view.officeapps.live.com Open in urlscan Pro
2620:1ec:a92::171 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sendpost-24928.sptracki.com/api/v1/track/click/7/24928/23/default/6f874dfd-ed7a-406b-9693-a2103bde2758?redirecturl=http%3A%2...
Effective URL:
https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Ffiles.constantcontact.com%2F63d1b17a601%2F2383bb41-1e5c-4d20-8b30-...
Submission: On March 28 via manual (March 28th 2022, 2:38:53 pm UTC) from GB — Scanned from GB

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 55 HTTP transactions. The main IP is 2620:1ec:a92::171, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is view.officeapps.live.com. The Cisco Umbrella rank of the primary domain is 58114.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on April 30th 2021. Valid for: a year.

This is the only time view.officeapps.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.92.251.90 54.92.251.90	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.214.235.32 3.214.235.32	14618 (AMAZON-AES) (AMAZON-AES)
1 1	44.194.226.224 44.194.226.224	14618 (AMAZON-AES) (AMAZON-AES)
18	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
29	2a02:26f0:fb:... 2a02:26f0:fb:5b3::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.92.84.173 104.92.84.173	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.237.183 104.111.237.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b7::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.89.179.9 13.89.179.9	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:46::44 2620:1ec:46::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.104.158.179 13.104.158.179	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.190.159.0 20.190.159.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
55	9

1 54.92.251.90 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-251-90.compute-1.amazonaws.com

sendpost-24928.sptracki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.235.32 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-235-32.compute-1.amazonaws.com

api.sx2.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.226.224 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-226-224.compute-1.amazonaws.com

app.sendx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pnl1-word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a02:26f0:fb:5b3::1c24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1h-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.84.173 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-84-173.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.237.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-183.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b7::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

shell.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.89.179.9 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

amcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.104.158.179 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: i-am3p-cor005.api.p001.1drv.com

storage.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.159.0 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	office.net c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 13301 shell.cdn.office.net — Cisco Umbrella Rank: 2868	2 MB
20	live.com 1 redirects view.officeapps.live.com — Cisco Umbrella Rank: 58114 pnl1-word-view.officeapps.live.com — Cisco Umbrella Rank: 262605 storage.live.com — Cisco Umbrella Rank: 175 login.live.com — Cisco Umbrella Rank: 54	260 KB
2	sharepointonline.com static2.sharepointonline.com — Cisco Umbrella Rank: 4302	68 KB
1	msftauth.net amcdn.msftauth.net — Cisco Umbrella Rank: 2696	9 KB
1	microsoft.com browser.events.data.microsoft.com — Cisco Umbrella Rank: 859	338 B
1	live.net js.live.net — Cisco Umbrella Rank: 23543	16 KB
1	sendx.io 1 redirects app.sendx.io — Cisco Umbrella Rank: 490493	701 B
1	sx2.email 1 redirects api.sx2.email	265 B
1	sptracki.com 1 redirects sendpost-24928.sptracki.com	406 B
55	9

	Domain	Requested by
29	c1h-word-view-15.cdn.office.net	pnl1-word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
17	pnl1-word-view.officeapps.live.com	pnl1-word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
2	static2.sharepointonline.com
1	login.live.com
1	storage.live.com	1 redirects
1	amcdn.msftauth.net	c1h-word-view-15.cdn.office.net
1	browser.events.data.microsoft.com	c1h-word-view-15.cdn.office.net
1	shell.cdn.office.net	c1h-word-view-15.cdn.office.net
1	js.live.net	c1h-word-view-15.cdn.office.net
1	view.officeapps.live.com
1	app.sendx.io	1 redirects
1	api.sx2.email	1 redirects
1	sendpost-24928.sptracki.com	1 redirects
55	13

This site contains no links.

Subject Issuer	Validity	Valid
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
*.sharepointonline.com Microsoft RSA TLS CA 01	`2021-07-08` - `2022-07-08`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2021-09-29` - `2022-09-29`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 06	`2022-03-02` - `2023-02-25`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 01	`2022-02-15` - `2023-02-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Ffiles.constantcontact.com%2F63d1b17a601%2F2383bb41-1e5c-4d20-8b30-7ac0be452cb6.doc&wdOrigin=BROWSELINK
Frame ID: 34945FD4BF136F428BA209C98EE3C4C6
Requests: 2 HTTP requests in this frame

Frame: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
Frame ID: 591AFD1BA0FDCDD2579DB12A32C56556
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2383bb41-1e5c-4d20-8b30-7ac0be452cb6.doc

Page URL History Show full URLs

https://sendpost-24928.sptracki.com/api/v1/track/click/7/24928/23/default/6f874dfd-ed7a-406b-9693-a2103bde2758?r... HTTP 302
http://api.sx2.email/api/v1/track/campaign/click/8ry3Ph1b4CKdIgMnsytvL4/H4BQmeyfDgJ3fkC4pthwu2 HTTP 301
http://app.sendx.io/api/v1/track/campaign/click/8ry3Ph1b4CKdIgMnsytvL4/H4BQmeyfDgJ3fkC4pthwu2 HTTP 302
https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Ffiles.constantcontact.com%2F63d1b17a601%2F2383... Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

Page Statistics

55
Requests

96 %
HTTPS

33 %
IPv6

9
Domains

13
Subdomains

9
IPs

4
Countries

2826 kB
Transfer

12384 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sendpost-24928.sptracki.com/api/v1/track/click/7/24928/23/default/6f874dfd-ed7a-406b-9693-a2103bde2758?redirecturl=http%3A%2F%2Fapi.sx2.email%2Fapi%2Fv1%2Ftrack%2Fcampaign%2Fclick%2F8ry3Ph1b4CKdIgMnsytvL4%2FH4BQmeyfDgJ3fkC4pthwu2 HTTP 302
http://api.sx2.email/api/v1/track/campaign/click/8ry3Ph1b4CKdIgMnsytvL4/H4BQmeyfDgJ3fkC4pthwu2 HTTP 301
http://app.sendx.io/api/v1/track/campaign/click/8ry3Ph1b4CKdIgMnsytvL4/H4BQmeyfDgJ3fkC4pthwu2 HTTP 302
https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Ffiles.constantcontact.com%2F63d1b17a601%2F2383bb41-1e5c-4d20-8b30-7ac0be452cb6.doc&wdOrigin=BROWSELINK Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1648478331975 HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1648478332&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

55 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request view.aspx Show response
view.officeapps.live.com/op/
Redirect Chain

https://sendpost-24928.sptracki.com/api/v1/track/click/7/24928/23/default/6f874dfd-ed7a-406b-9693-a2103bde2758?redirecturl=http%3A%2F%2Fapi.sx2.email%2Fapi%2Fv1%2Ftrack%2Fcampaign%2Fclick%2F8ry3Ph1...
http://api.sx2.email/api/v1/track/campaign/click/8ry3Ph1b4CKdIgMnsytvL4/H4BQmeyfDgJ3fkC4pthwu2
http://app.sendx.io/api/v1/track/campaign/click/8ry3Ph1b4CKdIgMnsytvL4/H4BQmeyfDgJ3fkC4pthwu2
https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Ffiles.constantcontact.com%2F63d1b17a601%2F2383bb41-1e5c-4d20-8b30-7ac0be452cb6.doc&wdOrigin=BROWSELINK

4 KB
3 KB

129ms
48ms

Document
text/html

2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Ffiles.constantcontact.com%2F63d1b17a601%2F2383bb41-1e5c-4d20-8b30-7ac0be452cb6.doc&wdOrigin=BROWSELINK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f5df134422bff2170c5f26b44dcd2ad6f64647676129b1c5a170e6f12ccc6449

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
x-correlationid: 179df941-dd35-455e-894a-43fd89d93448
x-officefe: AM4PEPF00014052
x-officeversion: 16.0.15123.41020
x-officecluster: PNL1
x-content-type-options: nosniff
x-officefd: AM4PEPF000068AD
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-msedge-ref: Ref A: 4E4288CF79234DE98E9F65989BF3395E Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:49Z
date: Mon, 28 Mar 2022 14:38:48 GMT

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin,Authorization,Access-Control-Allow-Origin
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Access-Control-Allow-Origin
Content-Type: text/plain; charset=utf-8
Date: Mon, 28 Mar 2022 14:38:49 GMT
Location: https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Ffiles.constantcontact.com%2F63d1b17a601%2F2383bb41-1e5c-4d20-8b30-7ac0be452cb6.doc&wdOrigin=BROWSELINK
Server: openresty
Content-Length: 36
Connection: keep-alive

GET
DATA 200
OK truncated
/ 695 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 wordviewerframe.aspx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 83 KB
85 KB 78ms
56ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d85c25b372975a7b470aa72f9e5d6aa22511d15b503d8095adb3ea31957ab2f3

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.officeppe.com messaging.office.com messaging.growth.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://view.officeapps.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://view.officeapps.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
strict-transport-security: max-age=31536000
timing-allow-origin: *
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
x-officefe: AM4PEPF000131ED
x-officeversion: 16.0.15123.41000
x-officecluster: PNL1
x-content-type-options: nosniff
content-security-policy: font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.officeppe.com messaging.office.com messaging.growth.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
document-policy: js-profiling
x-officefd: AM4PEPF000131ED
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-msedge-ref: Ref A: D5BBF626207B4CC28BE006A5599D29E6 Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:49Z
date: Mon, 28 Mar 2022 14:38:48 GMT

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/h512544540F524FA3_resources/2057/ Frame 591A 277 KB
34 KB 257ms
84ms Stylesheet
text/css 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h512544540F524FA3_resources/2057/WordViewer.css

Requested by

Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

512544540f524fa33787e065612086678e67673a22d50d1c52f4a19cc7e56bc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"9d278650a43fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15115.41014
x-officefe: DB5PEPF0000CE86
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 34179
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Thu, 24 Mar 2022 17:26:36 GMT
x-officefd: DB5PEPF0000CE86
x-msedge-ref: Ref A: 16D2F6F0207B49A4A86D45B7BDF2B258 Ref B: AMS04EDGE3416 Ref C: 2022-03-24T17:26:36Z
x-usersessionid: 1431314f-d9eb-46c1-93b9-924d22610a75
date: Mon, 28 Mar 2022 14:38:49 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 1431314f-d9eb-46c1-93b9-924d22610a75
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/ Frame 591A 106 KB
24 KB 314ms
157ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d8326bb4760631a8487732482af651a31c4d630a4a86a5c34e1bb44cce542e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "26512d74753dd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF000069E2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23628
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 21 Mar 2022 22:46:07 GMT
x-officefd: AM4PEPF000069E2
x-msedge-ref: Ref A: E3E717ED4254484797F817788F051BAA Ref B: AMS04EDGE1107 Ref C: 2022-03-22T17:05:33Z
x-usersessionid: 5ea72944-b99c-441f-955b-18d4bfe1ff0d
date: Mon, 28 Mar 2022 14:38:49 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5ea72944-b99c-441f-955b-18d4bfe1ff0d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h4902BEE7A33B4B1B_App_Scripts/2057/ Frame 591A 132 KB
27 KB 384ms
228ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h4902BEE7A33B4B1B_App_Scripts/2057/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4ba94753713d8f341129b6a5c8bda264fd43eda8fbedd18896fd11b9c640de01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"2f29cf50a43fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15115.41014
x-officefe: DB5PEPF0000C62B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27088
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-akamai-origin-object-size: 27088
last-modified: Thu, 24 Mar 2022 17:26:37 GMT
x-officefd: DB5PEPF0000C62B
x-msedge-ref: Ref A: 0F3D310801024975A8A5BCD68E6F8DCB Ref B: AM3EDGE0504 Ref C: 2022-03-24T17:26:36Z
x-usersessionid: 5b1d611f-03f3-454c-910f-c634c17f44ba
date: Mon, 28 Mar 2022 14:38:49 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5b1d611f-03f3-454c-910f-c634c17f44ba
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame 591A 6 KB
2 KB 403ms
248ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "3b8453cc613ad81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF000141DB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1373
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 18 Mar 2022 00:47:52 GMT
x-officefd: AM4PEPF000141DB
x-msedge-ref: Ref A: FE6E18D23122409F854504CC9465B3BE Ref B: AMS04EDGE2817 Ref C: 2022-03-22T09:35:33Z
x-usersessionid: 9a6615c6-96d9-4961-a893-7393d19694d2
date: Mon, 28 Mar 2022 14:38:49 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 9a6615c6-96d9-4961-a893-7393d19694d2
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hD53F37F94627C314_App_Scripts/2057/ Frame 591A 19 KB
4 KB 399ms
244ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hD53F37F94627C314_App_Scripts/2057/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a58e71496d547cc6ab3cfb6165221a82dc74ae386801d7a4379ec1bd7535749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "92b495b5738d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15110.41003
x-officefe: AM4PEPF00010310
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3331
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 15 Mar 2022 00:57:56 GMT
x-officefd: AM4PEPF00010310
x-msedge-ref: Ref A: 5DB18D0D438B439DAFE1FB22ED80EF70 Ref B: AM3EDGE0207 Ref C: 2022-03-17T11:29:34Z
x-usersessionid: 8f94914f-2cc8-4969-a35a-e6e5cd47e72a
date: Mon, 28 Mar 2022 14:38:49 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8f94914f-2cc8-4969-a35a-e6e5cd47e72a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h3613D51E0463C995_App_Scripts/2057/ Frame 591A 445 KB
68 KB 243ms
86ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h3613D51E0463C995_App_Scripts/2057/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3613d51e0463c995199a45147013f673bbb3f4f531be6acfac76251e42d987cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"16117f50a43fd81:0"
x-officecluster: GEU2C
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF0000D41F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 69251
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Thu, 24 Mar 2022 17:26:36 GMT
x-officefd: AM4PEPF0000D7D0
x-msedge-ref: Ref A: 78846A447EFE451789E97BF72CD3BD9B Ref B: AMS04EDGE2805 Ref C: 2022-03-24T17:26:36Z
x-usersessionid: 0da74cd0-9bca-4d2f-808b-c8fcfe0818fd
date: Mon, 28 Mar 2022 14:38:49 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0da74cd0-9bca-4d2f-808b-c8fcfe0818fd
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h4AAB099BF40D3090_App_Scripts/ Frame 591A 3 MB
746 KB 113ms
113ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h4AAB099BF40D3090_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4aab099bf40d3090a49b48562907e617dac8a4241fe4d7173cb907f347815c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"584e92f89c3fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF00010AB8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 761419
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 16:34:02 GMT
x-officefd: AM4PEPF00010AB8
x-msedge-ref: Ref A: 44846333D3764199A5E0E002497E70BA Ref B: AM3EDGE0707 Ref C: 2022-03-24T16:34:02Z
x-usersessionid: 07676a3a-c188-4cab-94e4-ac08ab463847
date: Mon, 28 Mar 2022 14:38:49 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 07676a3a-c188-4cab-94e4-ac08ab463847
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 0
521 B 45ms
44ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15123.41000&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
X-UserSessionId: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15123.41000
x-officefe: AM4PEPF00006A1C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 901d4d0d-673f-4701-a32c-7618f1c8ad5c
x-officecluster: PNL1
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
date: Mon, 28 Mar 2022 14:38:48 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 2AB48268CD1B4ED38D708721CE8B2E37 Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:49Z
timing-allow-origin: *

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 27 KB
27 KB 85ms
85ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b5&v=00000000-0000-0000-0000-000000000802&usid=a9376cd6-cdcc-4fa9-83d5-6e707bb5192d&splashscreen=1&build=16.0.15123.41000&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0711068fc36c23a515aa00790c26ed770948748958e8726214a97bc0ff1e4f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00006A09
x-officeversion: 16.0.15123.41000
x-officefe: AM4PEPF00006A09
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27235
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b500000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: db772b5c-b29d-4b20-b5b6-40bebe679e63
x-officefd: AM4PEPF00006A09
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
date: Mon, 28 Mar 2022 14:38:48 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 0F8745D2F3BC4E7E900D0C5AAD8298DE Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:49Z
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:38:49 GMT

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 0
176 B 42ms
42ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15123.41000&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
X-UserSessionId: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":345,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/h512544540F524FA3_resources/2057/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15123.41000
x-officefe: AM4PEPF000102D6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 4849d876-303e-4a2f-9cbd-556e7c323aef
x-officecluster: PNL1
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
date: Mon, 28 Mar 2022 14:38:49 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 60241F2B31D84C789E9D89174FC73896 Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:49Z
timing-allow-origin: *

GET
H2 200 sharedheaderplaceholder-icons.woff
c1h-word-view-15.cdn.office.net/wv/s/hE5C1E39EBD126206_App_Scripts/fonts/ Frame 591A 3 KB
3 KB 150ms
149ms Font
font/x-woff 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hE5C1E39EBD126206_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e5c1e39ebd1262067f33a6505542dde5b313b2b6e68f0f125d10164e027ef7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "2a40e848793ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15111.41018
x-officefe: AM4PEPF00006A1C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2748
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 18 Mar 2022 03:35:59 GMT
x-officefd: AM4PEPF00006A1C
x-msedge-ref: Ref A: CAD21A8EDAB040F88D625F18499FE3C2 Ref B: AMS04EDGE1615 Ref C: 2022-03-18T15:25:47Z
x-usersessionid: 1975239b-3035-4dc3-bb2a-ef7d054f7d2a
date: Mon, 28 Mar 2022 14:38:50 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: 1975239b-3035-4dc3-bb2a-ef7d054f7d2a
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 0
153 B 43ms
43ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15123.41000&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
X-UserSessionId: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":762,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15123.41000
x-officefe: AM4PEPF00010AB6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: ba685e74-60b8-48e3-af90-8cca8e03b972
x-officecluster: PNL1
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
date: Mon, 28 Mar 2022 14:38:49 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 60E44259643D4BADB404458A28DA7A3F Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:50Z
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 445 B
732 B 57ms
56ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b5&type=png&o15=1&ui=en-GB

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

2f2ae8c85fc7f26634d5fa4a3cb83ba4e40cfdee460474b4fe58aa0b96be2dbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF000131ED
X-UserSessionId: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
Accept-Language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15123.41000
X-Key: JkfZLZZaPCtHlI5Pmf4VEKnOMEa+Zy534yoMapSs0Jg=,637840751295082998
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF000131ED
x-officeversion: 16.0.15123.41000
x-officefe: AM4PEPF000131ED
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 414
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: b730cd1f-d5b1-4504-ae61-ecc2bfd6ac7c, b730cd1f-d5b1-4504-ae61-ecc2bfd6ac7c
x-officefd: AM4PEPF0001030E
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d, a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
x-powered-by: ARR/3.0
date: Mon, 28 Mar 2022 14:38:49 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 1C7D321B799E4D76AA6AAF0A86582317 Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:50Z
timing-allow-origin: *, *
expires: Tue, 28 Mar 2023 14:38:50 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/ Frame 591A 40 KB
7 KB 91ms
91ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4AAB099BF40D3090_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e4c549c59b3fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF00012376
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5997
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 16:25:26 GMT
x-officefd: AM4PEPF00012376
x-msedge-ref: Ref A: D8CE5867FF4A401C99383CD6B953AA86 Ref B: AM3EDGE0321 Ref C: 2022-03-24T16:25:26Z
x-usersessionid: 3d824e44-47a1-4e24-96c6-9e2a62a1fdd6
date: Mon, 28 Mar 2022 14:38:50 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 3d824e44-47a1-4e24-96c6-9e2a62a1fdd6
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/h512544540F524FA3_resources/2057/ Frame 591A 22 KB
23 KB 132ms
132ms Font
font/x-woff 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h512544540F524FA3_resources/2057/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h512544540F524FA3_resources/2057/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/h512544540F524FA3_resources/2057/WordViewer.css
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "3caccd69e3fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15115.41014
x-officefe: DB5PEPF0000E7F8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 16:47:23 GMT
x-officefd: DB5PEPF0000E7F8
x-msedge-ref: Ref A: 15410BCD40AE4FCA8A42DC0AAF19923A Ref B: AMS04EDGE2022 Ref C: 2022-03-24T17:31:37Z
x-usersessionid: bd290888-d621-4b88-9456-0864a3d60be6
date: Mon, 28 Mar 2022 14:38:50 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: bd290888-d621-4b88-9456-0864a3d60be6
accept-ranges: bytes
timing-allow-origin: *

GET
BLOB 200
OK a188d0d8-25d7-4566-af8e-374207193a17
https://pnl1-word-view.officeapps.live.com/ Frame 591A 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pnl1-word-view.officeapps.live.com/a188d0d8-25d7-4566-af8e-374207193a17
Requested by: Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6581c42a8df061bde74f89c567379ffd74cd8a9447192f7d2c2bb366a476293a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 0
502 B 65ms
64ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15123.41000&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
X-UserSessionId: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":1005,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15123.41000
x-officefe: AM4PEPF00010AB6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: 1b05556d-d1b9-4e65-af3b-a0b9f44d0624
x-officecluster: PNL1
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
date: Mon, 28 Mar 2022 14:38:49 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 836A2308009E480CB0A59301721478E9 Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:50Z
timing-allow-origin: *

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h4AAB099BF40D3090_App_Scripts/ Frame 591A 827 KB
136 KB 95ms
95ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h4AAB099BF40D3090_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4AAB099BF40D3090_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

267dcbe0efb936dbd9803c3066acbe2ebd2e137adb86a1db5f8c9835fc2fa72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ce3c75c59b3fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15115.41014
x-officefe: DB5PEPF0000CE8B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 138596
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 16:25:27 GMT
x-officefd: DB5PEPF0000CE8B
x-msedge-ref: Ref A: 4EEB9F1ACDCB4598A198114F5E9C4699 Ref B: AMS04EDGE2213 Ref C: 2022-03-24T16:25:27Z
x-usersessionid: 2c10fec6-7ec7-4989-8262-fb17ecb2e483
date: Mon, 28 Mar 2022 14:38:50 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2c10fec6-7ec7-4989-8262-fb17ecb2e483
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161512341000_resources/2057/ Frame 591A 695 B
1 KB 126ms
125ms Image
image/gif 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_resources/2057/progress.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"eb343051a43fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF00011BB9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-akamai-origin-object-size: 695
last-modified: Thu, 24 Mar 2022 17:26:37 GMT
x-officefd: AM4PEPF00011BB9
x-msedge-ref: Ref A: 16752994974E4762B541834EB25FE0C6 Ref B: AMS04EDGE1709 Ref C: 2022-03-24T17:26:37Z
x-usersessionid: 433da8a7-e81c-4871-84a0-fde789e2131c
date: Mon, 28 Mar 2022 14:38:50 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: 433da8a7-e81c-4871-84a0-fde789e2131c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 27 KB
27 KB 116ms
115ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=a9376cd6-cdcc-4fa9-83d5-6e707bb5192d&build=16.0.15123.41000&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b5&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0711068fc36c23a515aa00790c26ed770948748958e8726214a97bc0ff1e4f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00006A1C
x-officeversion: 16.0.15123.41000
x-officefe: AM4PEPF00006A1C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27235
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b500000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordslice,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: c6e93867-c836-422f-8333-a501c8bb619d
x-officefd: AM4PEPF00006A1C
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
date: Mon, 28 Mar 2022 14:38:49 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 070B496B5EBE4217BA8CE0C3879EBC82 Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:50Z
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:38:50 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 26 KB
26 KB 107ms
106ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=a9376cd6-cdcc-4fa9-83d5-6e707bb5192d&build=16.0.15123.41000&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b5&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

df08e5204ac716e43d553bb4997a60095ee9d21355f7537065b91bdfbd37fc78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00010AB6
x-officeversion: 16.0.15123.41000
x-officefe: AM4PEPF00010AB6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 26329
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b500000000-0000-0000-0000-000000000802p2.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: 2eab6b5e-2017-40df-a2f2-5e950fb3c564
x-officefd: AM4PEPF00010AB6
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
date: Mon, 28 Mar 2022 14:38:49 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 1D419B3BBE984C659024AAB2A85D4E99 Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:50Z
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:38:50 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 31 KB
32 KB 222ms
221ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p3.img&v=00000000-0000-0000-0000-000000000802&usid=a9376cd6-cdcc-4fa9-83d5-6e707bb5192d&build=16.0.15123.41000&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b5&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7a6d425076a4b4be91d74cb1b33080980b8a223bb0602488bf986b31525d435c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF000131F7
x-officeversion: 16.0.15123.41000
x-officefe: AM4PEPF000131F7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 32251
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b500000000-0000-0000-0000-000000000802p3.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 6907ce1f-8370-4339-b574-393eab84faf8
x-officefd: AM4PEPF000131F7
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
date: Mon, 28 Mar 2022 14:38:50 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 80A345321DA8416F8AC74F591C144D73 Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:50Z
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:38:50 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 30 KB
31 KB 77ms
77ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p4.img&v=00000000-0000-0000-0000-000000000802&usid=a9376cd6-cdcc-4fa9-83d5-6e707bb5192d&build=16.0.15123.41000&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b5&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

08d1349e1f123b78c2c23224d83e7e5e249867c70c679e737fe63d3e983285d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00006A09
x-officeversion: 16.0.15123.41000
x-officefe: AM4PEPF00006A09
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 30815
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b500000000-0000-0000-0000-000000000802p4.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 1c90ecc2-e6b8-447a-859d-380654cebaaa
x-officefd: AM4PEPF00006A09
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
date: Mon, 28 Mar 2022 14:38:49 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: FA7523B1BE4B450FA65C39B92B6E0814 Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:50Z
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:38:50 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 9 KB
10 KB 114ms
114ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p5.img&v=00000000-0000-0000-0000-000000000802&usid=a9376cd6-cdcc-4fa9-83d5-6e707bb5192d&build=16.0.15123.41000&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b5&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

32314013a0ed063fd5a9f7ad819a3a91c7bf5d405134951e8a6cdf2c46746902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00010AB6
x-officeversion: 16.0.15123.41000
x-officefe: AM4PEPF00010AB6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 9320
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b500000000-0000-0000-0000-000000000802p5.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: 6725bc8c-ed29-4408-8887-7eeffe3c40ce
x-officefd: AM4PEPF00010AB6
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
date: Mon, 28 Mar 2022 14:38:49 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: C1736D22C5484D868A5CDFD07B197291 Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:50Z
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:38:50 GMT

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 0
394 B 43ms
43ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15123.41000&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
X-UserSessionId: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1143,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15123.41000
x-officefe: AM4PEPF0001030E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 976010f0-ac8d-4623-96d2-b641b5a9fdfc
x-officecluster: PNL1
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
date: Mon, 28 Mar 2022 14:38:50 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 91FB89C077FA4CD394C6D840013DEA99 Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:50Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 0
202 B 43ms
43ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15123.41000&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: AM4PEPF000131ED
Accept-Language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15123.41000
X-Key: JkfZLZZaPCtHlI5Pmf4VEKnOMEa+Zy534yoMapSs0Jg=,637840751295082998
X-bULS-SuppressionETag: 92C3AEFEB80AAA1E848104E31CB64811FC891720
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 1
X-UserSessionId: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
X-UserType: WOPI
X-AccessTokenTtl: 0
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15123.41000
x-officefe: AM4PEPF00010AB6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 92C3AEFEB80AAA1E848104E31CB64811FC891720
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 14c39607-09e9-4e56-a19a-8c81cb385b3f
x-officecluster: PNL1
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
date: Mon, 28 Mar 2022 14:38:50 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 56F32F9000F74902A6C39C818D444DF5 Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:50Z
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/ Frame 591A 6 KB
3 KB 92ms
92ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/appResourceLoader.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4AAB099BF40D3090_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f49f8c6fd6329d4b1e005f29a14629976525c72a35dc6f45d26ee24f43f21910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"be79ac59b3fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF00012381
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2036
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 16:25:27 GMT
x-officefd: AM4PEPF00012381
x-msedge-ref: Ref A: ADAFF6CECFDD4BFCA07FC90D4B8D63AC Ref B: AMS04EDGE2706 Ref C: 2022-03-24T16:25:27Z
x-usersessionid: d4a423ba-d07f-4e41-9042-d2051d060504
date: Mon, 28 Mar 2022 14:38:50 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: d4a423ba-d07f-4e41-9042-d2051d060504
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161512341000_resources/2057/ Frame 591A 695 B
1 KB 96ms
95ms Image
image/gif 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_resources/2057/progress.gif

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4AAB099BF40D3090_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"eb343051a43fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF00011BB9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-akamai-origin-object-size: 695
last-modified: Thu, 24 Mar 2022 17:26:37 GMT
x-officefd: AM4PEPF00011BB9
x-msedge-ref: Ref A: 16752994974E4762B541834EB25FE0C6 Ref B: AMS04EDGE1709 Ref C: 2022-03-24T17:26:37Z
x-usersessionid: 433da8a7-e81c-4871-84a0-fde789e2131c
date: Mon, 28 Mar 2022 14:38:50 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: 433da8a7-e81c-4871-84a0-fde789e2131c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161512341000_resources/2057/ Frame 591A 34 KB
35 KB 113ms
113ms Image
image/png 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_resources/2057/wv.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"f2d84438a53fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF00011BBB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 17:33:05 GMT
x-officefd: AM4PEPF00011BBB
x-msedge-ref: Ref A: BDCB6A564927429FA41296786CC061B6 Ref B: AM3EDGE0509 Ref C: 2022-03-24T17:33:05Z
x-usersessionid: 71544a04-8d82-408d-b80a-ca629e492d93
date: Mon, 28 Mar 2022 14:38:50 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 71544a04-8d82-408d-b80a-ca629e492d93
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress16.gif
c1h-word-view-15.cdn.office.net/wv/s/161512341000_resources/2057/ Frame 591A 668 B
1 KB 158ms
158ms Image
image/gif 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_resources/2057/progress16.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"51e37a4a53fd81:0"
x-officecluster: GEU1C
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF0000CABB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 668
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Thu, 24 Mar 2022 17:31:38 GMT
x-officefd: AM4PEPF0000D7CA
x-msedge-ref: Ref A: 4A1ED45F7034487D836FE6285FCF195F Ref B: AMS04EDGE2915 Ref C: 2022-03-24T17:31:38Z
x-usersessionid: 7c6afbea-f2d9-4f10-8807-93c0a44130fa
date: Mon, 28 Mar 2022 14:38:50 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: 7c6afbea-f2d9-4f10-8807-93c0a44130fa
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 49 KB
13 KB 63ms
63ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=a9376cd6-cdcc-4fa9-83d5-6e707bb5192d&build=16.0.15123.41000&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b5&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

2588c6ffc67ab4fcccf2b740378583d29633cfcf50136f5595e5741acb763f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF000131ED
X-UserSessionId: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
Accept-Language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15123.41000
X-Key: JkfZLZZaPCtHlI5Pmf4VEKnOMEa+Zy534yoMapSs0Jg=,637840751295082998
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF000131ED
x-officeversion: 16.0.15123.41000
x-officefe: AM4PEPF000131ED
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 12644
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b500000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: dd974c6c-ae98-4297-bf2f-fb66e4d1ce04, dd974c6c-ae98-4297-bf2f-fb66e4d1ce04
x-officefd: AM4PEPF000102D6
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d, a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
x-powered-by: ARR/3.0
date: Mon, 28 Mar 2022 14:38:50 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: FA522B5C40664EFE9F89725E6AEA59D5 Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:50Z
timing-allow-origin: *, *
expires: Tue, 28 Mar 2023 14:38:50 GMT

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/2057/ Frame 591A 445 KB
68 KB 125ms
125ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/2057/word-app-intl.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3613d51e0463c995199a45147013f673bbb3f4f531be6acfac76251e42d987cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f1e16051a43fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF000069FD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 69251
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 17:26:37 GMT
x-officefd: AM4PEPF000069FD
x-msedge-ref: Ref A: CF240198A2CC4717AFD95235ADB3F6BC Ref B: AM3EDGE0318 Ref C: 2022-03-24T17:26:37Z
x-usersessionid: e9341e8e-a86c-4209-aac1-f56950260a92
date: Mon, 28 Mar 2022 14:38:50 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e9341e8e-a86c-4209-aac1-f56950260a92
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/ Frame 591A 1 MB
237 KB 88ms
87ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/common.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4AAB099BF40D3090_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

214ff4d2fc8e10c0f34f72470401439ce85869e4f17108f5fad77b6e2a291dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"904abec59b3fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15115.41014
x-officefe: DB5PEPF00008420
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 241872
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 16:25:27 GMT
x-officefd: DB5PEPF00008420
x-msedge-ref: Ref A: 0DE6DCD2F2E94958B01FE9340BB5AE9C Ref B: AM3EDGE0707 Ref C: 2022-03-24T16:25:27Z
x-usersessionid: 56a1a45f-6b9b-4a1b-819f-58c98712a4ae
date: Mon, 28 Mar 2022 14:38:50 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 56a1a45f-6b9b-4a1b-819f-58c98712a4ae
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChrome.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/ Frame 591A 232 KB
44 KB 127ms
127ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/appChrome.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4AAB099BF40D3090_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a231647cb4e15ebe3dc8a89f53f5a94cb52dcf3548d2ff78387fd4bf66a2ac31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"8389b8c59b3fd81:0"
x-officecluster: GEU1C
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF0000D3ED
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 44277
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Thu, 24 Mar 2022 16:25:27 GMT
x-officefd: AM4PEPF0000D7C8
x-msedge-ref: Ref A: 60934A4893E84727B430ACE45428DE75 Ref B: AM3EDGE0114 Ref C: 2022-03-24T16:25:27Z
x-usersessionid: 2975c8a7-efc6-40d9-a7be-b2d0ca8bac1b
date: Mon, 28 Mar 2022 14:38:50 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2975c8a7-efc6-40d9-a7be-b2d0ca8bac1b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common50.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/ Frame 591A 2 MB
436 KB 81ms
81ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/common50.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0fd0ad0071e9393ae79be1ddbe9d8b7fa9f40f3307de8ecf8da9d169c79dcda2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"4258fac59b3fd81:0"
x-officecluster: GEU1C
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF0000CAB9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 445047
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Thu, 24 Mar 2022 16:25:28 GMT
x-officefd: AM4PEPF0000D7CE
x-msedge-ref: Ref A: B2C1D48D52294E03998FE79A39030B5A Ref B: AM3EDGE0114 Ref C: 2022-03-24T16:25:28Z
x-usersessionid: 94a64924-570d-4759-866d-86f45e7471ea
date: Mon, 28 Mar 2022 14:38:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 94a64924-570d-4759-866d-86f45e7471ea
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChromeLazy.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/ Frame 591A 527 KB
112 KB 116ms
116ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/appChromeLazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8dd592775285e5866ca3a322e855435510fd4d8389b1fa83b12e750bc84872bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"93781cc69b3fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15115.41014
x-officefe: DB5PEPF0000841F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 113793
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 16:25:28 GMT
x-officefd: DB5PEPF0000841F
x-msedge-ref: Ref A: 07900FA77F3A4F06B6B082FB90908DFB Ref B: AMS04EDGE2920 Ref C: 2022-03-24T16:25:28Z
x-usersessionid: d534f739-5054-4994-8b5f-eafb71ed6220
date: Mon, 28 Mar 2022 14:38:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: d534f739-5054-4994-8b5f-eafb71ed6220
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 591A 31 KB
32 KB 191ms
44ms Font
application/font-woff2 104.92.84.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.84.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-84-173.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Mar 2022 14:38:51 GMT
last-modified: Thu, 26 Oct 2017 19:02:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ZtEeVbekE932qE6Fhpfntg==
etag: 0x8D51CA4122953A7
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 91c5063c-e01e-0038-0f11-165c8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26417468
x-ms-version: 2009-09-19
content-length: 31824

POST
H2 200 RemoteTelemetry.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 0
272 B 59ms
58ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4AAB099BF40D3090_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officeversion: 16.0.15123.41000
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: b9c79cd9-aae8-4019-9528-a13bbf093e9b
x-officecluster: PNL1
x-usersessionid: b9c79cd9-aae8-4019-9528-a13bbf093e9b
date: Mon, 28 Mar 2022 14:38:50 GMT
x-download-options: noopen
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 7BFB76F7758A4876A9A271ACC0580436 Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:51Z
timing-allow-origin: *
x-officefe: AM4PEPF0001030E

GET
H2 200 word-app-intl-lazy.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/2057/ Frame 591A 720 KB
83 KB 201ms
201ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/2057/word-app-intl-lazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4AAB099BF40D3090_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

411a5cf6bce5e7ce6e195da3b185e83bec83aaafb93b9c46f737868f851ef2f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f8dd9f51a43fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF000131EB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 83795
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-akamai-origin-object-size: 83795
last-modified: Thu, 24 Mar 2022 17:26:38 GMT
x-officefd: AM4PEPF000131EB
x-msedge-ref: Ref A: 9BD30E0911B444448148DD2865EFCB44 Ref B: AMS04EDGE1112 Ref C: 2022-03-24T17:26:38Z
x-usersessionid: 3f8782ff-755a-43ad-9682-6f997a2cf46a
date: Mon, 28 Mar 2022 14:38:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 3f8782ff-755a-43ad-9682-6f997a2cf46a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uiSlice20.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/ Frame 591A 869 KB
181 KB 271ms
271ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/uiSlice20.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3f845c0d3ca394c3192f82ae2fe1f417962d446eea119b315316b3cb2ea4c03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"44795c69b3fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15115.41014
x-officefe: DB5PEPF0000C627
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 184428
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 16:25:28 GMT
x-officefd: DB5PEPF0000C627
x-msedge-ref: Ref A: 80E1091C9A5949059DC57E637E85C5EC Ref B: AMS04EDGE2814 Ref C: 2022-03-24T16:25:28Z
x-usersessionid: ee3daed5-12c7-4f36-8c98-7b13f0cba603
date: Mon, 28 Mar 2022 14:38:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ee3daed5-12c7-4f36-8c98-7b13f0cba603
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 591A 42 KB
16 KB 255ms
46ms Script
application/javascript 104.111.237.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4AAB099BF40D3090_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.111.237.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-183.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 14:38:51 GMT
X-MSNServer: RD0003FF242117
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=40523, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H2 200 otelFull.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/ Frame 591A 98 KB
29 KB 106ms
106ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/otelFull.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4AAB099BF40D3090_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f0b2f255d03ea0bf8882c20f60edf66dc73c059e0ff2bafb4a89cb368dffbbe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"36b1b8c59b3fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15115.41014
x-officefe: DB5PEPF0000E7FF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 29062
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 16:25:27 GMT
x-officefd: DB5PEPF0000E7FF
x-msedge-ref: Ref A: 773E7B40F4A740848EBF2496A1A2AA7F Ref B: AM3EDGE0114 Ref C: 2022-03-24T16:25:27Z
x-usersessionid: ebc8cb1c-a75c-4280-9c24-94d339cae4ca
date: Mon, 28 Mar 2022 14:38:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ebc8cb1c-a75c-4280-9c24-94d339cae4ca
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 en-gb Show response
shell.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/ Frame 591A 25 KB
5 KB 207ms
49ms XHR
application/json 2a02:26f0:6c00:2b7::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://shell.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/en-gb

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2b7::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

ba1d79b369aa033db77218d8f804242e115cdcd3a2b907d7fdad532e65b87a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=2592000
content-encoding: gzip
x-content-type-options: nosniff
server: Kestrel
date: Mon, 28 Mar 2022 14:38:51 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache-start: 1648478308, 1648478331
cache-control: max-age=300
x-cdn: 23
timing-allow-origin: *
content-length: 5083
x-o365suiteuxshell-correlationid: 1a2b0c8a-4420-4f7d-89f2-c14dbb7b7508

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 591A 4 B
338 B 606ms
135ms XHR
application/json 13.89.179.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.179.9 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 14:38:51 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://pnl1-word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 translation.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 591A 2 KB
2 KB 56ms
56ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token=1&access_token_ttl=0&z=6b03cb3e0419673a0c03f3f9701c5e792951b9097d4d11bf046c4bd8f04e61b5&uilang=en-GB

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

04a967b8aef787efe54da42c5d4139dffa4ee1844cc88829aeeb49a9e0ed012f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF000131ED
X-UserSessionId: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
Accept-Language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15123.41000
X-Key: JkfZLZZaPCtHlI5Pmf4VEKnOMEa+Zy534yoMapSs0Jg=,637840751295082998
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F2383bb41%252D1e5c%252D4d20%252D8b30%252D7ac0be452cb6%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=179df941-dd35-455e-894a-43fd89d93448
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF000131ED
x-officeversion: 16.0.15123.41000
x-officefe: AM4PEPF000131ED
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1390
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: df69e5a1-f31d-4fa9-8d4f-031ef68c6391, df69e5a1-f31d-4fa9-8d4f-031ef68c6391
x-officefd: AM4PEPF00006A09
x-usersessionid: a9376cd6-cdcc-4fa9-83d5-6e707bb5192d, a9376cd6-cdcc-4fa9-83d5-6e707bb5192d
x-powered-by: ARR/3.0
date: Mon, 28 Mar 2022 14:38:50 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: CF99DD20DC794DD3AF549888D4C5DE76 Ref B: LON21EDGE0616 Ref C: 2022-03-28T14:38:51Z
timing-allow-origin: *, *
expires: -1

GET
H2 200 shellstrings.json Show response
c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/suiteux-shell/strings/en-gb/ Frame 591A 13 KB
5 KB 102ms
102ms XHR
application/json 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/suiteux-shell/strings/en-gb/shellstrings.json

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

906cd04c98297e987a83d7f51bcaa4efaed7950de97d14ec9c05513eb4c5b4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"80a439d4a93fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15115.41014
x-officefe: DB5PEPF0000CE8A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4329
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 18:06:05 GMT
x-officefd: DB5PEPF0000CE8A
x-msedge-ref: Ref A: 8C8E8077912B4E8986A32480ED989E1D Ref B: AMS04EDGE1220 Ref C: 2022-03-24T18:06:05Z
x-usersessionid: 4816c5d6-a5ca-4b46-a201-67d932e33cfc
date: Mon, 28 Mar 2022 14:38:51 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-correlationid: 4816c5d6-a5ca-4b46-a201-67d932e33cfc
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 591A 35 KB
36 KB 48ms
48ms Font
application/font-woff2 104.92.84.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.84.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-84-173.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 28 Mar 2022 14:38:51 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 0e632f6c-601e-0126-1b11-16c033000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26413523
x-ms-version: 2009-09-19
content-length: 36344

GET
H2 200 suiteux.shell.core.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/suiteux-shell/js/ Frame 591A 257 KB
70 KB 77ms
77ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3f2d8e28b45b733672c14a22434c033edf9375e53ae7ace036d844ff8d5d9ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"24bec9e49b3fd81:0"
x-officecluster: GEU2C
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF0000D417
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 71204
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Thu, 24 Mar 2022 16:26:19 GMT
x-officefd: AM4PEPF0000D7CF
x-msedge-ref: Ref A: AC51BCF07106469CA0EB266CF30E12E6 Ref B: AM3EDGE1016 Ref C: 2022-03-24T16:26:19Z
x-usersessionid: efecc32a-04fe-42d4-9308-8011e258050a
date: Mon, 28 Mar 2022 14:38:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: efecc32a-04fe-42d4-9308-8011e258050a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 suiteux.shell.consappdata.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/suiteux-shell/js/ Frame 591A 7 KB
3 KB 87ms
87ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7754ecc83f107a1b9d1accf820762349d00bbfefa0f8ba7c4444a88b81921b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"1b83f5e9d3fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF0001293D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1932
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 16:34:40 GMT
x-officefd: AM4PEPF0001293D
x-msedge-ref: Ref A: F38888F3E8CA48E0BF39D8485F4B3E78 Ref B: AM3EDGE0913 Ref C: 2022-03-24T16:34:40Z
x-usersessionid: 5c181b69-eaed-4f67-8b13-f7510dc0ebe3
date: Mon, 28 Mar 2022 14:38:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5c181b69-eaed-4f67-8b13-f7510dc0ebe3
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 me Show response
amcdn.msftauth.net/ Frame 591A 27 KB
9 KB 134ms
35ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://amcdn.msftauth.net/me?partner=WordOnline&version=10.21153.1&market=EN-GB&wrapperId=suiteshell

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1f382b133ded1943f16edda7ac014927270ecb9160dcd608426bdf720b6591d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 28 Mar 2022 14:38:51 GMT
x-azure-ref: 0e8hBYgAAAAAYl6yloOtOSJQv6TYa3e/tTE9OMjFFREdFMTUxOQA5ZmU2YzNmMS0xNzE4LTRhOTMtOTI1NS02M2NkM2Y4Y2E1YWI=
x-cache: TCP_HIT, CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43200
x-ua-compatible: IE=edge
expires: Mon, 28 Mar 2022 15:58:04 GMT

GET
H2 200 suiteux.shell.plus.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/suiteux-shell/js/ Frame 591A 273 KB
60 KB 95ms
95ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d7ff83751040bf0f3f784d1d8d002c6e6045cc58f12a6a37f2badf2b3a0ebcb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"867bebe49b3fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15115.41014
x-officefe: DB5PEPF0000841F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 60580
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 16:26:20 GMT
x-officefd: DB5PEPF0000841F
x-msedge-ref: Ref A: B2E78617D7F744AEA75514F122AB72F0 Ref B: AMS04EDGE2920 Ref C: 2022-03-24T16:26:20Z
x-usersessionid: ac614938-cfa4-49b3-8be7-b374e97822b8
date: Mon, 28 Mar 2022 14:38:51 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ac614938-cfa4-49b3-8be7-b374e97822b8
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 suiteux.shell.otellogging.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/suiteux-shell/js/ Frame 591A 74 KB
23 KB 88ms
88ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161512341000_App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bc877f37633d6d9c21e9ae669b9a2aaddb9acccc227f16f79423eb0ef78385ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"6a606e59b3fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15115.41014
x-officefe: AM4PEPF00012937
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23057
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 16:26:20 GMT
x-officefd: AM4PEPF00012937
x-msedge-ref: Ref A: E8BEAEAE28F34E5BA181AAD0461FE28C Ref B: AMS04EDGE2908 Ref C: 2022-03-24T16:26:20Z
x-usersessionid: a9ea9cc4-8bb4-44a7-873b-b764f5e483ee
date: Mon, 28 Mar 2022 14:38:52 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a9ea9cc4-8bb4-44a7-873b-b764f5e483ee
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1

200
OK

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1648478331975
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1648478332&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252f...

0
0

361ms
134ms

Image
text/html

20.190.159.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1648478332&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
Protocol: HTTP/1.1
Server: 20.190.159.0 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: AM3PPF2A5E0B447
x-qosstats: {"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-asmversion: UNKNOWN; 19.873.310.2003
date: Mon, 28 Mar 2022 14:38:51 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1648478332&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
x-throwsite: 4212.9205
x-clienterrorcode: PassportAuthFail
ms-cv: TKLQpzNnW02p/In00DD+Ew.0
content-length: 0
x-errorcodechain: Unauthenticated

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.sendx.io/	1969-12-31 23:59:59	Name: sendx_sess Value: 7eca02fe5e8437a15c43d21f20f9664d
.view.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: c1e084264ed5b2909c47e2723cddc252494c21fc1857c251a09d28b5b78c1130
pnl1-word-view.officeapps.live.com/	1970-01-20 04:07:07	Name: DcLcid Value: ui=2057&data=2057
pnl1-word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
pnl1-word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: ShCLSessionID Value: 1648478331653_0.4002583992649167
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: a38e2ff8637c4649b34ffc24b0344438
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=63539&lt=1648478332&co=1
.login.live.com/	1970-01-20 11:16:14	Name: MSCC Value: 217.138.196.108-UK
.login.live.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.Dbmeso8e0HtHt1IV8ZFg20Xkl0XPaUzMUHUJBK2qiLXqHn!xCr6t!cCzdh3dM2!abf2cAK2MtwKduKYVine7qD2iafU0NnqffVHJhDNlVA9xGTSXsvxQLoq1UKfxTPCF5lSZtsRsX!iNMM1FWQwD0WjGsWhinbpV9cXt3ql2iuCWJWaKvXLxe2p6gYA!K6A4ydJwcHHMUwGFDlyDk5p8KAHtSRArwHxeXGRy4fIOIZxAPqgQ1JwDcfVBo6gssriDqeWEW!Lp9bQwf9p6o0NYYub7Annw9oLKSXwNkfutQV9TIN9X2ARtD0nySCwY7nYsPNsQHeAM5fCtgEFn5px8LqWn8PRI!VJAGFmr2ZcHi5mYED5L89s6IxVnz7zcOab9mA1PA!ORwaiqUNvl0RKKKHPEbdorFOrxE39*7RAcWF9L0hcbR!qUwIiId032uu9EnkXpHvOJR2119WJR0rtTsmt8F5coTU80w4
.login.live.com/	1969-12-31 23:59:59	Name: MSPOK Value: $uuid-86cb2c5e-80cb-4f5c-a0cf-8272b1b0fb03

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amcdn.msftauth.net
api.sx2.email
app.sendx.io
browser.events.data.microsoft.com
c1h-word-view-15.cdn.office.net
js.live.net
login.live.com
pnl1-word-view.officeapps.live.com
sendpost-24928.sptracki.com
shell.cdn.office.net
static2.sharepointonline.com
storage.live.com
view.officeapps.live.com
104.111.237.183
104.92.84.173
13.104.158.179
13.89.179.9
20.190.159.0
2620:1ec:46::44
2620:1ec:a92::171
2a02:26f0:6c00:2b7::4b36
2a02:26f0:fb:5b3::1c24
3.214.235.32
44.194.226.224
54.92.251.90
04a967b8aef787efe54da42c5d4139dffa4ee1844cc88829aeeb49a9e0ed012f
0711068fc36c23a515aa00790c26ed770948748958e8726214a97bc0ff1e4f07
08d1349e1f123b78c2c23224d83e7e5e249867c70c679e737fe63d3e983285d2
0fd0ad0071e9393ae79be1ddbe9d8b7fa9f40f3307de8ecf8da9d169c79dcda2
1f382b133ded1943f16edda7ac014927270ecb9160dcd608426bdf720b6591d1
214ff4d2fc8e10c0f34f72470401439ce85869e4f17108f5fad77b6e2a291dda
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
2588c6ffc67ab4fcccf2b740378583d29633cfcf50136f5595e5741acb763f77
267dcbe0efb936dbd9803c3066acbe2ebd2e137adb86a1db5f8c9835fc2fa72b
2f2ae8c85fc7f26634d5fa4a3cb83ba4e40cfdee460474b4fe58aa0b96be2dbe
32314013a0ed063fd5a9f7ad819a3a91c7bf5d405134951e8a6cdf2c46746902
3613d51e0463c995199a45147013f673bbb3f4f531be6acfac76251e42d987cb
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
3f2d8e28b45b733672c14a22434c033edf9375e53ae7ace036d844ff8d5d9ef0
3f845c0d3ca394c3192f82ae2fe1f417962d446eea119b315316b3cb2ea4c03b
411a5cf6bce5e7ce6e195da3b185e83bec83aaafb93b9c46f737868f851ef2f4
4aab099bf40d3090a49b48562907e617dac8a4241fe4d7173cb907f347815c4d
4ba94753713d8f341129b6a5c8bda264fd43eda8fbedd18896fd11b9c640de01
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
512544540f524fa33787e065612086678e67673a22d50d1c52f4a19cc7e56bc3
6581c42a8df061bde74f89c567379ffd74cd8a9447192f7d2c2bb366a476293a
7754ecc83f107a1b9d1accf820762349d00bbfefa0f8ba7c4444a88b81921b04
7a6d425076a4b4be91d74cb1b33080980b8a223bb0602488bf986b31525d435c
8a58e71496d547cc6ab3cfb6165221a82dc74ae386801d7a4379ec1bd7535749
8dd592775285e5866ca3a322e855435510fd4d8389b1fa83b12e750bc84872bf
906cd04c98297e987a83d7f51bcaa4efaed7950de97d14ec9c05513eb4c5b4bb
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
a231647cb4e15ebe3dc8a89f53f5a94cb52dcf3548d2ff78387fd4bf66a2ac31
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
ba1d79b369aa033db77218d8f804242e115cdcd3a2b907d7fdad532e65b87a68
bc877f37633d6d9c21e9ae669b9a2aaddb9acccc227f16f79423eb0ef78385ff
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d7ff83751040bf0f3f784d1d8d002c6e6045cc58f12a6a37f2badf2b3a0ebcb0
d8326bb4760631a8487732482af651a31c4d630a4a86a5c34e1bb44cce542e02
d85c25b372975a7b470aa72f9e5d6aa22511d15b503d8095adb3ea31957ab2f3
df08e5204ac716e43d553bb4997a60095ee9d21355f7537065b91bdfbd37fc78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c1e39ebd1262067f33a6505542dde5b313b2b6e68f0f125d10164e027ef7e3
f0b2f255d03ea0bf8882c20f60edf66dc73c059e0ff2bafb4a89cb368dffbbe5
f49f8c6fd6329d4b1e005f29a14629976525c72a35dc6f45d26ee24f43f21910
f5df134422bff2170c5f26b44dcd2ad6f64647676129b1c5a170e6f12ccc6449

view.officeapps.live.com Open in urlscan Pro 2620:1ec:a92::171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

96 %HTTPS

33 %IPv6

9 Domains

13 Subdomains

9 IPs

4 Countries

2826 kBTransfer

12384 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

view.officeapps.live.com Open in urlscan Pro
2620:1ec:a92::171 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

96 %
HTTPS

33 %
IPv6

9
Domains

13
Subdomains

9
IPs

4
Countries

2826 kB
Transfer

12384 kB
Size

10
Cookies

55 HTTP transactions
1 data transactions