2.16.186.40
20.189.173.3
2620:1ec:a92::171
2620:1ec:c11::200
2a02:26f0:6c00:2ae::1c24
52.109.88.96
52.142.114.2
095b53973f0e504d29c5d6da0f83db0b1ceda41a04e069ee9564a2994d0c34dd
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
1cf7dec0e81ff1b5ff6f8c126725f2b1f6465f457acc87953e64b8be78c2f187
1de25e41e7b48925ce0992d08b20868da2aed641e8acce7d6b7226a17e550f50
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
265f32046bf538e930885923ed6a71c8f2489de1af8b0bc2e75b544933b03358
2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48
2c679449d900162cac8fcc2e7ae65e0bea46f4691c99804769660d505ec93227
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3c0177e4abfdaaa9e2c199b40fd5e4e503372ad3c25456a89c555956fdbd9751
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
6581c42a8df061bde74f89c567379ffd74cd8a9447192f7d2c2bb366a476293a
67ede0fc3ca08aaf330485c705fcd4f16e15c8786d39002ccd2488b04bac1bd7
7f681e88d5a43d0ba2222db361dd567431d06262a22c38c63eaa0329749c3a74
9367f931f8480183d49682c3597d1fba62c9170ecc4151862d0aa7884660a0bb
96cfac85453aca73bc6710def5c414cae47fca69e31f1fae7bdb6ffa670f0a94
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
b1efda9130cb305275e233083f3171c724fa41c21af6be7ad43919c77a1a906b
b6a2dad9ce99d887707f27c547081c333b8f7cf7060be8fbd022432e24190c13
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d67c01063eb69e25e0ec6b2d55f2812f3c6ae779611eb1c566b0c424cc1c9c1c
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
d8326bb4760631a8487732482af651a31c4d630a4a86a5c34e1bb44cce542e02
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e390d9eacf6215a24b85babc6b80bcbbc0b1a9c604637a2f821bd0bbab674d91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8cafcce4bbcd48e6fe124f647fc5a66ab01c46e991261cb2386f09f1920aca3

onedrive.live.com Open in urlscan Pro 13.107.42.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

49 Requests

90 %HTTPS

33 %IPv6

7 Domains

9 Subdomains

9 IPs

4 Countries

1540 kBTransfer

6711 kBSize

14 Cookies

0 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

90 %
HTTPS

33 %
IPv6

7
Domains

9
Subdomains

9
IPs

4
Countries

1540 kB
Transfer

6711 kB
Size

14
Cookies

49 HTTP transactions
0 data transactions