view.officeapps.live.com Open in urlscan Pro
2620:1ec:a92::171 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fs3.us-east-1.amazonaws.com%2Fproduction.main.customer.data%2Fatta...
Submission: On May 02 via manual (May 2nd 2023, 6:06:56 pm UTC) from US — Scanned from DE

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 4 domains to perform 51 HTTP transactions. The main IP is 2620:1ec:a92::171, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is view.officeapps.live.com. The Cisco Umbrella rank of the primary domain is 56149.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 11th 2023. Valid for: a year.

This is the only time view.officeapps.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
29	2a02:26f0:350... 2a02:26f0:3500:588::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:683d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.19.36.84 2.19.36.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	20.50.80.210 20.50.80.210	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.105.66.144 13.105.66.144	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.126.32.140 40.126.32.140	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
51	7

14 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pnl1-word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a02:26f0:3500:588::1c24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1h-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:c::5c7b:683d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res-1.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.36.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-36-84.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.80.210 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eu-office.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.105.66.144 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

storage.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.32.140 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	office.net c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 13493 res-1.cdn.office.net — Cisco Umbrella Rank: 1610	2 MB
16	live.com 1 redirects view.officeapps.live.com — Cisco Umbrella Rank: 56149 pnl1-word-view.officeapps.live.com — Cisco Umbrella Rank: 247361 storage.live.com — Cisco Umbrella Rank: 172 login.live.com — Cisco Umbrella Rank: 61	242 KB
1	microsoft.com eu-office.events.data.microsoft.com — Cisco Umbrella Rank: 3296
1	live.net js.live.net — Cisco Umbrella Rank: 28043	16 KB
51	4

	Domain	Requested by
29	c1h-word-view-15.cdn.office.net	pnl1-word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
13	pnl1-word-view.officeapps.live.com	pnl1-word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
3	res-1.cdn.office.net	c1h-word-view-15.cdn.office.net
1	login.live.com
1	storage.live.com	1 redirects
1	eu-office.events.data.microsoft.com
1	js.live.net	c1h-word-view-15.cdn.office.net
1	view.officeapps.live.com
51	8

This site contains no links.

Subject Issuer	Validity	Valid
officeapps.live.com DigiCert SHA2 Secure Server CA	`2023-04-11` - `2024-04-11`	a year	crt.sh
*.cdn.office.net Microsoft Azure TLS Issuing CA 02	`2023-01-11` - `2024-01-06`	a year	crt.sh
*.res.outlook.com DigiCert SHA2 Secure Server CA	`2023-04-17` - `2024-04-17`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2022-08-12` - `2023-08-12`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2023-03-08` - `2024-03-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fs3.us-east-1.amazonaws.com%2Fproduction.main.customer.data%2Fattachments%2F6899a03592c6ed735a21%2FVendor%2520Reference%2520Request.docx%3FversionId%3DokXlrJLbLe4GyCFVwp.pq_9BsvDXiSK8%26X-Amz-Algorithm%3DAWS4-HMAC-SHA256%26X-Amz-Credential%3DAKIAREFPCQSXWXB2QTVW%252F20230502%252Fus-east-1%252Fs3%252Faws4_request%26X-Amz-Date%3D20230502T180634Z%26X-Amz-Expires%3D600%26X-Amz-SignedHeaders%3Dhost%26X-Amz-Signature%3De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&wdOrigin=BROWSELINK
Frame ID: B4799707E7A8C93D0A113F6B0075C889
Requests: 2 HTTP requests in this frame

Frame: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a
Frame ID: 1AB5637979700E8A24F0779CA868E337
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vendor Reference Request.docx

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

Page Statistics

51
Requests

94 %
HTTPS

43 %
IPv6

4
Domains

8
Subdomains

7
IPs

4
Countries

2822 kB
Transfer

13533 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1683050812997 HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1683050813&rver=7.5.2116.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

51 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request view.aspx Show response
view.officeapps.live.com/op/ 5 KB
3 KB 81ms
19ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fs3.us-east-1.amazonaws.com%2Fproduction.main.customer.data%2Fattachments%2F6899a03592c6ed735a21%2FVendor%2520Reference%2520Request.docx%3FversionId%3DokXlrJLbLe4GyCFVwp.pq_9BsvDXiSK8%26X-Amz-Algorithm%3DAWS4-HMAC-SHA256%26X-Amz-Credential%3DAKIAREFPCQSXWXB2QTVW%252F20230502%252Fus-east-1%252Fs3%252Faws4_request%26X-Amz-Date%3D20230502T180634Z%26X-Amz-Expires%3D600%26X-Amz-SignedHeaders%3Dhost%26X-Amz-Signature%3De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&wdOrigin=BROWSELINK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

92249b4537e9f17746302b0b53ad64b7ea94fdcbef8bc883ad0aef9c4bc84160

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 02 May 2023 18:06:50 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: ca0e4497-605c-4e51-960f-8b78c710005a
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: A620E5B6DB554F44B12D30860439155E Ref B: AMS231032605049 Ref C: 2023-05-02T18:06:50Z
x-officecluster: PNL1
x-officefd: AM4PEPF00021F0E
x-officefe: AM4PEPF0001B1FD
x-officeversion: 16.0.16426.41002

GET
DATA 200
OK truncated
/ 695 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 wordviewerframe.aspx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 1AB5 99 KB
102 KB 86ms
64ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

365797cc29ce37dae80fed0011329850f721a9a35b8baee8651d4adf9ea85d03

Security Headers

Name	Value
Content-Security-Policy	font-src data: 'self' c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net .azureedge.net fs.microsoft.com .cdn.office.net res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com .cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com .cdn.office.net res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://view.officeapps.live.com
Referer: https://view.officeapps.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: 'self' c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com *.cdn.office.net res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com *.cdn.office.net res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Tue, 02 May 2023 18:06:51 GMT
document-policy: js-profiling
expires: -1
origin-trial: AtAgCmjF9NSDe7WG5+zXddNhpryHIhWvHG5BxTAcMRn1V9oswBhX2RSXHeDxLcwXMB/NYHr3BAXOBJJY1ita2BAAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNzAzOTgwODAwfQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
server-timing: prerender;dur=31,render;dur=0,total;dur=31
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: d3000e0c-a51d-42ab-8b0f-ac95084e7705
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: CB7FCDED74EA452295F49D1210C914B5 Ref B: AMS231032605049 Ref C: 2023-05-02T18:06:51Z
x-officecluster: PNL1
x-officefd: AM4PEPF000131F5
x-officefe: AM4PEPF000131F5
x-officeversion: 16.0.16427.41003
x-usersessionid: d3000e0c-a51d-42ab-8b0f-ac95084e7705

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/hBEC3828C907F157E_resources/1031/ Frame 1AB5 273 KB
34 KB 43ms
7ms Stylesheet
text/css 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hBEC3828C907F157E_resources/1031/WordViewer.css

Requested by

Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bec3828c907f157e92740de53428d53a1bbe0a7dfbce05b52dd6c43150aa46d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16419.41001
x-officefe: DB5PEPF00011ACA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 34025
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 24 Apr 2023 05:46:04 GMT
x-correlationid: b83b74f2-9d4c-4ae3-a6f0-b49c4d805324
x-usersessionid: b83b74f2-9d4c-4ae3-a6f0-b49c4d805324
x-msedge-ref: Ref A: 9E73978D5BAE4515843ADE780B3FFC5C Ref B: AMS231032605005 Ref C: 2023-04-24T05:46:04Z
x-officecluster: PIE1
etag: W/"7049ece7076d91:0"
x-officefd: DB5PEPF00011ACA
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clientManifest.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h998B33E6F61D5932_resources/de-DE/ Frame 1AB5 208 KB
56 KB 49ms
13ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h998B33E6F61D5932_resources/de-DE/clientManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

998b33e6f61d59326314d512b7029f4e9bbbd1078686a6628f878c5066ce3707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16425.41003
x-officefe: AM4PEPF000131F4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 56001
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:14:22 GMT
x-correlationid: e5377c57-73ab-4ed5-86c7-2a77f96665fb
x-usersessionid: e5377c57-73ab-4ed5-86c7-2a77f96665fb
x-msedge-ref: Ref A: 0BB8050C7B0C49E9AEF52AE8B763A687 Ref B: AMS231032608023 Ref C: 2023-04-28T09:14:22Z
x-officecluster: PNL1
etag: W/"417f58d2b179d91:0"
x-officefd: AM4PEPF000131F4
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h83EC8E5F8A3D3009_App_Scripts/ Frame 1AB5 123 KB
28 KB 55ms
22ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h83EC8E5F8A3D3009_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

83ec8e5f8a3d30098514d5f3e0aa4905d1eba0518404d92d6f1a9d6adc087fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16421.41002
x-officefe: DB5PEPF00011AEA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27785
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 26 Apr 2023 02:03:04 GMT
x-correlationid: e0a30233-5c72-4905-8d07-5adcc71c40b3
x-usersessionid: e0a30233-5c72-4905-8d07-5adcc71c40b3
x-msedge-ref: Ref A: C9FE992E990A4DB29701FA054C796D68 Ref B: AMS231032604031 Ref C: 2023-04-26T09:25:00Z
x-officecluster: PIE1
etag: "e3409a3ce377d91:0"
x-officefd: DB5PEPF00011AEA
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h9F409BD24176B588_App_Scripts/1031/ Frame 1AB5 184 KB
37 KB 52ms
20ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h9F409BD24176B588_App_Scripts/1031/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8705230788e62738b2c83d9e527b2439cf6286198f61b5aeefc952a14d05d53d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16425.41003
x-officefe: AM4PEPF00012938
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 37121
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:14:22 GMT
x-correlationid: d5430735-f3ab-4032-96b5-715f4bc5c71c
x-usersessionid: d5430735-f3ab-4032-96b5-715f4bc5c71c
x-msedge-ref: Ref A: 2D5FF3CE1D174A36A02CAAA582C78279 Ref B: AMS231032606039 Ref C: 2023-04-28T09:14:22Z
x-officecluster: PNL1
etag: W/"ca2854d2b179d91:0"
x-officefd: AM4PEPF00012938
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame 1AB5 6 KB
2 KB 14ms
14ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16414.41002
x-officefe: DB5PEPF00011AA5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1373
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 18 Apr 2023 22:08:41 GMT
x-correlationid: 09b3bec8-88cf-4a22-9fd4-eccc17ae11ff
x-usersessionid: 09b3bec8-88cf-4a22-9fd4-eccc17ae11ff
x-msedge-ref: Ref A: 13F4DA4C338A428B9F4023BEE7CAF167 Ref B: AMS231032602027 Ref C: 2023-04-20T19:57:13Z
x-officecluster: PIE1
etag: "7e1abe554272d91:0"
x-officefd: DB5PEPF00011AA5
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hC007B0C71FCEF09D_App_Scripts/1031/ Frame 1AB5 23 KB
5 KB 15ms
14ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC007B0C71FCEF09D_App_Scripts/1031/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

72dbdbc38cf44bb00d65c393ba261c363aaca900022e75c8e64e4401e5527dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16418.41008
x-officefe: DM3PEPF00014B8C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4591
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 19 Apr 2023 12:44:49 GMT
x-correlationid: b0a725a4-6c81-464e-93d7-8bdb2b02d137
x-usersessionid: b0a725a4-6c81-464e-93d7-8bdb2b02d137
x-msedge-ref: Ref A: 5AEC7E7C95774824A773D81997480938 Ref B: AMS231032608045 Ref C: 2023-04-20T20:13:47Z
x-officecluster: US4C
etag: "1a2e1babc72d91:0"
x-officefd: DM3PEPF00014B8C
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h58E1C1FDA2E8CF9B_App_Scripts/1031/ Frame 1AB5 549 KB
85 KB 43ms
7ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h58E1C1FDA2E8CF9B_App_Scripts/1031/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

58e1c1fda2e8cf9ba0b7a91cc73567b7e101e63521042e1a4fa138b69879b65a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16425.41003
x-officefe: AM4PEPF00012934
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 86629
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:14:22 GMT
x-correlationid: 60f2d06f-ae14-4b6d-86ad-8ce59b1088ce
x-usersessionid: 60f2d06f-ae14-4b6d-86ad-8ce59b1088ce
x-msedge-ref: Ref A: 9E287AE77ACD4265ABC3B78F6AABF5CD Ref B: AMS231032609007 Ref C: 2023-04-28T09:14:22Z
x-officecluster: PNL1
etag: W/"5995cd2b179d91:0"
x-officefd: AM4PEPF00012934
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCF3BF71B6415A234_App_Scripts/exp/ Frame 1AB5 16 KB
6 KB 51ms
15ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCF3BF71B6415A234_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cf3bf71b6415a23475289cb8a76e7f97775a7f555e85436aee203015e9a28ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16425.41003
x-officefe: DB5PEPF00011AC3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5225
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:03:22 GMT
x-correlationid: b992ee16-d450-451e-86d4-d2a193735cdc
x-usersessionid: b992ee16-d450-451e-86d4-d2a193735cdc
x-msedge-ref: Ref A: 8293AB338434462C824BB52E333C40D2 Ref B: AMS231032602009 Ref C: 2023-04-28T09:03:22Z
x-officecluster: PIE1
etag: W/"ab2fb448b079d91:0"
x-officefd: DB5PEPF00011AC3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h79953382B945AA7B_App_Scripts/ Frame 1AB5 3 MB
485 KB 16ms
15ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h79953382B945AA7B_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

79953382b945aa7b65969c8f596ad8e8dd4b57df5793063cd360911ca05d777a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16425.41003
x-officefe: AM4PEPF00012936
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 495176
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Fri, 28 Apr 2023 09:11:39 GMT
x-correlationid: 67056941-56ee-45af-9885-7c09400a902b
x-usersessionid: 67056941-56ee-45af-9885-7c09400a902b
x-msedge-ref: Ref A: 857B4E614F664B47831427CEEBB568E8 Ref B: AMS231032605039 Ref C: 2023-04-28T09:11:39Z
x-officecluster: PNL1
etag: W/"c72bb770b179d91:0"
x-officefd: AM4PEPF00012936
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 1AB5 0
660 B 29ms
28ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16427.41003&waccluster=PNL1&usid=d3000e0c-a51d-42ab-8b0f-ac95084e7705

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a
X-UserSessionId: d3000e0c-a51d-42ab-8b0f-ac95084e7705
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16427.41003
x-officefe: AM4PEPF00012935
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: f5feaed5-b656-4dd1-8033-936e7fe9a64d
x-officecluster: PNL1
x-usersessionid: d3000e0c-a51d-42ab-8b0f-ac95084e7705
x-msedge-ref: Ref A: A3F9F6CED1DD4A02B3F93940488D7AD7 Ref B: AMS231032605049 Ref C: 2023-05-02T18:06:51Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 1AB5 62 KB
63 KB 519ms
519ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token=1&access_token_ttl=0&z=9a477148a220eca6ca36993c9035064c7f0dc26f4e766e8fdf4eade7b4a7f4cd&v=00000000-0000-0000-0000-000000000802&usid=d3000e0c-a51d-42ab-8b0f-ac95084e7705&splashscreen=1&build=16.0.16427.41003&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1c9aa7cf70f15445675ea4590ce364655effd905458f0bce6be0619bc442b2e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 18:06:51 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF000069E8
x-officeversion: 16.0.16427.41003
x-officefe: AM4PEPF000069E8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 63709
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5cf80480-3c6e-441d-9aab-4179d652f1b3
x-officecluster: PNL1
x-usersessionid: d3000e0c-a51d-42ab-8b0f-ac95084e7705
x-msedge-ref: Ref A: 6CF176134F3248AEA15AB333F184F9AC Ref B: AMS231032605049 Ref C: 2023-05-02T18:06:51Z
x-officefd: AM4PEPF000069E8
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token=1&access_token_ttl=0&z=9a477148a220eca6ca36993c9035064c7f0dc26f4e766e8fdf4eade7b4a7f4cd00000000-0000-0000-0000-000000000802p1.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Wed, 01 May 2024 18:06:51 GMT

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 1AB5 0
245 B 21ms
21ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16427.41003&waccluster=PNL1&usid=d3000e0c-a51d-42ab-8b0f-ac95084e7705

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a
X-UserSessionId: d3000e0c-a51d-42ab-8b0f-ac95084e7705
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":54,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/hBEC3828C907F157E_resources/1031/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16427.41003
x-officefe: AM4PEPF00012937
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: b42dc9da-73ef-4c50-9975-23fbf30cddf0
x-officecluster: PNL1
x-usersessionid: d3000e0c-a51d-42ab-8b0f-ac95084e7705
x-msedge-ref: Ref A: 6313405226EE42B1A035A9A80775C905 Ref B: AMS231032605049 Ref C: 2023-05-02T18:06:51Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H2 200 sharedheaderplaceholder-icons.woff
c1h-word-view-15.cdn.office.net/wv/s/h09A1411BF361D3D6_App_Scripts/fonts/ Frame 1AB5 3 KB
4 KB 8ms
7ms Font
font/x-woff 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h09A1411BF361D3D6_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

09a1411bf361d3d649f4ff5098e0197510232477bf099872f58f5d1ec483e9af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16418.41008
x-officefe: DB5PEPF00011AAA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2944
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 20 Apr 2023 22:39:37 GMT
x-correlationid: 49bf7a26-bc48-42db-b75c-21fae0783d48
x-usersessionid: 49bf7a26-bc48-42db-b75c-21fae0783d48
x-msedge-ref: Ref A: C9AF742979A74328BC99A33DBFA7DCDA Ref B: AMS231032609025 Ref C: 2023-04-21T20:22:11Z
x-officecluster: PIE1
etag: "55db7fcd873d91:0"
x-officefd: DB5PEPF00011AAA
content-type: font/x-woff
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 1AB5 0
232 B 19ms
19ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16427.41003&waccluster=PNL1&usid=d3000e0c-a51d-42ab-8b0f-ac95084e7705

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a
X-UserSessionId: d3000e0c-a51d-42ab-8b0f-ac95084e7705
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":310,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16427.41003
x-officefe: AM4PEPF00012372
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: f56c5e1e-40bc-468b-b081-4b6c27267211
x-officecluster: PNL1
x-usersessionid: d3000e0c-a51d-42ab-8b0f-ac95084e7705
x-msedge-ref: Ref A: F1BA15251EA54FF2BEA8E79675B60675 Ref B: AMS231032605049 Ref C: 2023-05-02T18:06:51Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 1AB5 0
174 B 29ms
28ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteTelemetry.ashx?usid=d3000e0c-a51d-42ab-8b0f-ac95084e7705&build=16.0.16427.41003

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h79953382B945AA7B_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 18:06:51 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.16427.41003
x-officefe: AM4PEPF000131F2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: f90751a5-f360-4ca3-b673-5349a7cdcebd
x-officecluster: PNL1
x-usersessionid: d3000e0c-a51d-42ab-8b0f-ac95084e7705
x-msedge-ref: Ref A: 934611ECA5894CF7B11D1DB5D075141C Ref B: AMS231032605049 Ref C: 2023-05-02T18:06:51Z
x-download-options: noopen
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
cache-control: private
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 1AB5 445 B
767 B 38ms
38ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token=1&access_token_ttl=0&z=9a477148a220eca6ca36993c9035064c7f0dc26f4e766e8fdf4eade7b4a7f4cd&type=png&o15=1&ui=de-DE

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h83EC8E5F8A3D3009_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

4f33c0473e9dcab99842833a69707f3f1b6844a4be9b6cc81379aed620d33287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF000131F5
X-UserSessionId: d3000e0c-a51d-42ab-8b0f-ac95084e7705
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.16427.41003
X-Key: KBscgh7z5mHYwsyesAAbF2+CYlDtr2BgqQz+etTTS+Y=,638186476114024422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 18:06:51 GMT
x-wacfrontend: AM4PEPF000131F5
x-officeversion: 16.0.16427.41003
x-powered-by: ARR/3.0
x-officefe: AM4PEPF000131F5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 415
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: a6e8ae1d-d78d-4082-abc7-5dd9a4e03351, a6e8ae1d-d78d-4082-abc7-5dd9a4e03351
x-officecluster: PNL1
x-usersessionid: d3000e0c-a51d-42ab-8b0f-ac95084e7705, d3000e0c-a51d-42ab-8b0f-ac95084e7705
x-msedge-ref: Ref A: BA8AA36531C040A3823B000285B3F323 Ref B: AMS231032605049 Ref C: 2023-05-02T18:06:51Z
x-officefd: AM4PEPF00006032
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
timing-allow-origin: *, *
expires: Wed, 01 May 2024 18:06:51 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hDD4039F8AFAC6FD7_App_Scripts/ Frame 1AB5 41 KB
7 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hDD4039F8AFAC6FD7_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h79953382B945AA7B_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dd4039f8afac6fd76b462c4fd4f90374b18db762719108491ac2e365196d71ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16421.41002
x-officefe: DB5PEPF00011AC6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 6113
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 26 Apr 2023 00:45:01 GMT
x-correlationid: be49ecbd-8ae2-4175-8b10-84c17adef396
x-usersessionid: be49ecbd-8ae2-4175-8b10-84c17adef396
x-msedge-ref: Ref A: 9D391755B21A4A9AB0805351A9343E3B Ref B: AMS231032606053 Ref C: 2023-04-26T19:45:56Z
x-officecluster: PIE1
etag: "12ae5c55d877d91:0"
x-officefd: DB5PEPF00011AC6
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/hBEC3828C907F157E_resources/1031/ Frame 1AB5 22 KB
23 KB 7ms
7ms Font
font/x-woff 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hBEC3828C907F157E_resources/1031/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hBEC3828C907F157E_resources/1031/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/hBEC3828C907F157E_resources/1031/WordViewer.css
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16419.41001
x-officefe: DB5PEPF00011AB7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 24 Apr 2023 06:09:04 GMT
x-correlationid: ac39ab5e-0fc6-47f7-95a4-2435cd1f3173
x-usersessionid: ac39ab5e-0fc6-47f7-95a4-2435cd1f3173
x-msedge-ref: Ref A: 71319E58CBE94EFDAEEFDAC36EBDE9AA Ref B: AMS231032601023 Ref C: 2023-04-24T06:09:04Z
x-officecluster: PIE1
etag: W/"b34ece457376d91:0"
x-officefd: DB5PEPF00011AB7
content-type: font/x-woff
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
BLOB 200
OK 9076da57-4d1d-4499-adef-1213b3e7499e
https://pnl1-word-view.officeapps.live.com/ Frame 1AB5 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pnl1-word-view.officeapps.live.com/9076da57-4d1d-4499-adef-1213b3e7499e
Requested by: Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 1AB5 0
493 B 20ms
20ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16427.41003&waccluster=PNL1&usid=d3000e0c-a51d-42ab-8b0f-ac95084e7705

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a
X-UserSessionId: d3000e0c-a51d-42ab-8b0f-ac95084e7705
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":539,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16427.41003
x-officefe: AM4PEPF00012936
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7e996e70-b437-4ee1-a023-5b363d765134
x-officecluster: PNL1
x-usersessionid: d3000e0c-a51d-42ab-8b0f-ac95084e7705
x-msedge-ref: Ref A: A74502A57ECE4FF7970D415D9D6B2F07 Ref B: AMS231032605049 Ref C: 2023-05-02T18:06:52Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h33BEF8C0CB675EA7_App_Scripts/ Frame 1AB5 861 KB
141 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h33BEF8C0CB675EA7_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h79953382B945AA7B_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

33bef8c0cb675ea78e2f40d1ea3bc56f4ec93834c14c4c654a4c704d88798900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16425.41003
x-officefe: DB5PEPF00011AC9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 143562
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:09:45 GMT
x-correlationid: e9cd94c9-a2bc-45e0-9583-0dbd00a8cd83
x-usersessionid: e9cd94c9-a2bc-45e0-9583-0dbd00a8cd83
x-msedge-ref: Ref A: ACB55BB05B264DE1BAECA415C34F30C6 Ref B: AMS231032604051 Ref C: 2023-04-28T09:09:45Z
x-officecluster: PIE1
etag: W/"2defdc2cb179d91:0"
x-officefd: DB5PEPF00011AC9
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1031/ Frame 1AB5 695 B
1 KB 8ms
7ms Image
image/gif 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1031/progress.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16419.41001
x-officefe: AM4PEPF0001237C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 22 Apr 2023 01:37:02 GMT
x-correlationid: 8672e17b-b85a-4e35-8fdc-40dfa18ba8f8
x-usersessionid: 8672e17b-b85a-4e35-8fdc-40dfa18ba8f8
x-msedge-ref: Ref A: D8CDAA7A32524726BBAEC922FC176E76 Ref B: AMS231032609047 Ref C: 2023-04-24T07:43:01Z
x-officecluster: PNL1
etag: "6f28fcefba74d91:0"
x-officefd: AM4PEPF0001237C
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 1AB5 62 KB
63 KB 58ms
58ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=d3000e0c-a51d-42ab-8b0f-ac95084e7705&build=16.0.16427.41003&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token=1&access_token_ttl=0&z=9a477148a220eca6ca36993c9035064c7f0dc26f4e766e8fdf4eade7b4a7f4cd&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1c9aa7cf70f15445675ea4590ce364655effd905458f0bce6be0619bc442b2e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 18:06:51 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF00012378
x-officeversion: 16.0.16427.41003
x-officefe: AM4PEPF00012378
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 63709
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 3346558d-5fd7-4cc1-89c8-a61afad6d482
x-officecluster: PNL1
x-usersessionid: d3000e0c-a51d-42ab-8b0f-ac95084e7705
x-msedge-ref: Ref A: 9B2BF107F6044E348C07A7AA5B71E204 Ref B: AMS231032605049 Ref C: 2023-05-02T18:06:52Z
x-officefd: AM4PEPF00012378
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token=1&access_token_ttl=0&z=9a477148a220eca6ca36993c9035064c7f0dc26f4e766e8fdf4eade7b4a7f4cd00000000-0000-0000-0000-000000000802p1.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Wed, 01 May 2024 18:06:52 GMT

GET
H2 200 ResReader.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 1AB5 11 KB
4 KB 53ms
52ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=d3000e0c-a51d-42ab-8b0f-ac95084e7705&build=16.0.16427.41003&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token=1&access_token_ttl=0&z=9a477148a220eca6ca36993c9035064c7f0dc26f4e766e8fdf4eade7b4a7f4cd&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h83EC8E5F8A3D3009_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

6527135b32c0789a8cd7f5ed6d4c04421f69faa41658296c5305e4a660044a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF000131F5
X-UserSessionId: d3000e0c-a51d-42ab-8b0f-ac95084e7705
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.16427.41003
X-Key: KBscgh7z5mHYwsyesAAbF2+CYlDtr2BgqQz+etTTS+Y=,638186476114024422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 18:06:51 GMT
x-wacfrontend: AM4PEPF000131F5
x-officeversion: 16.0.16427.41003
x-powered-by: ARR/3.0
x-officefe: AM4PEPF000131F5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3376
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 74e3e91e-5a85-4228-8dc7-be0fab39085d, 74e3e91e-5a85-4228-8dc7-be0fab39085d
x-officecluster: PNL1
x-usersessionid: d3000e0c-a51d-42ab-8b0f-ac95084e7705, d3000e0c-a51d-42ab-8b0f-ac95084e7705
x-msedge-ref: Ref A: 1A29D0BAA25B499E9D3AD3EC6A6BF371 Ref B: AMS231032605049 Ref C: 2023-05-02T18:06:52Z
x-officefd: AM4PEPF000131EF
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token=1&access_token_ttl=0&z=9a477148a220eca6ca36993c9035064c7f0dc26f4e766e8fdf4eade7b4a7f4cd00000000-0000-0000-0000-000000000802p_1_10.xml"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
timing-allow-origin: *, *
expires: Wed, 01 May 2024 18:06:52 GMT

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161642741003_App_Scripts/1031/ Frame 1AB5 549 KB
85 KB 10ms
9ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161642741003_App_Scripts/1031/word-app-intl.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hCF3BF71B6415A234_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

58e1c1fda2e8cf9ba0b7a91cc73567b7e101e63521042e1a4fa138b69879b65a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16425.41003
x-officefe: AM4PEPF0001292F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 86629
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:15:19 GMT
x-correlationid: 089cbea0-8d65-46c8-8bb4-4dd2c2555fd2
x-usersessionid: 089cbea0-8d65-46c8-8bb4-4dd2c2555fd2
x-msedge-ref: Ref A: 8DD0D987DDAB4F80B1FD3E5B801B0468 Ref B: AMS231032607029 Ref C: 2023-04-28T09:15:19Z
x-officecluster: PNL1
etag: W/"b8b614f4b179d91:0"
x-officefd: AM4PEPF0001292F
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h0185CCD62300DF61_App_Scripts/exp/ Frame 1AB5 2 MB
302 KB 11ms
10ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h0185CCD62300DF61_App_Scripts/exp/common.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hCF3BF71B6415A234_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0185ccd62300df615034fa03a740535de17bf3cd4f6f10308a223ffbefff7f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16425.41003
x-officefe: AM4PEPF00012371
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 308130
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:09:46 GMT
x-correlationid: 371d535f-6672-4311-856b-7a3ff46b9f6f
x-usersessionid: 371d535f-6672-4311-856b-7a3ff46b9f6f
x-msedge-ref: Ref A: 5E5246B7A2F4425995A65FA348D2B75A Ref B: AMS231032603029 Ref C: 2023-04-28T09:09:45Z
x-officecluster: PNL1
etag: W/"f2c64e2db179d91:0"
x-officefd: AM4PEPF00012371
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChrome.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h55B00CD863D9DC1A_App_Scripts/exp/ Frame 1AB5 253 KB
47 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h55B00CD863D9DC1A_App_Scripts/exp/appChrome.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hCF3BF71B6415A234_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

55b00cd863d9dc1a1af886b9fff37617f9ae0a836f112f9cbcd42572003adbc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16425.41003
x-officefe: AM4PEPF000069EA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 47094
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:09:46 GMT
x-correlationid: f43d55cc-98f7-4c83-8119-db575a16b25d
x-usersessionid: f43d55cc-98f7-4c83-8119-db575a16b25d
x-msedge-ref: Ref A: BE716BA437E44CD39BE2FBB6B334F7C5 Ref B: AMS231032605005 Ref C: 2023-04-28T09:09:46Z
x-officecluster: PNL1
etag: W/"61b6692db179d91:0"
x-officefd: AM4PEPF000069EA
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1031/ Frame 1AB5 695 B
1 KB 7ms
7ms Image
image/gif 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1031/progress.gif

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h79953382B945AA7B_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16419.41001
x-officefe: AM4PEPF0001237C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 22 Apr 2023 01:37:02 GMT
x-correlationid: 8672e17b-b85a-4e35-8fdc-40dfa18ba8f8
x-usersessionid: 8672e17b-b85a-4e35-8fdc-40dfa18ba8f8
x-msedge-ref: Ref A: D8CDAA7A32524726BBAEC922FC176E76 Ref B: AMS231032609047 Ref C: 2023-04-24T07:43:01Z
x-officecluster: PNL1
etag: "6f28fcefba74d91:0"
x-officefd: AM4PEPF0001237C
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161642741003_resources/1031/ Frame 1AB5 34 KB
35 KB 7ms
7ms Image
image/png 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161642741003_resources/1031/wv.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16427.41003
x-officefe: AM4PEPF00012272
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 06:00:17 GMT
x-correlationid: 29f2da2f-7af7-4b12-b276-514b87da5188
x-usersessionid: 29f2da2f-7af7-4b12-b276-514b87da5188
x-msedge-ref: Ref A: 8000555356844CB6B3B048FBA1936E7C Ref B: AMS231032607009 Ref C: 2023-04-28T09:14:23Z
x-officecluster: SNL1
etag: "eef829b59679d91:0"
x-officefd: AM4PEPF00012272
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress16.gif
c1h-word-view-15.cdn.office.net/wv/s/h38E88B6AF6C65319_resources/1031/ Frame 1AB5 668 B
1 KB 9ms
9ms Image
image/gif 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h38E88B6AF6C65319_resources/1031/progress16.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16426.41003
x-officefe: DB5PEPF00011AE1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 668
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 23:16:33 GMT
x-correlationid: 162ed6a2-bc4a-4cbb-8393-4cdae0a4b58f
x-usersessionid: 162ed6a2-bc4a-4cbb-8393-4cdae0a4b58f
x-msedge-ref: Ref A: D3DD93E588AA4B4895811F8814622887 Ref B: AMS231032609039 Ref C: 2023-04-29T10:40:55Z
x-officecluster: PIE1
etag: "cf95e078277ad91:0"
x-officefd: DB5PEPF00011AE1
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 1AB5 0
463 B 20ms
20ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16427.41003&waccluster=PNL1&usid=d3000e0c-a51d-42ab-8b0f-ac95084e7705

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a
X-UserSessionId: d3000e0c-a51d-42ab-8b0f-ac95084e7705
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":673,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16427.41003
x-officefe: AM4PEPF0001292D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: a3e5508f-d46c-464a-94d1-44a3c198af81
x-officecluster: PNL1
x-usersessionid: d3000e0c-a51d-42ab-8b0f-ac95084e7705
x-msedge-ref: Ref A: 42D06D86F5964560ABE8E84CA42C134D Ref B: AMS231032605049 Ref C: 2023-05-02T18:06:52Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 1AB5 0
227 B 68ms
68ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16427.41003&waccluster=PNL1&usid=d3000e0c-a51d-42ab-8b0f-ac95084e7705

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h83EC8E5F8A3D3009_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: AM4PEPF000131F5
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.16427.41003
X-Key: KBscgh7z5mHYwsyesAAbF2+CYlDtr2BgqQz+etTTS+Y=,638186476114024422
X-bULS-SuppressionETag: 76D3F1F475623266385D00BAEA540BCF3DB8A690
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 1
X-UserSessionId: d3000e0c-a51d-42ab-8b0f-ac95084e7705
X-AccessTokenTtl: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a
X-UserType: WOPI
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 18:06:51 GMT
x-officeversion: 16.0.16427.41003
x-officefe: AM4PEPF000131EA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 76D3F1F475623266385D00BAEA540BCF3DB8A690
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: c6773947-a5a5-413a-9489-e38baf7e15fa
x-officecluster: PNL1
x-usersessionid: d3000e0c-a51d-42ab-8b0f-ac95084e7705
x-msedge-ref: Ref A: A60235AD34994A05AC2E2E13F74751D9 Ref B: AMS231032605049 Ref C: 2023-05-02T18:06:52Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H2 200 common50.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h16DF19946CE93363_App_Scripts/exp/ Frame 1AB5 2 MB
488 KB 8ms
8ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h16DF19946CE93363_App_Scripts/exp/common50.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hCF3BF71B6415A234_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

16df19946ce93363d4d70cfe1fb8487f6360f451e4847a6e78cbe756bbbe7577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16425.41003
x-officefe: AM4PEPF000069FE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 498370
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:09:47 GMT
x-correlationid: 5c880537-72ec-410e-b7aa-bcb0f16ef7bb
x-usersessionid: 5c880537-72ec-410e-b7aa-bcb0f16ef7bb
x-msedge-ref: Ref A: AE7A0CC475CB4725AEF15F83A9368C16 Ref B: AMS231032605005 Ref C: 2023-04-28T09:09:47Z
x-officecluster: PNL1
etag: W/"e1c8152eb179d91:0"
x-officefd: AM4PEPF000069FE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChromeLazy.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h66C377B6C524528F_App_Scripts/exp/ Frame 1AB5 640 KB
129 KB 10ms
10ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h66C377B6C524528F_App_Scripts/exp/appChromeLazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hCF3BF71B6415A234_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

66c377b6c524528f5649bb079c5d75f977c39b198721d7576572e061173addba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16425.41003
x-officefe: DB5PEPF00011AA2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 130938
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:09:47 GMT
x-correlationid: 2bb11b3b-db03-4ce0-b27f-d012a503c1b4
x-usersessionid: 2bb11b3b-db03-4ce0-b27f-d012a503c1b4
x-msedge-ref: Ref A: 5C2D1ABAA72B463DBEC2746A078E1198 Ref B: AMS231032601039 Ref C: 2023-04-28T09:09:46Z
x-officecluster: PIE1
etag: W/"3ad8e42db179d91:0"
x-officefd: DB5PEPF00011AA2
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui-semibold.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/ Frame 1AB5 31 KB
32 KB 79ms
8ms Font
font/woff2 2a02:26f0:3500:c::5c7b:683d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c::5c7b:683d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:06:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Dec 2022 21:53:31 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.bda72917.1683050812.2b8de83"}],"include_subdomains ":true}
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: 346b9e01-101e-004d-7550-14307b000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: public, max-age=630720000
timing-allow-origin: *
content-length: 31824

GET
H2 200 word-app-intl-lazy.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h67B2B43806F67B4D_App_Scripts/1031/ Frame 1AB5 770 KB
99 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h67B2B43806F67B4D_App_Scripts/1031/word-app-intl-lazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h79953382B945AA7B_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

67b2b43806f67b4d5cf40d4ce9fd11553d4e422aa67330f5eb14a19d756b065c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16421.41002
x-officefe: DB5PEPF00011AAE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 100862
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_pptcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 26 Apr 2023 09:52:29 GMT
x-correlationid: 4659c285-0361-43ce-b0f0-77c8a4f19f5c
x-usersessionid: 4659c285-0361-43ce-b0f0-77c8a4f19f5c
x-msedge-ref: Ref A: 5AC821AE4EBF4BF996FAECE200B274DE Ref B: AMS231032607011 Ref C: 2023-04-26T09:52:28Z
x-officecluster: PIE1
etag: W/"bb9025d02478d91:0"
x-officefd: DB5PEPF00011AAE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uiSlice20.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h0962D67D72CD5BD7_App_Scripts/exp/ Frame 1AB5 1 MB
201 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h0962D67D72CD5BD7_App_Scripts/exp/uiSlice20.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hCF3BF71B6415A234_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0962d67d72cd5bd7e7a3adaf467b3703e3b9d0dceabae4b4b923aa18289cb8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16425.41003
x-officefe: DB5PEPF00011AAE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 204864
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:09:47 GMT
x-correlationid: 1ed4c8da-9082-4477-9edd-fe8e38bf9432
x-usersessionid: 1ed4c8da-9082-4477-9edd-fe8e38bf9432
x-msedge-ref: Ref A: 29F9CAAB63C1406AA38E55AF0FFC5D08 Ref B: AMS231032608007 Ref C: 2023-04-28T09:09:47Z
x-officecluster: PIE1
etag: W/"e03ef62db179d91:0"
x-officefd: DB5PEPF00011AAE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 de-de Show response
res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/ Frame 1AB5 25 KB
6 KB 8ms
8ms XHR
application/json 2a02:26f0:3500:c::5c7b:683d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/de-de

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h66C377B6C524528F_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c::5c7b:683d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

97d854e3be0a222d7dab6fd81a5d9a91f288abd9bca64aa8c08a7bd2b41ea560

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=2592000, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 18:06:52 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
content-length: 5194
pragma: no-cache
x-cdn-provider: Akamai
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.bda72917.1683050812.2b8ded0"}],"include_subdomains ":true}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=300
timing-allow-origin: *
x-o365suiteuxshell-correlationid: c887c730-86ad-43b8-b6d4-cbfabd5f258d

GET
H2 200 shellstrings.json Show response
c1h-word-view-15.cdn.office.net/wv/s/161642741003_App_Scripts/suiteux-shell/strings/de/ Frame 1AB5 15 KB
6 KB 7ms
7ms XHR
application/json 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161642741003_App_Scripts/suiteux-shell/strings/de/shellstrings.json

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h66C377B6C524528F_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9fa7036f4798b5a8915f830813b6bdeba8f68ce7f3cc288b94ee1972da57a237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16425.41003
x-officefe: AM4PEPF00006A0E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5059
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:15:20 GMT
x-correlationid: 960c3116-29bb-419f-9348-5fbfa633e577
x-usersessionid: 960c3116-29bb-419f-9348-5fbfa633e577
x-msedge-ref: Ref A: 5FCDC7B5A6AB4FB89FEAB875634CC3BB Ref B: AMS231032606025 Ref C: 2023-04-28T09:15:20Z
x-officecluster: PNL1
etag: W/"0445cf4b179d91:0"
x-officefd: AM4PEPF00006A0E
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 suiteux.shell.core.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161642741003_App_Scripts/suiteux-shell/js/ Frame 1AB5 287 KB
78 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161642741003_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h66C377B6C524528F_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

56afdbfeb6a9880cc31cc0404e56f7992874b0c82a55dd93987bba1485ed0949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16425.41003
x-officefe: DB5PEPF00011AD2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 78800
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_pptcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:09:48 GMT
x-correlationid: 815260ff-9881-44a3-80b3-ecbb438fdbaf
x-usersessionid: 815260ff-9881-44a3-80b3-ecbb438fdbaf
x-msedge-ref: Ref A: BF79E3FA299840A081B189A1BBD582A5 Ref B: AMS231032604031 Ref C: 2023-04-28T09:09:48Z
x-officecluster: PIE1
etag: W/"806812fb179d91:0"
x-officefd: DB5PEPF00011AD2
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 suiteux.shell.consappdata.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161642741003_App_Scripts/suiteux-shell/js/ Frame 1AB5 6 KB
3 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161642741003_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h66C377B6C524528F_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d2962367a67b3d060255eef21937027c6b884b9d2804cc49a7b98a697a409b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16425.41003
x-officefe: AM4PEPF00006A1C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1951
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:14:02 GMT
x-correlationid: 8b0d0ebd-f9fe-407c-b911-0589c7b851a0
x-usersessionid: 8b0d0ebd-f9fe-407c-b911-0589c7b851a0
x-msedge-ref: Ref A: E2CB3C2CAAED48B8A1DF7E20195A3DD0 Ref B: AMS231032608017 Ref C: 2023-04-28T09:14:02Z
x-officecluster: PNL1
etag: W/"fbbbebc5b179d91:0"
x-officefd: AM4PEPF00006A1C
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui-regular.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/ Frame 1AB5 35 KB
36 KB 13ms
13ms Font
font/woff2 2a02:26f0:3500:c::5c7b:683d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c::5c7b:683d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:06:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Dec 2022 21:53:29 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.bda72917.1683050812.2b8df02"}],"include_subdomains ":true}
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: 1fc271d7-801e-004f-6650-148ec3000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: public, max-age=630720000
timing-allow-origin: *
content-length: 36344

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 1AB5 42 KB
16 KB 57ms
7ms Script
application/javascript 2.19.36.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h79953382B945AA7B_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 2.19.36.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-36-84.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 18:06:52 GMT
X-MSNServer: RD281878A1B29B
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
X-ODWebServer: northeurope0-odwebp
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=15642, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16199

GET
BLOB 200
OK 5bc06b04-b7af-46b1-a7e0-9a21e0691cdb
https://pnl1-word-view.officeapps.live.com/ Frame 1AB5 177 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pnl1-word-view.officeapps.live.com/5bc06b04-b7af-46b1-a7e0-9a21e0691cdb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd8470cbb4a678bfacb6dc57aeb6d8ce141e56e5323c85aca6bcf5002b31c0d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 177
Content-Type: application/javascript

GET
H2 200 suiteux.shell.plus.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161642741003_App_Scripts/suiteux-shell/js/ Frame 1AB5 221 KB
48 KB 8ms
7ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161642741003_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h66C377B6C524528F_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c74d2d738caf9f424d75dfd54598dd3f63a8f17be8753473e071caab562c5f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:52 GMT
x-officeversion: 16.0.16425.41003
x-officefe: DB5PEPF00011AC4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 48119
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:09:49 GMT
x-correlationid: 6ec62e3d-6cad-41fd-bdab-e581bcac1ca1
x-usersessionid: 6ec62e3d-6cad-41fd-bdab-e581bcac1ca1
x-msedge-ref: Ref A: AED1FD1C16634A7F8D1C0DF91DB37F66 Ref B: AMS231032605027 Ref C: 2023-04-28T09:09:49Z
x-officecluster: PIE1
etag: W/"5a5e472fb179d91:0"
x-officefd: DB5PEPF00011AC4
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H/1.1 200
OK /
eu-office.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 137ms
26ms Preflight 20.50.80.210
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-office.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.80.210 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://pnl1-word-view.officeapps.live.com
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Tue, 02 May 2023 18:06:52 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

GET
H2 200 suiteux.shell.otellogging.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161642741003_App_Scripts/suiteux-shell/js/ Frame 1AB5 102 KB
33 KB 8ms
8ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161642741003_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h66C377B6C524528F_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b3be08304b6e2da8541e86de7932d03d8f6cba508d034284de3b98664033b560

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 02 May 2023 18:06:53 GMT
x-officeversion: 16.0.16425.41003
x-officefe: DB5PEPF00011ABA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33024
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 28 Apr 2023 09:09:49 GMT
x-correlationid: 16258707-7f23-45bf-aec2-47f1377e079d
x-usersessionid: 16258707-7f23-45bf-aec2-47f1377e079d
x-msedge-ref: Ref A: 242A9B6057AA4DC19C6113E6CE116CE6 Ref B: AMS231032607027 Ref C: 2023-04-28T09:09:49Z
x-officecluster: PIE1
etag: W/"6efb9f2fb179d91:0"
x-officefd: DB5PEPF00011ABA
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 1AB5 2 KB
2 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df

Request headers

Referer
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1AB5 18 KB
18 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 363eb907e4a7548d7555687aba0c66d5a4bf5731d8530ee648e49751f13e183e

Request headers

Referer
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H/1.1

200
OK

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1683050812997
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1683050813&rver=7.5.2116.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252f...

0
0

232ms
111ms

Image
text/html

40.126.32.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1683050813&rver=7.5.2116.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
Protocol: HTTP/1.1
Server: 40.126.32.140 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: AM4PPF000B224EB
x-qosstats: {"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-asmversion: UNKNOWN; 19.1144.414.2011
date: Tue, 02 May 2023 18:06:53 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1683050813&rver=7.5.2116.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
x-throwsite: 4212.9205
x-clienterrorcode: PassportAuthFail
ms-cv: 0PlcQN4xQEGCOwWQaH1Cww.0
content-length: 0
x-errorcodechain: Unauthenticated

GET
H2 200 translation.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 1AB5 2 KB
2 KB 30ms
30ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token=1&access_token_ttl=0&z=9a477148a220eca6ca36993c9035064c7f0dc26f4e766e8fdf4eade7b4a7f4cd&uilang=de-DE

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h83EC8E5F8A3D3009_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

b03a25664f7948228e5f2799817e2ad004d07a6c0aa27d11be8e1595106d6f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF000131F5
X-UserSessionId: d3000e0c-a51d-42ab-8b0f-ac95084e7705
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.16427.41003
X-Key: KBscgh7z5mHYwsyesAAbF2+CYlDtr2BgqQz+etTTS+Y=,638186476114024422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fs3%252Eus%252Deast%252D1%252Eamazonaws%252Ecom%253A443%252Fproduction%252Emain%252Ecustomer%252Edata%252Fattachments%252F6899a03592c6ed735a21%252FVendor%252520Reference%252520Request%252Edocx%253FversionId%253DokXlrJLbLe4GyCFVwp%252Epq%255F9BsvDXiSK8%2526X%252DAmz%252DAlgorithm%253DAWS4%252DHMAC%252DSHA256%2526X%252DAmz%252DCredential%253DAKIAREFPCQSXWXB2QTVW%25252F20230502%25252Fus%252Deast%252D1%25252Fs3%25252Faws4%255Frequest%2526X%252DAmz%252DDate%253D20230502T180634Z%2526X%252DAmz%252DExpires%253D600%2526X%252DAmz%252DSignedHeaders%253Dhost%2526X%252DAmz%252DSignature%253De3fa87c065b3fb687624ca190bc3902f4b65b1b478c6959c4ab719acfc10f454&access_token_ttl=0&wdOrigin=BROWSELINK&hid=ca0e4497-605c-4e51-960f-8b78c710005a
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 18:06:52 GMT
x-wacfrontend: AM4PEPF000131F5
x-officeversion: 16.0.16427.41003
x-powered-by: ARR/3.0
x-officefe: AM4PEPF000131F5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1613
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 7613c2c9-9c48-4725-bbe1-90bdf2019b9e, 7613c2c9-9c48-4725-bbe1-90bdf2019b9e
x-officecluster: PNL1
x-usersessionid: d3000e0c-a51d-42ab-8b0f-ac95084e7705, d3000e0c-a51d-42ab-8b0f-ac95084e7705
x-msedge-ref: Ref A: 2B6A4088B64B47E899FB04A52C7F29F2 Ref B: AMS231032605049 Ref C: 2023-05-02T18:06:53Z
x-officefd: AM4PEPF00010313
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
timing-allow-origin: *, *
expires: -1

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.view.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: 0872349633df2daae6dc68c2de8a5e56d3d23fd9f8f978f48fd523e81e300f4d
pnl1-word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
pnl1-word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: ShCLSessionID Value: 1683050812732_0.8434525929638568
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 3dbe887d81b44ce887ffd35c89972a62
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=63539&lt=1683050813&co=1
.login.live.com/	1970-01-20 20:52:26	Name: MSCC Value: 185.213.155.163-DE
.login.live.com/	1969-12-31 23:59:59	Name: MSPOK Value: $uuid-18c66c95-51e5-4473-a91b-71325ae500e9
.login.live.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.DUHEItLrJnMbvzcfwR!irXfo2vhjufS5!MUfqV63vxsB8WUqm!IH4YvtY7BCSbJMXX6w9OeZaSqonEQ0L2RyXvn9bRxKggHb!WzGxm7cCNSmysuF7Q06q9LuUZ5e8i0RW216KRlOMeTPM8yzyTDF5H!to4aJxU!oLNwCkc9cBAOWmDAt3yWu6kY8aCSJVgED3HHKBn5Q!hAJ7ipHw0VkG85JQIcvD9VfYdu99oqWlXL69IrD!xzjZ6dHeaBH9ZL4wJ3itHg3zvPSjscO0296lkK30PnzLZcM97Dw0UkqNM4i!WrTQCk7j1wRaqF9GYPROuxSAKCopyaK2GdU*Ez8SbTczhVq1CxSAnpLzqLSd8GZztqvCtCqvqvIdnSAagawbVVV9CYK3y99SlK65GmqOpTTT6d!MLlrfDaX

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c1h-word-view-15.cdn.office.net
eu-office.events.data.microsoft.com
js.live.net
login.live.com
pnl1-word-view.officeapps.live.com
res-1.cdn.office.net
storage.live.com
view.officeapps.live.com
13.105.66.144
2.19.36.84
20.50.80.210
2620:1ec:a92::171
2a02:26f0:3500:588::1c24
2a02:26f0:3500:c::5c7b:683d
40.126.32.140
0185ccd62300df615034fa03a740535de17bf3cd4f6f10308a223ffbefff7f7a
0962d67d72cd5bd7e7a3adaf467b3703e3b9d0dceabae4b4b923aa18289cb8c9
09a1411bf361d3d649f4ff5098e0197510232477bf099872f58f5d1ec483e9af
16df19946ce93363d4d70cfe1fb8487f6360f451e4847a6e78cbe756bbbe7577
1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29
1c9aa7cf70f15445675ea4590ce364655effd905458f0bce6be0619bc442b2e9
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
33bef8c0cb675ea78e2f40d1ea3bc56f4ec93834c14c4c654a4c704d88798900
363eb907e4a7548d7555687aba0c66d5a4bf5731d8530ee648e49751f13e183e
365797cc29ce37dae80fed0011329850f721a9a35b8baee8651d4adf9ea85d03
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
4f33c0473e9dcab99842833a69707f3f1b6844a4be9b6cc81379aed620d33287
55b00cd863d9dc1a1af886b9fff37617f9ae0a836f112f9cbcd42572003adbc4
56afdbfeb6a9880cc31cc0404e56f7992874b0c82a55dd93987bba1485ed0949
58e1c1fda2e8cf9ba0b7a91cc73567b7e101e63521042e1a4fa138b69879b65a
6527135b32c0789a8cd7f5ed6d4c04421f69faa41658296c5305e4a660044a77
66c377b6c524528f5649bb079c5d75f977c39b198721d7576572e061173addba
67b2b43806f67b4d5cf40d4ce9fd11553d4e422aa67330f5eb14a19d756b065c
72dbdbc38cf44bb00d65c393ba261c363aaca900022e75c8e64e4401e5527dad
79953382b945aa7b65969c8f596ad8e8dd4b57df5793063cd360911ca05d777a
83ec8e5f8a3d30098514d5f3e0aa4905d1eba0518404d92d6f1a9d6adc087fcf
8705230788e62738b2c83d9e527b2439cf6286198f61b5aeefc952a14d05d53d
92249b4537e9f17746302b0b53ad64b7ea94fdcbef8bc883ad0aef9c4bc84160
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
97d854e3be0a222d7dab6fd81a5d9a91f288abd9bca64aa8c08a7bd2b41ea560
998b33e6f61d59326314d512b7029f4e9bbbd1078686a6628f878c5066ce3707
9fa7036f4798b5a8915f830813b6bdeba8f68ce7f3cc288b94ee1972da57a237
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
b03a25664f7948228e5f2799817e2ad004d07a6c0aa27d11be8e1595106d6f1b
b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df
b3be08304b6e2da8541e86de7932d03d8f6cba508d034284de3b98664033b560
bec3828c907f157e92740de53428d53a1bbe0a7dfbce05b52dd6c43150aa46d8
c74d2d738caf9f424d75dfd54598dd3f63a8f17be8753473e071caab562c5f38
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
cd8470cbb4a678bfacb6dc57aeb6d8ce141e56e5323c85aca6bcf5002b31c0d3
cf3bf71b6415a23475289cb8a76e7f97775a7f555e85436aee203015e9a28ac7
d2962367a67b3d060255eef21937027c6b884b9d2804cc49a7b98a697a409b32
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
dd4039f8afac6fd76b462c4fd4f90374b18db762719108491ac2e365196d71ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

view.officeapps.live.com Open in urlscan Pro 2620:1ec:a92::171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

94 %HTTPS

43 %IPv6

4 Domains

8 Subdomains

7 IPs

4 Countries

2822 kBTransfer

13533 kBSize

8 Cookies

0 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

view.officeapps.live.com Open in urlscan Pro
2620:1ec:a92::171 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

94 %
HTTPS

43 %
IPv6

4
Domains

8
Subdomains

7
IPs

4
Countries

2822 kB
Transfer

13533 kB
Size

8
Cookies

51 HTTP transactions
3 data transactions