view.officeapps.live.com Open in urlscan Pro
2a01:111:f100:9001::1761:950c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sp-track.waitesrecruitment.co.uk/api/v1/track/click/7/24928/52/default/d6c070e8-9239-40ed-8cbd-27cebc62f9ce?redirecturl=http%3A%2...
Effective URL:
https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Ffiles.constantcontact.com%2F63d1b17a601%2F64eacf2c-822e-4881-b6af-...
Submission: On May 23 via manual (May 23rd 2022, 8:44:10 am UTC) from FR — Scanned from FR

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 6 countries across 9 domains to perform 55 HTTP transactions. The main IP is 2a01:111:f100:9001::1761:950c, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is view.officeapps.live.com. The Cisco Umbrella rank of the primary domain is 30015.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on April 19th 2022. Valid for: a year.

This is the only time view.officeapps.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.92.251.90 54.92.251.90	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.214.235.32 3.214.235.32	14618 (AMAZON-AES) (AMAZON-AES)
1	2a01:111:f100... 2a01:111:f100:9001::1761:950c	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
29	2a02:26f0:350... 2a02:26f0:3500:588::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	96.16.146.233 96.16.146.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:de:... 2a02:26f0:de:59d::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.90.146.78 104.90.146.78	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:1ec:40::45 2620:1ec:40::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	51.132.193.105 51.132.193.105	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	20.135.25.5 20.135.25.5	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.126.31.69 40.126.31.69	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.189.173.4 20.189.173.4	() ()
55	11

1 54.92.251.90 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-251-90.compute-1.amazonaws.com

sp-track.waitesrecruitment.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.214.235.32 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-235-32.compute-1.amazonaws.com

api.sx2.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.sendx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:111:f100:9001::1761:950c (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pnl1-word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a02:26f0:3500:588::1c24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1h-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.16.146.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-146-233.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:de:59d::4b36 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)

shell.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.146.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-146-78.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:40::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

amcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.132.193.105 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.135.25.5 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

storage.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.31.69 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.189.173.4 (None, )

ASN- ()

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	office.net c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 5726 shell.cdn.office.net — Cisco Umbrella Rank: 1315	2 MB
16	live.com 1 redirects view.officeapps.live.com — Cisco Umbrella Rank: 30015 pnl1-word-view.officeapps.live.com — Cisco Umbrella Rank: 158158 storage.live.com — Cisco Umbrella Rank: 165 login.live.com — Cisco Umbrella Rank: 87	377 KB
5	microsoft.com browser.events.data.microsoft.com — Cisco Umbrella Rank: 280 browser.pipe.aria.microsoft.com	2 KB
2	sharepointonline.com static2.sharepointonline.com — Cisco Umbrella Rank: 2395	68 KB
1	msftauth.net amcdn.msftauth.net — Cisco Umbrella Rank: 1362	10 KB
1	live.net js.live.net — Cisco Umbrella Rank: 5774	16 KB
1	sendx.io 1 redirects app.sendx.io — Cisco Umbrella Rank: 412192	701 B
1	sx2.email 1 redirects api.sx2.email	265 B
1	waitesrecruitment.co.uk 1 redirects sp-track.waitesrecruitment.co.uk	406 B
55	9

	Domain	Requested by
29	c1h-word-view-15.cdn.office.net	pnl1-word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
13	pnl1-word-view.officeapps.live.com	pnl1-word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
4	browser.events.data.microsoft.com	c1h-word-view-15.cdn.office.net
2	static2.sharepointonline.com
1	browser.pipe.aria.microsoft.com	c1h-word-view-15.cdn.office.net
1	login.live.com
1	storage.live.com	1 redirects
1	amcdn.msftauth.net	c1h-word-view-15.cdn.office.net
1	js.live.net	c1h-word-view-15.cdn.office.net
1	shell.cdn.office.net	c1h-word-view-15.cdn.office.net
1	view.officeapps.live.com
1	app.sendx.io	1 redirects
1	api.sx2.email	1 redirects
1	sp-track.waitesrecruitment.co.uk	1 redirects
55	14

This site contains no links.

Subject Issuer	Validity	Valid
officeapps.live.com DigiCert Cloud Services CA-1	`2022-04-19` - `2023-04-18`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
*.sharepointonline.com Microsoft RSA TLS CA 01	`2022-04-26` - `2023-04-26`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2021-09-29` - `2022-09-29`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 02	`2022-05-11` - `2023-05-06`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 05	`2022-03-02` - `2023-02-25`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Ffiles.constantcontact.com%2F63d1b17a601%2F64eacf2c-822e-4881-b6af-8c0bf3e4e8d7.doc&wdOrigin=BROWSELINK
Frame ID: BD4382BDA3891EBFE851858FCCE221D4
Requests: 2 HTTP requests in this frame

Frame: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554
Frame ID: 9610BCD61D3DB6C5BD0D015BB8D88891
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

64eacf2c-822e-4881-b6af-8c0bf3e4e8d7.doc

Page URL History Show full URLs

https://sp-track.waitesrecruitment.co.uk/api/v1/track/click/7/24928/52/default/d6c070e8-9239-40ed-8cbd-27cebc62f9ce?r... HTTP 302
http://api.sx2.email/api/v1/track/campaign/click/YDx37uME7UpDxscSg10w08/Kae7yRTf9FnRr1YE8GYzsm HTTP 301
http://app.sendx.io/api/v1/track/campaign/click/YDx37uME7UpDxscSg10w08/Kae7yRTf9FnRr1YE8GYzsm HTTP 302
https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Ffiles.constantcontact.com%2F63d1b17a601%2F64ea... Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

Page Statistics

55
Requests

96 %
HTTPS

38 %
IPv6

9
Domains

14
Subdomains

11
IPs

6
Countries

2754 kB
Transfer

12740 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sp-track.waitesrecruitment.co.uk/api/v1/track/click/7/24928/52/default/d6c070e8-9239-40ed-8cbd-27cebc62f9ce?redirecturl=http%3A%2F%2Fapi.sx2.email%2Fapi%2Fv1%2Ftrack%2Fcampaign%2Fclick%2FYDx37uME7UpDxscSg10w08%2FKae7yRTf9FnRr1YE8GYzsm HTTP 302
http://api.sx2.email/api/v1/track/campaign/click/YDx37uME7UpDxscSg10w08/Kae7yRTf9FnRr1YE8GYzsm HTTP 301
http://app.sendx.io/api/v1/track/campaign/click/YDx37uME7UpDxscSg10w08/Kae7yRTf9FnRr1YE8GYzsm HTTP 302
https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Ffiles.constantcontact.com%2F63d1b17a601%2F64eacf2c-822e-4881-b6af-8c0bf3e4e8d7.doc&wdOrigin=BROWSELINK Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1653295447060 HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1653295447&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

55 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request view.aspx Show response
view.officeapps.live.com/op/
Redirect Chain

https://sp-track.waitesrecruitment.co.uk/api/v1/track/click/7/24928/52/default/d6c070e8-9239-40ed-8cbd-27cebc62f9ce?redirecturl=http%3A%2F%2Fapi.sx2.email%2Fapi%2Fv1%2Ftrack%2Fcampaign%2Fclick%2FYD...
http://api.sx2.email/api/v1/track/campaign/click/YDx37uME7UpDxscSg10w08/Kae7yRTf9FnRr1YE8GYzsm
http://app.sendx.io/api/v1/track/campaign/click/YDx37uME7UpDxscSg10w08/Kae7yRTf9FnRr1YE8GYzsm
https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Ffiles.constantcontact.com%2F63d1b17a601%2F64eacf2c-822e-4881-b6af-8c0bf3e4e8d7.doc&wdOrigin=BROWSELINK

4 KB
5 KB

138ms
26ms

Document
text/html

2a01:111:f100:9001::1761:950c
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Ffiles.constantcontact.com%2F63d1b17a601%2F64eacf2c-822e-4881-b6af-8c0bf3e4e8d7.doc&wdOrigin=BROWSELINK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:111:f100:9001::1761:950c Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

00606c21454ee510a41e2983e00c2d67ae6cdeda1388234be153374f2ebd4cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private
content-type: text/html; charset=utf-8
date: Mon, 23 May 2022 08:44:04 GMT
server: Microsoft-IIS/10.0
x-content-type-options: nosniff
x-correlationid: 7d1bb376-a83d-4861-86c1-aaed4cfca554
x-officecluster: PNL1
x-officefd: AM4PEPF0000601C
x-officefe: AM4PEPF000069DF
x-officeversion: 16.0.15306.41002

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin,Authorization,Access-Control-Allow-Origin
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Access-Control-Allow-Origin
Connection: keep-alive
Content-Length: 36
Content-Type: text/plain; charset=utf-8
Date: Mon, 23 May 2022 08:44:05 GMT
Location: https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Ffiles.constantcontact.com%2F63d1b17a601%2F64eacf2c-822e-4881-b6af-8c0bf3e4e8d7.doc&wdOrigin=BROWSELINK
Server: openresty

GET
DATA 200
OK truncated
/ 695 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 wordviewerframe.aspx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 9610 86 KB
88 KB 148ms
37ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a70c2df6555ca43ac6db3d4fc882ae42fbb610bb14a004249dc13218a6eb9fa7

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://view.officeapps.live.com
Referer: https://view.officeapps.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Mon, 23 May 2022 08:44:05 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: d7db90a8-0aa9-499e-961d-cf29a889ec58
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 939A82E76ED54226A8890830CDAD4B06 Ref B: AMS04EDGE2610 Ref C: 2022-05-23T08:44:05Z
x-officecluster: PNL1
x-officefd: AM4PEPF00012380
x-officefe: AM4PEPF00012380
x-officeversion: 16.0.15317.41002
x-usersessionid: d7db90a8-0aa9-499e-961d-cf29a889ec58

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1036/ Frame 9610 277 KB
34 KB 92ms
27ms Stylesheet
text/css 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1036/WordViewer.css

Requested by

Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2c4e7fa0c4a763e47a8a92be9ee72520adc7baa8caca0c5756e1a2542096e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "86c4923ed164d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15304.41015
x-officefe: DB5PEPF0000F302
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 34097
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 11 May 2022 00:51:26 GMT
x-officefd: DB5PEPF0000F302
x-msedge-ref: Ref A: CE4BBE1CC99748D5994AEBFBF1A4DAF4 Ref B: AM3EDGE1021 Ref C: 2022-05-17T12:10:46Z
x-usersessionid: 72f167b2-a825-4896-b41a-5b019104781c
date: Mon, 23 May 2022 08:44:05 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 72f167b2-a825-4896-b41a-5b019104781c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/ Frame 9610 106 KB
24 KB 156ms
92ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

793e4ef4951e7e51858eb21509bad1c5612ac636255129a4d9e5d5b3eebc85b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "326c92363d65d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15304.41015
x-officefe: DB5PEPF000083D4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23675
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 11 May 2022 13:44:19 GMT
x-officefd: DB5PEPF000083D4
x-msedge-ref: Ref A: 9E39A69C12C84D7EB44FDA1ABA8C723A Ref B: AM3EDGE0310 Ref C: 2022-05-14T03:26:13Z
x-usersessionid: eece6533-9440-462d-b612-e98bc0a74670
date: Mon, 23 May 2022 08:44:05 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: eece6533-9440-462d-b612-e98bc0a74670
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h533234CA5AD2CDBB_App_Scripts/1036/ Frame 9610 155 KB
32 KB 189ms
127ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h533234CA5AD2CDBB_App_Scripts/1036/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1d0d2f3b7b32f1a3a39644f1c6bd44cf63985120a481ff65ac3283612191ae7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"77a972cfe46ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF000102D5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 32292
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:26:37 GMT
x-officefd: AM4PEPF000102D5
x-msedge-ref: Ref A: FC82EBE31A7047D0962F315D347C87B4 Ref B: AMS04EDGE3107 Ref C: 2022-05-18T18:26:37Z
x-usersessionid: b99326f2-ad4f-4183-b752-2b5cf4793768
date: Mon, 23 May 2022 08:44:05 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b99326f2-ad4f-4183-b752-2b5cf4793768
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame 9610 6 KB
2 KB 189ms
127ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "a8283cb2dc64d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15304.41015
x-officefe: DB5PEPF0000C62B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 1373
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Wed, 11 May 2022 02:13:25 GMT
x-officefd: DB5PEPF0000C62B
x-msedge-ref: Ref A: E59284B56F4945C69B863DA8AC0551E4 Ref B: AM3EDGE1015 Ref C: 2022-05-11T19:02:52Z
x-usersessionid: fe62cd87-3190-4a18-89c6-45d344691fc7
date: Mon, 23 May 2022 08:44:05 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: fe62cd87-3190-4a18-89c6-45d344691fc7
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h799F823A773A295D_App_Scripts/1036/ Frame 9610 22 KB
6 KB 83ms
83ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h799F823A773A295D_App_Scripts/1036/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3b685f5c523ed448d7e0d384a3de821300ac359f4c47273f6d3f2697f244728f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "efa75c14b66cd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15317.41002
x-officefe: AM4PEPF00006A2D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 5216
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Sat, 21 May 2022 01:57:08 GMT
x-officefd: AM4PEPF00006A2D
x-msedge-ref: Ref A: D9FDFE1EFE394538B7C6568FF0D3E0BD Ref B: AMS04EDGE3610 Ref C: 2022-05-22T17:58:28Z
x-usersessionid: a9eb2044-6287-4c2d-aa23-23b018b71d5b
date: Mon, 23 May 2022 08:44:05 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a9eb2044-6287-4c2d-aa23-23b018b71d5b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hC0593EB8C576B9BA_App_Scripts/1036/ Frame 9610 472 KB
73 KB 89ms
26ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC0593EB8C576B9BA_App_Scripts/1036/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c0593eb8c576b9bade2fc30d44308cadad740ed826ad73b69eae968e8bbd1950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ba4d72cfe46ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF00006A10
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 74219
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:26:37 GMT
x-officefd: AM4PEPF00006A10
x-msedge-ref: Ref A: 1E24C9835CD14286BEAD1C243C7AA90A Ref B: AMS04EDGE2705 Ref C: 2022-05-18T18:26:37Z
x-usersessionid: 33e5d486-fb66-4f63-a99a-53ecdde5bbc7
date: Mon, 23 May 2022 08:44:05 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 33e5d486-fb66-4f63-a99a-53ecdde5bbc7
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hE156DB1570C13C42_App_Scripts/exp/ Frame 9610 9 KB
3 KB 154ms
91ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hE156DB1570C13C42_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e156db1570c13c426d727df0b700884fac3ea70307c6ad350e47b8a266719393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7ec218d0e36ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF000102D7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2858
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:19:28 GMT
x-officefd: AM4PEPF000102D7
x-msedge-ref: Ref A: 6837D61F2B774ACD8CC6BC074EFBA757 Ref B: AMS04EDGE3315 Ref C: 2022-05-18T18:19:28Z
x-usersessionid: 245e5994-196b-42eb-ab96-88090715c279
date: Mon, 23 May 2022 08:44:05 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 245e5994-196b-42eb-ab96-88090715c279
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/ Frame 9610 3 MB
462 KB 84ms
83ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

90869a05d5cb6f6864f79c1bdb28c83bd93cb0c3bd5d7a426a3f584af40b67e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "5ce0d49ae36ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF00006A1B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 471073
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_powerpointslice,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:17:59 GMT
x-officefd: AM4PEPF00006A1B
x-msedge-ref: Ref A: FF2AA7C598A44B39BA8238E7D994FE11 Ref B: AMS04EDGE1608 Ref C: 2022-05-18T18:19:28Z
x-usersessionid: 729215fd-e34f-421f-9e7f-b881dadb87c6
date: Mon, 23 May 2022 08:44:05 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 729215fd-e34f-421f-9e7f-b881dadb87c6
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 9610 0
429 B 39ms
39ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554
X-UserSessionId: d7db90a8-0aa9-499e-961d-cf29a889ec58
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15317.41002
x-officefe: AM4PEPF00012381
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: a49636bd-63ab-439f-939c-52e5c9c2ea12
x-officecluster: PNL1
x-usersessionid: d7db90a8-0aa9-499e-961d-cf29a889ec58
date: Mon, 23 May 2022 08:44:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 498B6D34021D4FEDB9ED88E807DCFF83 Ref B: AMS04EDGE2610 Ref C: 2022-05-23T08:44:05Z
timing-allow-origin: *

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 9610 116 KB
117 KB 89ms
87ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token=1&access_token_ttl=0&z=29d49577583757d7fd1887b9c24f24e7028b83306dbbb6affa460dbd413f1b15&v=00000000-0000-0000-0000-000000000802&usid=d7db90a8-0aa9-499e-961d-cf29a889ec58&splashscreen=1&build=16.0.15317.41002&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

74a5abbf77934de62d55154cf5e0a211008cbaed7e194f5137318f9530349a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00010ABC
x-officeversion: 16.0.15317.41002
x-officefe: AM4PEPF00010ABC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 119144
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token=1&access_token_ttl=0&z=29d49577583757d7fd1887b9c24f24e7028b83306dbbb6affa460dbd413f1b1500000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: f2da598d-7610-4385-af17-a00bcfac0fd9
x-officefd: AM4PEPF00010ABC
x-usersessionid: d7db90a8-0aa9-499e-961d-cf29a889ec58
date: Mon, 23 May 2022 08:44:05 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 9F7BA963DD024404AB0FEB5DF3509EDC Ref B: AMS04EDGE2610 Ref C: 2022-05-23T08:44:05Z
timing-allow-origin: *
expires: Tue, 23 May 2023 08:44:05 GMT

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 9610 0
177 B 32ms
31ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554
X-UserSessionId: d7db90a8-0aa9-499e-961d-cf29a889ec58
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":134,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/h2C4E7FA0C4A763E4_resources/1036/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15317.41002
x-officefe: AM4PEPF00012376
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 3fc10ecd-f085-4d53-a322-c5392dd6a055
x-officecluster: PNL1
x-usersessionid: d7db90a8-0aa9-499e-961d-cf29a889ec58
date: Mon, 23 May 2022 08:44:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 7A66E89E81794E3D84552E2E1ACC019B Ref B: AMS04EDGE2610 Ref C: 2022-05-23T08:44:05Z
timing-allow-origin: *

GET
H2 200 sharedheaderplaceholder-icons.woff
c1h-word-view-15.cdn.office.net/wv/s/h0A8049C5627A132D_App_Scripts/fonts/ Frame 9610 3 KB
3 KB 72ms
68ms Font
font/x-woff 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h0A8049C5627A132D_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0a8049c5627a132d4c0be08579b2a33f7e8fd285a122795cabadabf08ddb6858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"3e6811e75269d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15304.41015
x-officefe: DB5PEPF0000C628
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2796
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 16 May 2022 18:29:39 GMT
x-officefd: DB5PEPF0000C628
x-msedge-ref: Ref A: 4497F3ACAB2347CA84962448A0276607 Ref B: AMS04EDGE3522 Ref C: 2022-05-16T18:29:39Z
x-usersessionid: 7b7eceb5-a2f4-4166-94df-84a1e0f37de5
date: Mon, 23 May 2022 08:44:05 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: 7b7eceb5-a2f4-4166-94df-84a1e0f37de5
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 9610 0
224 B 28ms
28ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554
X-UserSessionId: d7db90a8-0aa9-499e-961d-cf29a889ec58
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":365,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15317.41002
x-officefe: AM4PEPF00012381
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 748e3c06-f4b2-4896-8260-09a9c9280201
x-officecluster: PNL1
x-usersessionid: d7db90a8-0aa9-499e-961d-cf29a889ec58
date: Mon, 23 May 2022 08:44:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 22435BB5E9ED4D7C9598E3E627AF2C82 Ref B: AMS04EDGE2610 Ref C: 2022-05-23T08:44:05Z
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 9610 445 B
782 B 62ms
62ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token=1&access_token_ttl=0&z=29d49577583757d7fd1887b9c24f24e7028b83306dbbb6affa460dbd413f1b15&type=png&o15=1&ui=fr-FR

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

06b866e9052f6b7a7b66b08c1ab0f1b595486176eb4c04921181550fd3423fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012380
X-UserSessionId: d7db90a8-0aa9-499e-961d-cf29a889ec58
accept-language: fr-FR,fr;q=0.9
X-OfficeVersion: 16.0.15317.41002
X-Key: p5eOQSOTxq+k4Cjm9syFrjayfVPqGnW9BOPacjqPWEg=,637888922454529528
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012380
x-officeversion: 16.0.15317.41002
x-officefe: AM4PEPF00012380
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 414
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 769dce61-a1bd-43a0-8370-949b59639b72, 769dce61-a1bd-43a0-8370-949b59639b72
x-officefd: AM4PEPF00012376
x-usersessionid: d7db90a8-0aa9-499e-961d-cf29a889ec58, d7db90a8-0aa9-499e-961d-cf29a889ec58
x-powered-by: ARR/3.0
date: Mon, 23 May 2022 08:44:05 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: BD32C5C26791486CA568C78CA36CDF62 Ref B: AMS04EDGE2610 Ref C: 2022-05-23T08:44:05Z
timing-allow-origin: *, *
expires: Tue, 23 May 2023 08:44:05 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/ Frame 9610 40 KB
7 KB 26ms
26ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"95a5f9d0e36ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF000131F8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5997
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:19:30 GMT
x-officefd: AM4PEPF000131F8
x-msedge-ref: Ref A: 886DE5EB3CE248DB9793B8011F3CC090 Ref B: AM3EDGE0610 Ref C: 2022-05-18T18:19:30Z
x-usersessionid: bc800127-0cd0-4ad5-857f-3204b90b0170
date: Mon, 23 May 2022 08:44:05 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: bc800127-0cd0-4ad5-857f-3204b90b0170
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1036/ Frame 9610 22 KB
23 KB 26ms
26ms Font
font/x-woff 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1036/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1036/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1036/WordViewer.css
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"63dfb426316cd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF00012939
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 20 May 2022 10:05:36 GMT
x-officefd: AM4PEPF00012939
x-msedge-ref: Ref A: AF3D73B917B14706AD596E5B3E98F8CF Ref B: AMS04EDGE3310 Ref C: 2022-05-20T10:05:36Z
x-usersessionid: 973db76d-328f-4613-85d5-203ea382a6c2
date: Mon, 23 May 2022 08:44:05 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: 973db76d-328f-4613-85d5-203ea382a6c2
accept-ranges: bytes
timing-allow-origin: *

GET
BLOB 200
OK 0844c2a7-5cb7-4a71-b66f-c47c629344ea
https://pnl1-word-view.officeapps.live.com/ Frame 9610 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pnl1-word-view.officeapps.live.com/0844c2a7-5cb7-4a71-b66f-c47c629344ea
Requested by: Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6581c42a8df061bde74f89c567379ffd74cd8a9447192f7d2c2bb366a476293a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 9610 0
485 B 29ms
29ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554
X-UserSessionId: d7db90a8-0aa9-499e-961d-cf29a889ec58
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":606,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15317.41002
x-officefe: AM4PEPF00012376
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: 639d4d5b-132c-4402-b038-a1ef496fbd47
x-officecluster: PNL1
x-usersessionid: d7db90a8-0aa9-499e-961d-cf29a889ec58
date: Mon, 23 May 2022 08:44:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 1D7F2C725E334CC3ADBDF9CB0738D80B Ref B: AMS04EDGE2610 Ref C: 2022-05-23T08:44:06Z
timing-allow-origin: *

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/ Frame 9610 838 KB
138 KB 28ms
27ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9a435242daabecff2c8118b1a3d0c5631f16bd96f61a3f9418c681be22cf1bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"fa2652d1e36ad81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15313.41013
x-officefe: DB5PEPF0000D039
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 140063
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:19:30 GMT
x-officefd: DB5PEPF0000D039
x-msedge-ref: Ref A: 23C6EE2C190E48FDA12DF304EC889598 Ref B: AMS04EDGE3106 Ref C: 2022-05-18T18:19:30Z
x-usersessionid: 703d832e-beac-49f0-bfd9-b7de70d8e957
date: Mon, 23 May 2022 08:44:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 703d832e-beac-49f0-bfd9-b7de70d8e957
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1036/ Frame 9610 695 B
1 KB 27ms
26ms Image
image/gif 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1036/progress.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"a1837d0ee6ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF00011BC3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 19:32:25 GMT
x-officefd: AM4PEPF00011BC3
x-msedge-ref: Ref A: 8515788802234421A464699216E659C7 Ref B: AM3EDGE0416 Ref C: 2022-05-18T19:32:25Z
x-usersessionid: 1d6510fe-6c22-4433-93f9-aaec3b8c8190
date: Mon, 23 May 2022 08:44:06 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: 1d6510fe-6c22-4433-93f9-aaec3b8c8190
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 9610 116 KB
117 KB 77ms
77ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=d7db90a8-0aa9-499e-961d-cf29a889ec58&build=16.0.15317.41002&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token=1&access_token_ttl=0&z=29d49577583757d7fd1887b9c24f24e7028b83306dbbb6affa460dbd413f1b15&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

74a5abbf77934de62d55154cf5e0a211008cbaed7e194f5137318f9530349a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF000069E3
x-officeversion: 16.0.15317.41002
x-officefe: AM4PEPF000069E3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 119144
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token=1&access_token_ttl=0&z=29d49577583757d7fd1887b9c24f24e7028b83306dbbb6affa460dbd413f1b1500000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: 01b189cf-2aa1-4e23-9b4b-e746392eb6f8
x-officefd: AM4PEPF000069E3
x-usersessionid: d7db90a8-0aa9-499e-961d-cf29a889ec58
date: Mon, 23 May 2022 08:44:05 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: A9D37E5881BC4BB6905A85B1A9C11A33 Ref B: AMS04EDGE2610 Ref C: 2022-05-23T08:44:06Z
timing-allow-origin: *
expires: Tue, 23 May 2023 08:44:06 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 9610 34 KB
35 KB 31ms
31ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=d7db90a8-0aa9-499e-961d-cf29a889ec58&build=16.0.15317.41002&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token=1&access_token_ttl=0&z=29d49577583757d7fd1887b9c24f24e7028b83306dbbb6affa460dbd413f1b15&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4aaf634cd4a032a68b3739716ccbd237b1cacbbe2031b9450dcdb2fc5dbd2918

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00010ABC
x-officeversion: 16.0.15317.41002
x-officefe: AM4PEPF00010ABC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35106
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token=1&access_token_ttl=0&z=29d49577583757d7fd1887b9c24f24e7028b83306dbbb6affa460dbd413f1b1500000000-0000-0000-0000-000000000802p2.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: a5a3764b-733a-40ee-8d41-319bfc11cd6d
x-officefd: AM4PEPF00010ABC
x-usersessionid: d7db90a8-0aa9-499e-961d-cf29a889ec58
date: Mon, 23 May 2022 08:44:05 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 3D7F1F3232D0456B8054595C140A468D Ref B: AMS04EDGE2610 Ref C: 2022-05-23T08:44:06Z
timing-allow-origin: *
expires: Tue, 23 May 2023 08:44:06 GMT

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/1036/ Frame 9610 472 KB
73 KB 28ms
28ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/1036/word-app-intl.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hE156DB1570C13C42_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c0593eb8c576b9bade2fc30d44308cadad740ed826ad73b69eae968e8bbd1950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f35d7c0ee6ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF00011BC2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 74219
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 19:32:25 GMT
x-officefd: AM4PEPF00011BC2
x-msedge-ref: Ref A: 00631C3DBC504D21A087934C53246BC4 Ref B: AM3EDGE0318 Ref C: 2022-05-18T19:32:25Z
x-usersessionid: dae69fc6-da61-4b24-bc0b-51c30a5d7671
date: Mon, 23 May 2022 08:44:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: dae69fc6-da61-4b24-bc0b-51c30a5d7671
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1036/ Frame 9610 695 B
1 KB 29ms
29ms Image
image/gif 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1036/progress.gif

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"a1837d0ee6ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF00011BC3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 19:32:25 GMT
x-officefd: AM4PEPF00011BC3
x-msedge-ref: Ref A: 8515788802234421A464699216E659C7 Ref B: AM3EDGE0416 Ref C: 2022-05-18T19:32:25Z
x-usersessionid: 1d6510fe-6c22-4433-93f9-aaec3b8c8190
date: Mon, 23 May 2022 08:44:06 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: 1d6510fe-6c22-4433-93f9-aaec3b8c8190
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/ Frame 9610 1 MB
249 KB 33ms
32ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/common.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hE156DB1570C13C42_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

159edcea18b365087ce3752ddba551c176c95fd205acf27004157678ce71cf37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ec24cbd1e36ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF00010314
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 254077
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:19:31 GMT
x-officefd: AM4PEPF00010314
x-msedge-ref: Ref A: 8FAE6DB788724854812F84035EAC0C84 Ref B: AM3EDGE0108 Ref C: 2022-05-18T18:19:31Z
x-usersessionid: 49565ba0-d5d0-4bc1-85da-6251b0d41bf4
date: Mon, 23 May 2022 08:44:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 49565ba0-d5d0-4bc1-85da-6251b0d41bf4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChrome.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/ Frame 9610 255 KB
47 KB 42ms
42ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/appChrome.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hE156DB1570C13C42_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0a82cac426bcffd979e7f5fb68d0b6d316ee5053e4f5e2e18c335dec86d4050a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e6a07fd5e36ad81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15313.41013
x-officefe: DB5PEPF0000F301
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 47448
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:19:37 GMT
x-officefd: DB5PEPF0000F301
x-msedge-ref: Ref A: C2DDD9875DD541E299D5BA653E708B2E Ref B: AM3EDGE0818 Ref C: 2022-05-18T18:19:37Z
x-usersessionid: c09373d5-30ad-47c9-ac45-24a7935f111a
date: Mon, 23 May 2022 08:44:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: c09373d5-30ad-47c9-ac45-24a7935f111a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1036/ Frame 9610 34 KB
35 KB 28ms
28ms Image
image/png 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1036/wv.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"328f3daee6ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF00012941
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 19:38:31 GMT
x-officefd: AM4PEPF00012941
x-msedge-ref: Ref A: 8A18C5B2D4E145D083A31E52D28A44CB Ref B: AM3EDGE0512 Ref C: 2022-05-18T19:38:31Z
x-usersessionid: 8e85efcd-cbb8-4314-8cd1-a637f011a9e4
date: Mon, 23 May 2022 08:44:06 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 8e85efcd-cbb8-4314-8cd1-a637f011a9e4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress16.gif
c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1036/ Frame 9610 668 B
1 KB 39ms
39ms Image
image/gif 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1036/progress16.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"6f59bbcfd6ad81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15313.41013
x-officefe: DB5PEPF0000C62B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 668
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 21:25:03 GMT
x-officefd: DB5PEPF0000C62B
x-msedge-ref: Ref A: C4B1BF6417CA476EADDF5E81D0407BC6 Ref B: AM3EDGE0710 Ref C: 2022-05-18T21:25:03Z
x-usersessionid: 5a7cfb1a-7597-468a-85ba-07389fbeb978
date: Mon, 23 May 2022 08:44:06 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: 5a7cfb1a-7597-468a-85ba-07389fbeb978
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 9610 0
270 B 31ms
30ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554
X-UserSessionId: d7db90a8-0aa9-499e-961d-cf29a889ec58
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":746,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15317.41002
x-officefe: AM4PEPF00012381
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 05687f09-1103-41d3-9d7f-6d984685342b
x-officecluster: PNL1
x-usersessionid: d7db90a8-0aa9-499e-961d-cf29a889ec58
date: Mon, 23 May 2022 08:44:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 6B0A4C662B6043E29E64F2B3AE7EA9ED Ref B: AMS04EDGE2610 Ref C: 2022-05-23T08:44:06Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 9610 0
419 B 46ms
44ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: AM4PEPF00012380
accept-language: fr-FR,fr;q=0.9
X-OfficeVersion: 16.0.15317.41002
X-Key: p5eOQSOTxq+k4Cjm9syFrjayfVPqGnW9BOPacjqPWEg=,637888922454529528
X-bULS-SuppressionETag: 93275736E860D80D1598AD19ECC605672B1ABEF9
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 1
X-UserSessionId: d7db90a8-0aa9-499e-961d-cf29a889ec58
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554
X-UserType: WOPI
X-AccessTokenTtl: 0
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15317.41002
x-officefe: AM4PEPF00010ABC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 93275736E860D80D1598AD19ECC605672B1ABEF9
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: fbe1ecc5-b10b-4316-bf2f-026da1ae24e4
x-officecluster: PNL1
x-usersessionid: d7db90a8-0aa9-499e-961d-cf29a889ec58
date: Mon, 23 May 2022 08:44:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 7F6E5F7C597340328DD9F76FE4B97E72 Ref B: AMS04EDGE2610 Ref C: 2022-05-23T08:44:06Z
timing-allow-origin: *

GET
H2 200 common50.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/ Frame 9610 2 MB
452 KB 29ms
28ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/common50.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hE156DB1570C13C42_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8792ca1fed5b52f88b9b89aa303952d9802a25aa39224cb6fbdb1f417ba8fbf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"c98642d2e36ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF00010313
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 461396
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:19:32 GMT
x-officefd: AM4PEPF00010313
x-msedge-ref: Ref A: D622D879D6914385A3D25892BBF4FE88 Ref B: AM3EDGE0411 Ref C: 2022-05-18T18:19:32Z
x-usersessionid: 727c5059-3bc8-4421-b8b0-7398ac58a0a0
date: Mon, 23 May 2022 08:44:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 727c5059-3bc8-4421-b8b0-7398ac58a0a0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChromeLazy.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/ Frame 9610 547 KB
117 KB 47ms
46ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/appChromeLazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hE156DB1570C13C42_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

375a4713d1eae89411fc996e4a40870228a986701594bd2d802edfbad9dc415f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f2880d2e36ad81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15313.41013
x-officefe: DB5PEPF0000F304
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 119187
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:19:32 GMT
x-officefd: DB5PEPF0000F304
x-msedge-ref: Ref A: F587F3C585884E2B88D4D0E40753A8D4 Ref B: AMS04EDGE2011 Ref C: 2022-05-18T18:19:32Z
x-usersessionid: 1646f897-8dc2-4575-956f-3923186f2fe9
date: Mon, 23 May 2022 08:44:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 1646f897-8dc2-4575-956f-3923186f2fe9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 9610 31 KB
32 KB 126ms
25ms Font
application/font-woff2 96.16.146.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.146.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-146-233.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 23 May 2022 08:44:06 GMT
last-modified: Thu, 26 Oct 2017 19:02:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ZtEeVbekE932qE6Fhpfntg==
etag: 0x8D51CA4122953A7
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 8ac97894-201e-0064-4c79-4377b5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26585219
x-ms-version: 2009-09-19
content-length: 31824

GET
H2 200 ResReader.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 9610 33 KB
9 KB 35ms
34ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=d7db90a8-0aa9-499e-961d-cf29a889ec58&build=16.0.15317.41002&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token=1&access_token_ttl=0&z=29d49577583757d7fd1887b9c24f24e7028b83306dbbb6affa460dbd413f1b15&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f7e8fe61a6e94b02c1897a538b2f77baaf14c61c0f58d8722168f4b7b6905e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012380
X-UserSessionId: d7db90a8-0aa9-499e-961d-cf29a889ec58
accept-language: fr-FR,fr;q=0.9
X-OfficeVersion: 16.0.15317.41002
X-Key: p5eOQSOTxq+k4Cjm9syFrjayfVPqGnW9BOPacjqPWEg=,637888922454529528
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012380
x-officeversion: 16.0.15317.41002
x-officefe: AM4PEPF00012380
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 8933
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token=1&access_token_ttl=0&z=29d49577583757d7fd1887b9c24f24e7028b83306dbbb6affa460dbd413f1b1500000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: a66cb758-b7e6-4bc5-a8c0-7e87eab3904c
x-officefd: AM4PEPF00012380
x-usersessionid: d7db90a8-0aa9-499e-961d-cf29a889ec58
date: Mon, 23 May 2022 08:44:05 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: C5B7435997CE4C749BC7368606155D04 Ref B: AMS04EDGE2610 Ref C: 2022-05-23T08:44:06Z
timing-allow-origin: *
expires: Tue, 23 May 2023 08:44:06 GMT

GET
H2 200 word-app-intl-lazy.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/1036/ Frame 9610 717 KB
82 KB 31ms
30ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/1036/word-app-intl-lazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

31ab237d13911b16cfe8ff8160c0c289893759f56d6104690e97150983db4231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"98bb998ee56ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF000131F4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 82714
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:31:57 GMT
x-officefd: AM4PEPF000131F4
x-msedge-ref: Ref A: EF518FEDE8B54D21A6D09D74C8906EAF Ref B: AM3EDGE0807 Ref C: 2022-05-18T18:31:57Z
x-usersessionid: 8ba50b97-1f41-49b9-a2a2-8c0a1bf1b866
date: Mon, 23 May 2022 08:44:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8ba50b97-1f41-49b9-a2a2-8c0a1bf1b866
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uiSlice20.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/ Frame 9610 966 KB
198 KB 36ms
36ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/uiSlice20.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hE156DB1570C13C42_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

44114a6cea746ae63a035d409fa3f25daf6a5cf453b24e919d61df4cf6463b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"deb934d2e36ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF0001293C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 202016
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:19:32 GMT
x-officefd: AM4PEPF0001293C
x-msedge-ref: Ref A: 49382CD83B844E8291D30364D528C755 Ref B: AMS04EDGE2220 Ref C: 2022-05-18T18:19:32Z
x-usersessionid: 4a037eec-0851-4ad2-af8f-8cc0993ee1e5
date: Mon, 23 May 2022 08:44:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4a037eec-0851-4ad2-af8f-8cc0993ee1e5
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fr-fr Show response
shell.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/ Frame 9610 25 KB
5 KB 233ms
46ms XHR
application/json 2a02:26f0:de:59d::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://shell.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/fr-fr

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:de:59d::4b36 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

08999a4113608182c5662bbf6b881185bb0bfbeff94443421cb493e17418f44b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=2592000
content-encoding: gzip
x-content-type-options: nosniff
server: Kestrel
date: Mon, 23 May 2022 08:44:06 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache-start: 1653295263, 1653295263
cache-control: max-age=300
x-cdn: 183
timing-allow-origin: *
content-length: 5127
x-o365suiteuxshell-correlationid: 6f4e5797-c1c4-42ca-af48-c5abe5d80d75

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 9610 35 KB
36 KB 27ms
26ms Font
application/font-woff2 96.16.146.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.146.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-146-233.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 23 May 2022 08:44:06 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 6314dbd6-e01e-0044-7879-430c12000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=26585261
x-ms-version: 2009-09-19
content-length: 36344

GET
H2 200 shellstrings.json Show response
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/suiteux-shell/strings/fr/ Frame 9610 16 KB
6 KB 27ms
26ms XHR
application/json 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/suiteux-shell/strings/fr/shellstrings.json

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2c9801bc0e1e9a2fd814f2164b66a25b741adafa8231103f069c6384cab61ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"065ff70496bd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF0001293F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5152
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 19 May 2022 06:26:58 GMT
x-officefd: AM4PEPF0001293F
x-msedge-ref: Ref A: 3E1DE3DDC17C4BF8AF686E35ABD45B9B Ref B: AMS04EDGE2718 Ref C: 2022-05-19T06:26:58Z
x-usersessionid: ed02a8f2-2286-4e37-ae13-b76a68839297
date: Mon, 23 May 2022 08:44:06 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-correlationid: ed02a8f2-2286-4e37-ae13-b76a68839297
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 9610 42 KB
16 KB 148ms
30ms Script
application/javascript 104.90.146.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.90.146.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-146-78.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 08:44:06 GMT
X-MSNServer: RD0003FF23ED10
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=32152, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H2 200 suiteux.shell.core.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/suiteux-shell/js/ Frame 9610 257 KB
70 KB 31ms
25ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3f2d8e28b45b733672c14a22434c033edf9375e53ae7ace036d844ff8d5d9ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"c46de0d4e36ad81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15313.41013
x-officefe: DB5PEPF00008410
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 71204
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:19:36 GMT
x-officefd: DB5PEPF00008410
x-msedge-ref: Ref A: 2932DDB35A8F422D876D1E9BD84670B4 Ref B: AM3EDGE0905 Ref C: 2022-05-18T18:19:36Z
x-usersessionid: 11a2ec7d-0dc2-4bf0-87d8-c56891aa1915
date: Mon, 23 May 2022 08:44:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 11a2ec7d-0dc2-4bf0-87d8-c56891aa1915
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 suiteux.shell.consappdata.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/suiteux-shell/js/ Frame 9610 7 KB
3 KB 26ms
26ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7754ecc83f107a1b9d1accf820762349d00bbfefa0f8ba7c4444a88b81921b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"517b5d5e36ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF00011BC1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1932
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:19:38 GMT
x-officefd: AM4PEPF00011BC1
x-msedge-ref: Ref A: 71B1B417D40E4E738C2C4D5D21573A5E Ref B: AM3EDGE0711 Ref C: 2022-05-18T18:19:38Z
x-usersessionid: 5d2b5a80-0d03-4262-ac8a-8507d0bd99b6
date: Mon, 23 May 2022 08:44:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5d2b5a80-0d03-4262-ac8a-8507d0bd99b6
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 me Show response
amcdn.msftauth.net/ Frame 9610 28 KB
10 KB 187ms
35ms Script
application/javascript 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://amcdn.msftauth.net/me?partner=WordOnline&version=10.21153.1&market=FR-FR&wrapperId=suiteshell

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

85f16218a1b4fac2b9ae842b7fb8c13c499bf936cb2581e24c5adfbb52a23895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 04:28:48 GMT
age: 15319
date: Mon, 23 May 2022 08:44:07 GMT
x-azure-ref: 0V0mLYgAAAAAMuzsOcFE+R7K9PlLBpyh9TE9OMjEyMDUwNzE3MDQ3ADlmZTZjM2YxLTE3MTgtNGE5My05MjU1LTYzY2QzZjhjYTVhYg==
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 23 May 2022 20:44:07 GMT
cache-control: public, no-transform, max-age=43200
vary: Accept-Encoding
content-length: 9843
x-ua-compatible: IE=edge

GET
H2 200 suiteux.shell.plus.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/suiteux-shell/js/ Frame 9610 273 KB
60 KB 27ms
27ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d7ff83751040bf0f3f784d1d8d002c6e6045cc58f12a6a37f2badf2b3a0ebcb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"4a61bd5e36ad81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15313.41013
x-officefe: DB5PEPF0000E7F7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 60580
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:19:37 GMT
x-officefd: DB5PEPF0000E7F7
x-msedge-ref: Ref A: 0AF16A6CCA374063963DF1E12029B888 Ref B: AMS04EDGE3317 Ref C: 2022-05-18T18:19:37Z
x-usersessionid: d4a3e384-6c91-4bd0-a313-606a31328351
date: Mon, 23 May 2022 08:44:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: d4a3e384-6c91-4bd0-a313-606a31328351
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 otelFull.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/ Frame 9610 117 KB
30 KB 29ms
29ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/otelFull.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

25be9a4bcb060e2b2862693b8d54a6231a86c37a0f7671e25eff984d4d3d512f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e2c17fd1e36ad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15313.41013
x-officefe: AM4PEPF000069FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 30398
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:19:31 GMT
x-officefd: AM4PEPF000069FB
x-msedge-ref: Ref A: 4A4B871680D94769A01025C3150987C2 Ref B: AM3EDGE0615 Ref C: 2022-05-18T18:19:31Z
x-usersessionid: 5330390e-0539-4bc1-85ad-434feab8d3c0
date: Mon, 23 May 2022 08:44:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5330390e-0539-4bc1-85ad-434feab8d3c0
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 9610 4 B
338 B 120ms
23ms XHR
application/json 51.132.193.105
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.132.193.105 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 08:44:06 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://pnl1-word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 suiteux.shell.otellogging.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/suiteux-shell/js/ Frame 9610 74 KB
23 KB 26ms
26ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bc877f37633d6d9c21e9ae669b9a2aaddb9acccc227f16f79423eb0ef78385ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"1f9a54d5e36ad81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15313.41013
x-officefe: DB5PEPF0000CE8A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23057
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 18 May 2022 18:19:37 GMT
x-officefd: DB5PEPF0000CE8A
x-msedge-ref: Ref A: 1E7516589DA343A084D150112DD9ECCA Ref B: AM3EDGE0415 Ref C: 2022-05-18T18:19:37Z
x-usersessionid: c5e9c0e9-eff1-4745-b663-d16ee66d3f59
date: Mon, 23 May 2022 08:44:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: c5e9c0e9-eff1-4745-b663-d16ee66d3f59
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 9610 2 KB
2 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df

Request headers

Referer
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9610 17 KB
17 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 036f613df24075e14c8e36a580c10c2cea1b193268b8e6bac5e397f76d36fc88

Request headers

Referer
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H/1.1

200
OK

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1653295447060
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1653295447&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252f...

0
0

363ms
139ms

Image
text/html

40.126.31.69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1653295447&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
Protocol: HTTP/1.1
Server: 40.126.31.69 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: AMS0PF7CB066500
x-qosstats: {"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-asmversion: UNKNOWN; 19.914.505.2010
date: Mon, 23 May 2022 08:44:06 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1653295447&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
x-throwsite: 4212.9205
x-clienterrorcode: PassportAuthFail
ms-cv: SGDOqQF/qE6DJLHRRKT4CA.0
content-length: 0
x-errorcodechain: Unauthenticated

GET
H2 200 translation.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 9610 2 KB
2 KB 41ms
40ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token=1&access_token_ttl=0&z=29d49577583757d7fd1887b9c24f24e7028b83306dbbb6affa460dbd413f1b15&uilang=fr-FR

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

55e12c83e96c7eae6adf116150dc7d4f9bcddb6b939e9aa0a95652e1855677fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012380
X-UserSessionId: d7db90a8-0aa9-499e-961d-cf29a889ec58
accept-language: fr-FR,fr;q=0.9
X-OfficeVersion: 16.0.15317.41002
X-Key: p5eOQSOTxq+k4Cjm9syFrjayfVPqGnW9BOPacjqPWEg=,637888922454529528
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=fr%2DFR&rs=fr%2DFR&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Ffiles%252Econstantcontact%252Ecom%253A80%252F63d1b17a601%252F64eacf2c%252D822e%252D4881%252Db6af%252D8c0bf3e4e8d7%252Edoc&access_token_ttl=0&wdOrigin=BROWSELINK&hid=7d1bb376-a83d-4861-86c1-aaed4cfca554
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012380
x-officeversion: 16.0.15317.41002
x-officefe: AM4PEPF00012380
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1486
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 970ea8fe-a534-440a-b1cd-34c95a4db46d, 970ea8fe-a534-440a-b1cd-34c95a4db46d
x-officefd: AM4PEPF000069E3
x-usersessionid: d7db90a8-0aa9-499e-961d-cf29a889ec58, d7db90a8-0aa9-499e-961d-cf29a889ec58
x-powered-by: ARR/3.0
date: Mon, 23 May 2022 08:44:06 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 495B6C427F4D4B518994D133291D4E52 Ref B: AMS04EDGE2610 Ref C: 2022-05-23T08:44:07Z
timing-allow-origin: *, *
expires: -1

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 9610 24 B
434 B 131ms
54ms XHR
application/json 51.132.193.105
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045,7e7959aac92e41d6892c69a87259ed58-de5c63ef-10f5-45e1-bef2-d23e9cac2fab-6830&upload-time=1653295449032&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.132.193.105 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: d0c3e6c8d25e655f19d3788bbf4982f52cba3498833d7d44ccf64e7e3f3de5a2

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 23 May 2022 08:44:08 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 86
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://pnl1-word-view.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 9610 0
397 B 680ms
168ms XHR
application/json 20.189.173.4

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=c6c190a1b73c4a63bba89835d546cf28-f2a0482f-a00d-48d9-822e-e89cc89eb64d-7688&client-time-epoch-millis=1653295449052&time-delta-to-apply-millis=use-collector-delta
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.189.173.4 -, , ASN (),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 08:44:09 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 576
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 9610 24 B
434 B 52ms
29ms XHR
application/json 51.132.193.105
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.9&apikey=b0c82c6598ad49f3848b1d3dc0d8dd25-299cbfe9-b72e-4e9d-a5e3-20319efba5b5-7268&upload-time=1653295449115&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.132.193.105 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: f4ce35331abe9a6735c904a3f76fbcbfb547702a7a73ccb2fc135b5abef90b8f

Request headers

cache-control: no-cache, no-store
Referer: https://pnl1-word-view.officeapps.live.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type: application/x-json-stream

Response headers

Date: Mon, 23 May 2022 08:44:08 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 66
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://pnl1-word-view.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

OPTIONS
H/1.1 200
OK /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 28ms
28ms Preflight 51.132.193.105
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.9&apikey=b0c82c6598ad49f3848b1d3dc0d8dd25-299cbfe9-b72e-4e9d-a5e3-20319efba5b5-7268&upload-time=1653295449115&time-delta-to-apply-millis=use-collector-delta&w=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.132.193.105 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type
Access-Control-Request-Method: POST
Origin: https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode
Access-Control-Allow-Origin: https://pnl1-word-view.officeapps.live.com
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Mon, 23 May 2022 08:44:08 GMT
Server: Microsoft-HTTPAPI/2.0

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.sendx.io/	1969-12-31 23:59:59	Name: sendx_sess Value: 44612d64fe3ff96f2c2ed15212e29ef1
.view.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: ce5f7fe80fefc172a07354fa6d473deaae8dfa198fba31bb571d230abdaa5dee
pnl1-word-view.officeapps.live.com/	1970-01-20 05:27:24	Name: DcLcid Value: ui=1036&data=1036
pnl1-word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
pnl1-word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: ShCLSessionID Value: 1653295446846_0.08491956913686294
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 53588bd4e9084d2fa6c6d222492af439
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=63539&lt=1653295447&co=1
.login.live.com/	1970-01-20 12:36:31	Name: MSCC Value: 92.222.212.18-PA
.login.live.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.DUClOUq5HZ6I4!7uKfXZ3TRSq!q0tGzUFrFZmYj9LKIpdYzOP489752Od0SipyY51gWjrHNOjJlSdBSR5IBnuWJIrShseNW1rLK68R0ylX80ITn8VPhMC9V8uL14VeT3lpm3SLTCYUBNeMkzYI95XQDUW1rymDFGCdheR6GtWlCG8ceNn9zpAYF56oTB1KvcGX17XMZTs0jXG4cnokfPop3R3gYuCOBRKQKPwvylbCbEAj1BiYBBubSP95fxTsOJxL6XBpZ9NYjkGNupmvoWmM5ITIu0L!sJP9!BlcvkzuSTeonwtD17cCXwDV8O1hvMAx3JlgJODA8UT3tY6GMUnlilvwsw4qFUEDcTILf7PugPB5zLFXms17!V9rutHtZeAbzuOCamBCtzjY2JJw06Ch8l6!9i3X51ZSJzvv!PeFI8qSgFxM1ltzlkTCfoCMilIKSplptchM3VZKjsRZQgo7c8MAzwFRvL6coO07
.login.live.com/	1969-12-31 23:59:59	Name: MSPOK Value: $uuid-8b1ef9ee-3e10-4768-bd8b-facf1a21a902

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amcdn.msftauth.net
api.sx2.email
app.sendx.io
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c1h-word-view-15.cdn.office.net
js.live.net
login.live.com
pnl1-word-view.officeapps.live.com
shell.cdn.office.net
sp-track.waitesrecruitment.co.uk
static2.sharepointonline.com
storage.live.com
view.officeapps.live.com
104.90.146.78
20.135.25.5
20.189.173.4
2620:1ec:40::45
2620:1ec:a92::171
2a01:111:f100:9001::1761:950c
2a02:26f0:3500:588::1c24
2a02:26f0:de:59d::4b36
3.214.235.32
40.126.31.69
51.132.193.105
54.92.251.90
96.16.146.233
00606c21454ee510a41e2983e00c2d67ae6cdeda1388234be153374f2ebd4cfa
036f613df24075e14c8e36a580c10c2cea1b193268b8e6bac5e397f76d36fc88
06b866e9052f6b7a7b66b08c1ab0f1b595486176eb4c04921181550fd3423fed
08999a4113608182c5662bbf6b881185bb0bfbeff94443421cb493e17418f44b
0a8049c5627a132d4c0be08579b2a33f7e8fd285a122795cabadabf08ddb6858
0a82cac426bcffd979e7f5fb68d0b6d316ee5053e4f5e2e18c335dec86d4050a
159edcea18b365087ce3752ddba551c176c95fd205acf27004157678ce71cf37
1d0d2f3b7b32f1a3a39644f1c6bd44cf63985120a481ff65ac3283612191ae7d
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
25be9a4bcb060e2b2862693b8d54a6231a86c37a0f7671e25eff984d4d3d512f
2c4e7fa0c4a763e47a8a92be9ee72520adc7baa8caca0c5756e1a2542096e06d
2c9801bc0e1e9a2fd814f2164b66a25b741adafa8231103f069c6384cab61ef5
31ab237d13911b16cfe8ff8160c0c289893759f56d6104690e97150983db4231
375a4713d1eae89411fc996e4a40870228a986701594bd2d802edfbad9dc415f
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7
3b685f5c523ed448d7e0d384a3de821300ac359f4c47273f6d3f2697f244728f
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
3f2d8e28b45b733672c14a22434c033edf9375e53ae7ace036d844ff8d5d9ef0
44114a6cea746ae63a035d409fa3f25daf6a5cf453b24e919d61df4cf6463b4a
4aaf634cd4a032a68b3739716ccbd237b1cacbbe2031b9450dcdb2fc5dbd2918
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
55e12c83e96c7eae6adf116150dc7d4f9bcddb6b939e9aa0a95652e1855677fd
6581c42a8df061bde74f89c567379ffd74cd8a9447192f7d2c2bb366a476293a
74a5abbf77934de62d55154cf5e0a211008cbaed7e194f5137318f9530349a00
7754ecc83f107a1b9d1accf820762349d00bbfefa0f8ba7c4444a88b81921b04
793e4ef4951e7e51858eb21509bad1c5612ac636255129a4d9e5d5b3eebc85b8
85f16218a1b4fac2b9ae842b7fb8c13c499bf936cb2581e24c5adfbb52a23895
8792ca1fed5b52f88b9b89aa303952d9802a25aa39224cb6fbdb1f417ba8fbf6
90869a05d5cb6f6864f79c1bdb28c83bd93cb0c3bd5d7a426a3f584af40b67e7
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
9a435242daabecff2c8118b1a3d0c5631f16bd96f61a3f9418c681be22cf1bcf
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a70c2df6555ca43ac6db3d4fc882ae42fbb610bb14a004249dc13218a6eb9fa7
b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df
bc877f37633d6d9c21e9ae669b9a2aaddb9acccc227f16f79423eb0ef78385ff
c0593eb8c576b9bade2fc30d44308cadad740ed826ad73b69eae968e8bbd1950
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
d0c3e6c8d25e655f19d3788bbf4982f52cba3498833d7d44ccf64e7e3f3de5a2
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d7ff83751040bf0f3f784d1d8d002c6e6045cc58f12a6a37f2badf2b3a0ebcb0
e156db1570c13c426d727df0b700884fac3ea70307c6ad350e47b8a266719393
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4ce35331abe9a6735c904a3f76fbcbfb547702a7a73ccb2fc135b5abef90b8f
f7e8fe61a6e94b02c1897a538b2f77baaf14c61c0f58d8722168f4b7b6905e32

view.officeapps.live.com Open in urlscan Pro 2a01:111:f100:9001::1761:950c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

96 %HTTPS

38 %IPv6

9 Domains

14 Subdomains

11 IPs

6 Countries

2754 kBTransfer

12740 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

view.officeapps.live.com Open in urlscan Pro
2a01:111:f100:9001::1761:950c Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

96 %
HTTPS

38 %
IPv6

9
Domains

14
Subdomains

11
IPs

6
Countries

2754 kB
Transfer

12740 kB
Size

10
Cookies

55 HTTP transactions
3 data transactions