view.officeapps.live.com Open in urlscan Pro
2603:1063:2000:1::12 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fwww.maintel.co.uk%2Fwp-content%2Fuploads%2F2023%2F06%2F230613-Sch...
Submission: On July 25 via manual (July 25th 2023, 3:39:01 pm UTC) from GB — Scanned from GB

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 4 domains to perform 62 HTTP transactions. The main IP is 2603:1063:2000:1::12, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is view.officeapps.live.com. The Cisco Umbrella rank of the primary domain is 21131.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on June 20th 2023. Valid for: a year.

This is the only time view.officeapps.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2603:1063:200... 2603:1063:2000:1::12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
33	2a02:26f0:480... 2a02:26f0:480:25::1726:6206	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2603:1063:220... 2603:1063:2206:14::33	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.77.34.39 104.77.34.39	16625 (AKAMAI-AS) (AKAMAI-AS)
1	20.50.80.210 20.50.80.210	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	40.90.136.179 40.90.136.179	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.126.32.74 40.126.32.74	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
62	7

12 2603:1063:2000:1::12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pnl1-word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a02:26f0:480:25::1726:6206 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res-1.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2603:1063:2206:14::33 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

euc-word-telemetry.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.77.34.39 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-34-39.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.80.210 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eu-office.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.90.136.179 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: I-DB3p-COR003.API.P001.1drv.com

storage.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.32.74 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	office.net res-1.cdn.office.net — Cisco Umbrella Rank: 318	2 MB
26	live.com 1 redirects view.officeapps.live.com — Cisco Umbrella Rank: 21131 pnl1-word-view.officeapps.live.com — Cisco Umbrella Rank: 144553 euc-word-telemetry.officeapps.live.com — Cisco Umbrella Rank: 13008 storage.live.com — Cisco Umbrella Rank: 114 login.live.com — Cisco Umbrella Rank: 55	625 KB
1	microsoft.com eu-office.events.data.microsoft.com — Cisco Umbrella Rank: 1260
1	live.net js.live.net — Cisco Umbrella Rank: 13314	16 KB
62	4

	Domain	Requested by
33	res-1.cdn.office.net	pnl1-word-view.officeapps.live.com res-1.cdn.office.net
12	euc-word-telemetry.officeapps.live.com	pnl1-word-view.officeapps.live.com res-1.cdn.office.net
11	pnl1-word-view.officeapps.live.com	pnl1-word-view.officeapps.live.com res-1.cdn.office.net
1	login.live.com
1	storage.live.com	1 redirects
1	eu-office.events.data.microsoft.com
1	js.live.net	res-1.cdn.office.net
1	view.officeapps.live.com
62	8

This site contains no links.

Subject Issuer	Validity	Valid
officeapps.live.com Microsoft Azure TLS Issuing CA 02	`2023-06-20` - `2024-06-14`	a year	crt.sh
*.res.outlook.com DigiCert SHA2 Secure Server CA	`2023-04-17` - `2024-04-17`	a year	crt.sh
p.sfx.ms Microsoft Azure TLS Issuing CA 05	`2023-06-14` - `2024-06-08`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-06-07` - `2024-06-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fwww.maintel.co.uk%2Fwp-content%2Fuploads%2F2023%2F06%2F230613-Schedule-F1-Mobile-Services-VMO2.docx&wdOrigin=BROWSELINK
Frame ID: B07E7EBF84FC326DC44FA9D4B4AD4B67
Requests: 2 HTTP requests in this frame

Frame: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=8ebed7a1-6029-4c6d-aa56-bba67fe0a103
Frame ID: 5762B547155786C41BAE954232D24152
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

230613-Schedule-F1-Mobile-Services-VMO2.docx

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

Page Statistics

62
Requests

95 %
HTTPS

43 %
IPv6

4
Domains

8
Subdomains

7
IPs

5
Countries

3207 kB
Transfer

14160 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1690299538814 HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=15&ct=1690299538&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

62 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request view.aspx Show response
view.officeapps.live.com/op/ 4 KB
5 KB 186ms
74ms Document
text/html 2603:1063:2000:1::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fwww.maintel.co.uk%2Fwp-content%2Fuploads%2F2023%2F06%2F230613-Schedule-F1-Mobile-Services-VMO2.docx&wdOrigin=BROWSELINK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

28b464eb307e45b9599be4e5f4e0a2203fbebf641feb3f523f53b69664e2483e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private
content-type: text/html; charset=utf-8
date: Tue, 25 Jul 2023 15:38:55 GMT
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: 8ebed7a1-6029-4c6d-aa56-bba67fe0a103
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wordcapacity_2_control,afd_pptcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 7049DDA90A7E446A80C685344B1A6553 Ref B: LON212050711005 Ref C: 2023-07-25T15:38:56Z
x-officecluster: PNL1
x-officefd: AM4PEPF00021F12
x-officefe: AM4PEPF0001B1FE
x-officeversion: 16.0.16714.41001

GET
DATA 200
OK truncated
/ 695 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 wordviewerframe.aspx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 5762 97 KB
100 KB 84ms
57ms Document
text/html 2603:1063:2000:1::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=8ebed7a1-6029-4c6d-aa56-bba67fe0a103

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cc048dd653af9eb0d17a677df6d151ecfeba6b5d989fa12fead66e7c6b07957e

Security Headers

Name	Value
Content-Security-Policy	font-src data: 'self' res-1.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net .azureedge.net fs.microsoft.com .cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com .cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com .cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; media-src blob: .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://view.officeapps.live.com
Referer: https://view.officeapps.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: 'self' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; media-src blob: *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Tue, 25 Jul 2023 15:38:55 GMT
document-policy: js-profiling
expires: -1
origin-trial: AtAgCmjF9NSDe7WG5+zXddNhpryHIhWvHG5BxTAcMRn1V9oswBhX2RSXHeDxLcwXMB/NYHr3BAXOBJJY1ita2BAAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNzAzOTgwODAwfQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
reporting-endpoints: default="https://pnl1-word-view.officeapps.live.com/wv/BrowserReportingHandler.ashx"
server-timing: prerender;dur=15,render;dur=0,total;dur=15
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: ae112ad6-cae1-407d-b939-702a191e6a42
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 37BDF6D83596406A8418DD0925AF6C24 Ref B: LON212050711005 Ref C: 2023-07-25T15:38:56Z
x-officecluster: PNL1
x-officefd: AM4PEPF000131F0
x-officefe: AM4PEPF000131F0
x-officeversion: 16.0.16719.41014
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42

GET
H2 200 WordViewer.css
res-1.cdn.office.net/officeonline/wv/s/hBEC3828C907F157E_resources/2057/ Frame 5762 273 KB
34 KB 207ms
54ms Stylesheet
text/css 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/hBEC3828C907F157E_resources/2057/WordViewer.css

Requested by

Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=8ebed7a1-6029-4c6d-aa56-bba67fe0a103

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bec3828c907f157e92740de53428d53a1bbe0a7dfbce05b52dd6c43150aa46d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 34025
last-modified: Thu, 20 Apr 2023 16:27:27 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f225"}],"include_subdomains ":true}
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 01d0916b-e01e-0059-6237-917814000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 200 clientManifest.js Show response
res-1.cdn.office.net/officeonline/wv/s/h9727095ED1CAFD34_resources/en-GB/ Frame 5762 210 KB
56 KB 198ms
47ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/h9727095ED1CAFD34_resources/en-GB/clientManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9727095ed1cafd34f5f84add61cd001c5ea4616b195dc6afe5f8d43a1b3c79aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 20 Jul 2023 06:16:24 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f21a"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: eae2cb6c-401e-001d-34c2-bbf22b000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
content-length: 56425

GET
H2 200 MicrosoftAjaxDS.js Show response
res-1.cdn.office.net/officeonline/wv/s/h60A82C06E357C29F_App_Scripts/ Frame 5762 123 KB
28 KB 185ms
46ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/h60A82C06E357C29F_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

60a82c06e357c29f34b99def3ed8d8eaae74ca8f44892ca214f1e38c1986363b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 01 May 2023 00:13:20 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f21b"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2d31add1-b01e-006b-70bc-7c7863000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
content-length: 27797

GET
H2 200 CommonIntl.js Show response
res-1.cdn.office.net/officeonline/wv/s/h24B68EF4D92C6C44_App_Scripts/2057/ Frame 5762 176 KB
34 KB 187ms
48ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/h24B68EF4D92C6C44_App_Scripts/2057/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

61773f3906a5b35ec3f56c05259f9f81ea099afb1696bfeecfb1b2a47449fcd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 19 Jul 2023 12:56:44 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f21e"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6499a3a6-a01e-0048-7eb1-bae2a0000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
content-length: 33827

OPTIONS
H2 200 RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 0
0 164ms
42ms Preflight 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16719.41014&waccluster=PNL1&usid=ae112ad6-cae1-407d-b939-702a191e6a42

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-browserulsbeacon,x-usersessionid
Access-Control-Request-Method: POST
Origin: https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age: 86400
cache-control: private
content-length: 0
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 15:38:56 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-correlationid: 0a78d179-0df0-4ed4-8291-a42b1472abc5
x-officecluster: PGTEU1
x-officefd: DB5PEPF000119CA
x-officefe: DB5PEPF000119CA
x-officeversion: 16.0.16719.41014
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42

POST
H2 200 RemoteUls.ashx Show response
euc-word-telemetry.officeapps.live.com/wt/ Frame 5762 0
381 B 43ms
42ms XHR
text/plain 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16719.41014&waccluster=PNL1&usid=ae112ad6-cae1-407d-b939-702a191e6a42

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
X-UserSessionId: ae112ad6-cae1-407d-b939-702a191e6a42
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 15:38:56 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.16719.41014
x-officefe: DB5PEPF000119CA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 0
x-correlationid: d8e83ee4-dca0-49dd-844e-5abae1a6d5f3
server: Microsoft-IIS/10.0
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42
x-officecluster: PGTEU1
x-download-options: noopen
x-officefd: DB5PEPF000119CA
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

GET
H2 200 Compat.js Show response
res-1.cdn.office.net/officeonline/wv/s/hCBA89239522795D5_App_Scripts/ Frame 5762 6 KB
2 KB 184ms
48ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 11 Apr 2023 08:44:38 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f21c"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9cd9286f-001e-0041-5fda-6da773000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
content-length: 1373

GET
H2 200 wac-wordviewer-strings.min.js Show response
res-1.cdn.office.net/officeonline/wv/s/hFE64A31BC1705AC9_App_Scripts/2057/ Frame 5762 13 KB
4 KB 183ms
47ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/hFE64A31BC1705AC9_App_Scripts/2057/wac-wordviewer-strings.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fe64a31bc1705ac964ec208e5170465ecab80f4477d0246d6b4b33ee6cbdbd1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 11 Apr 2023 08:46:03 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f21d"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c45d9437-001e-0041-53df-9ca773000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
content-length: 3346

GET
H2 200 WordViewerIntl.js Show response
res-1.cdn.office.net/officeonline/wv/s/h5727C90877C81C4E_App_Scripts/2057/ Frame 5762 21 KB
4 KB 132ms
131ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/h5727C90877C81C4E_App_Scripts/2057/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

06a8c0b8b8c30239055e6f518cf9c8a0a48ab8a68fb923db5888aff022d73814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 11 Apr 2023 08:45:12 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f22e"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e8382f51-c01e-003c-7bdf-76d650000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
content-length: 3569

GET
H2 200 word-app-intl.min.js Show response
res-1.cdn.office.net/officeonline/wv/s/h4AA83FE77752A7C6_App_Scripts/2057/ Frame 5762 544 KB
82 KB 293ms
157ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/h4AA83FE77752A7C6_App_Scripts/2057/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4aa83fe77752a7c6dc153ea1796b5eec87765e7fc11d4f54d13bf4675307847c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 83748
last-modified: Thu, 20 Jul 2023 01:11:15 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f218"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8b79a589-501e-0001-2094-bba04b000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
res-1.cdn.office.net/officeonline/wv/s/h3FE040FEEA6D1726_App_Scripts/exp/ Frame 5762 21 KB
5 KB 183ms
48ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/h3FE040FEEA6D1726_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3fe040feea6d1726fde707b6a255fa001cf248aaddad4acf519b7090fb72b821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 14 Jul 2023 23:18:28 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f219"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 360793a6-a01e-0058-352e-b927c8000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
content-length: 3997

GET
H2 200 WordViewerDS.js Show response
res-1.cdn.office.net/officeonline/wv/s/h90A177B1EF4D0D25_App_Scripts/ Frame 5762 3 MB
496 KB 132ms
131ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/h90A177B1EF4D0D25_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

90a177b1ef4d0d25a9670546a3b9515f3a609a7f4fef6904b6e50190360fd006

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 20 Jul 2023 01:11:05 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f239"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5c7b7d1f-101e-004d-6986-bb307b000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
content-length: 506840

POST
H2 200 RemoteUls.ashx Show response
euc-word-telemetry.officeapps.live.com/wt/ Frame 5762 0
93 B 42ms
42ms XHR
text/plain 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16719.41014&waccluster=PNL1&usid=ae112ad6-cae1-407d-b939-702a191e6a42

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
X-UserSessionId: ae112ad6-cae1-407d-b939-702a191e6a42
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":263,"Value":"https://res-1.cdn.office.net:443/officeonline/wv/s/hBEC3828C907F157E_resources/2057/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 15:38:57 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.16719.41014
x-officefe: DB5PEPF000119CA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 0
x-correlationid: 64b38f2c-688d-4f5a-ac1d-278b816c8f40
server: Microsoft-IIS/10.0
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42
x-officecluster: PGTEU1
x-download-options: noopen
x-officefd: DB5PEPF000119CA
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

OPTIONS
H2 200 RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 0
0 43ms
43ms Preflight 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16719.41014&waccluster=PNL1&usid=ae112ad6-cae1-407d-b939-702a191e6a42

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-browserulsbeacon,x-usersessionid
Access-Control-Request-Method: POST
Origin: https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age: 86400
cache-control: private
content-length: 0
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 15:38:56 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-correlationid: e9f63dc8-afc8-49dd-9217-8025132b4ebb
x-officecluster: PGTEU1
x-officefd: DB5PEPF000119CA
x-officefe: DB5PEPF000119CA
x-officeversion: 16.0.16719.41014
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 5762 95 KB
96 KB 86ms
85ms Image
image/png 2603:1063:2000:1::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token=1&access_token_ttl=0&z=6a34660bde1e867914a85ba1c6eb9b740f2b441fcef2554ae5d4965f8fd29971&v=00000000-0000-0000-0000-000000000802&usid=ae112ad6-cae1-407d-b939-702a191e6a42&splashscreen=1&build=16.0.16719.41014&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

53c7cd2a20d21644e2c8cc4edcdc86db44e1b041549b1d4537216c1ff95394c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=8ebed7a1-6029-4c6d-aa56-bba67fe0a103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 15:38:56 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF00010312
x-officeversion: 16.0.16719.41014
x-officefe: AM4PEPF00010312
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 97005
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 29d276ee-024b-4e32-af32-b4204f5e8df2
x-officecluster: PNL1
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42
x-msedge-ref: Ref A: F416C805EA1040488522CBBD53A7302A Ref B: LON212050711005 Ref C: 2023-07-25T15:38:57Z
x-officefd: AM4PEPF00010312
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token=1&access_token_ttl=0&z=6a34660bde1e867914a85ba1c6eb9b740f2b441fcef2554ae5d4965f8fd2997100000000-0000-0000-0000-000000000802p1.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Wed, 24 Jul 2024 15:38:57 GMT

GET
H2 200 sharedheaderplaceholder-icons.woff
res-1.cdn.office.net/officeonline/wv/s/h09A1411BF361D3D6_App_Scripts/fonts/ Frame 5762 3 KB
3 KB 46ms
46ms Font
application/font-woff 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/h09A1411BF361D3D6_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

09a1411bf361d3d649f4ff5098e0197510232477bf099872f58f5d1ec483e9af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 11 Apr 2023 08:44:32 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f2db"}],"include_subdomains ":true}
content-type: application/font-woff
access-control-allow-origin: *
x-ms-request-id: 9c643e58-001e-0041-5bfc-70a773000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
content-length: 2944

OPTIONS
H2 200 RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 0
0 42ms
42ms Preflight 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16719.41014&waccluster=PNL1&usid=ae112ad6-cae1-407d-b939-702a191e6a42

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-browserulsbeacon,x-usersessionid
Access-Control-Request-Method: POST
Origin: https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age: 86400
cache-control: private
content-length: 0
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 15:38:57 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-correlationid: b65bec57-f539-41b7-bdbb-74cfaab57d41
x-officecluster: PGTEU1
x-officefd: DB5PEPF000119CA
x-officefe: DB5PEPF000119CA
x-officeversion: 16.0.16719.41014
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42

POST
H2 200 RemoteUls.ashx Show response
euc-word-telemetry.officeapps.live.com/wt/ Frame 5762 0
69 B 43ms
42ms XHR
text/plain 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16719.41014&waccluster=PNL1&usid=ae112ad6-cae1-407d-b939-702a191e6a42

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
X-UserSessionId: ae112ad6-cae1-407d-b939-702a191e6a42
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":673,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 15:38:57 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.16719.41014
x-officefe: DB5PEPF000119CA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 0
x-correlationid: 465caddb-3c8c-4041-95aa-e27a66117064
server: Microsoft-IIS/10.0
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42
x-officecluster: PGTEU1
x-download-options: noopen
x-officefd: DB5PEPF000119CA
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

POST
H2 200 RemoteTelemetry.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 5762 0
355 B 48ms
48ms XHR
text/plain 2603:1063:2000:1::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteTelemetry.ashx?usid=ae112ad6-cae1-407d-b939-702a191e6a42&build=16.0.16719.41014

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h90A177B1EF4D0D25_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=8ebed7a1-6029-4c6d-aa56-bba67fe0a103
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 15:38:56 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.16719.41014
x-officefe: AM4PEPF00012936
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: bb113180-9370-47aa-bbf6-3981d3627d00
x-officecluster: PNL1
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42
x-msedge-ref: Ref A: 794FF6413CB04F8FBD6B67146F678788 Ref B: LON212050711005 Ref C: 2023-07-25T15:38:57Z
x-download-options: noopen
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
cache-control: private
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 5762 445 B
815 B 56ms
56ms XHR
text/xml 2603:1063:2000:1::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token=1&access_token_ttl=0&z=6a34660bde1e867914a85ba1c6eb9b740f2b441fcef2554ae5d4965f8fd29971&type=png&o15=1&ui=en-GB

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h60A82C06E357C29F_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

9744041125c432b7b1cf8a4140da456cb5f339e0c9ff1191b72ca81e0d45e0e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 6
X-WacFrontEnd: AM4PEPF000131F0
X-UserSessionId: ae112ad6-cae1-407d-b939-702a191e6a42
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.16719.41014
X-Key: +hCPl7BoIwU5qLDFUbQ0trGYOk2v3FOidzd9LapgSv8=,638258963367861422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=8ebed7a1-6029-4c6d-aa56-bba67fe0a103
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jul 2023 15:38:56 GMT
x-wacfrontend: AM4PEPF000131F0
x-officeversion: 16.0.16719.41014
x-powered-by: ARR/3.0
x-officefe: AM4PEPF000131F0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 418
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 6ed1a29a-aa26-41e2-ac92-a4060bb4bf6a, 6ed1a29a-aa26-41e2-ac92-a4060bb4bf6a
x-officecluster: PNL1
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42, ae112ad6-cae1-407d-b939-702a191e6a42
x-msedge-ref: Ref A: 2D5CC34F53BA4404A78BFBB296771345 Ref B: LON212050711005 Ref C: 2023-07-25T15:38:57Z
x-officefd: AM4PEPF00006032
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
timing-allow-origin: *, *
expires: Wed, 24 Jul 2024 15:38:57 GMT

GET
H3 200 wacairspaceanimationlibrary.js Show response
res-1.cdn.office.net/officeonline/wv/s/hDD4039F8AFAC6FD7_App_Scripts/ Frame 5762 41 KB
6 KB 48ms
48ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/hDD4039F8AFAC6FD7_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h90A177B1EF4D0D25_App_Scripts/WordViewerDS.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dd4039f8afac6fd76b462c4fd4f90374b18db762719108491ac2e365196d71ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 6113
last-modified: Tue, 11 Apr 2023 08:44:33 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f333"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9d71f671-301e-0065-0e36-9251d3000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
quic-version: 0x00000001

GET
H3 200 segoeui.woff
res-1.cdn.office.net/officeonline/wv/s/hBEC3828C907F157E_resources/2057/ Frame 5762 22 KB
22 KB 47ms
47ms Font
application/font-woff 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/hBEC3828C907F157E_resources/2057/segoeui.woff

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/hBEC3828C907F157E_resources/2057/WordViewer.css

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://res-1.cdn.office.net/officeonline/wv/s/hBEC3828C907F157E_resources/2057/WordViewer.css
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 20 Apr 2023 16:27:22 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f336"}],"include_subdomains ":true}
content-type: application/font-woff
access-control-allow-origin: *
x-ms-request-id: 6cfb5feb-a01e-0015-1e64-76e824000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 22720
quic-version: 0x00000001

GET
BLOB 200
OK 3818ff23-5658-4367-80cd-f9fd854dd28a
https://pnl1-word-view.officeapps.live.com/ Frame 5762 191 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pnl1-word-view.officeapps.live.com/3818ff23-5658-4367-80cd-f9fd854dd28a
Requested by: Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=8ebed7a1-6029-4c6d-aa56-bba67fe0a103
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65c2588ffcda4f6e049a0e35842354a1c034f507aab2b0cdb7bdbe579cb583a8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Length: 191
Content-Type: application/javascript

OPTIONS
H2 200 RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 0
0 42ms
42ms Preflight 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16719.41014&waccluster=PNL1&usid=ae112ad6-cae1-407d-b939-702a191e6a42

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-browserulsbeacon,x-usersessionid
Access-Control-Request-Method: POST
Origin: https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age: 86400
cache-control: private
content-length: 0
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 15:38:57 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-correlationid: c81e4b3c-4efd-4320-8027-da3384a2f374
x-officecluster: PGTEU1
x-officefd: DB5PEPF000119CA
x-officefe: DB5PEPF000119CA
x-officeversion: 16.0.16719.41014
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42

POST
H2 200 RemoteUls.ashx Show response
euc-word-telemetry.officeapps.live.com/wt/ Frame 5762 0
69 B 45ms
45ms XHR
text/plain 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16719.41014&waccluster=PNL1&usid=ae112ad6-cae1-407d-b939-702a191e6a42

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
X-UserSessionId: ae112ad6-cae1-407d-b939-702a191e6a42
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":908,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 15:38:57 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.16719.41014
x-officefe: DB5PEPF000119CA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 0
x-correlationid: c94b15b7-a255-4921-a20a-ed67bc7cfc98
server: Microsoft-IIS/10.0
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42
x-officecluster: PGTEU1
x-download-options: noopen
x-officefd: DB5PEPF000119CA
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

GET
H3 200 WordViewerDS.dll1.js Show response
res-1.cdn.office.net/officeonline/wv/s/hCBAC614609E2CBA9_App_Scripts/ Frame 5762 858 KB
142 KB 48ms
47ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/hCBAC614609E2CBA9_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h90A177B1EF4D0D25_App_Scripts/WordViewerDS.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cbac614609e2cba9efe06eebd07dc59ee60d9ab1e927b76f9a0329b71e1c8f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 145703
last-modified: Thu, 20 Jul 2023 01:10:14 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f3a8"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f7c73529-e01e-0066-2d86-bbb0b7000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
quic-version: 0x00000001

GET
H3 200 progress.gif
res-1.cdn.office.net/officeonline/wv/s/hA3596C17DAD9A003_resources/2057/ Frame 5762 695 B
721 B 46ms
46ms Image
image/gif 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/hA3596C17DAD9A003_resources/2057/progress.gif

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 11 Apr 2023 08:45:54 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f3b3"}],"include_subdomains ":true}
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 2ab5be5f-601e-0068-07ec-719907000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 695
quic-version: 0x00000001

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 5762 95 KB
95 KB 91ms
90ms Image
image/png 2603:1063:2000:1::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=ae112ad6-cae1-407d-b939-702a191e6a42&build=16.0.16719.41014&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token=1&access_token_ttl=0&z=6a34660bde1e867914a85ba1c6eb9b740f2b441fcef2554ae5d4965f8fd29971&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

53c7cd2a20d21644e2c8cc4edcdc86db44e1b041549b1d4537216c1ff95394c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=8ebed7a1-6029-4c6d-aa56-bba67fe0a103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 15:38:57 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF00011BBA
x-officeversion: 16.0.16719.41014
x-officefe: AM4PEPF00011BBA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 97005
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: b8c0c186-e611-4aae-bbf2-46c63ab5cf09
x-officecluster: PNL1
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42
x-msedge-ref: Ref A: 9E0E7380A4434824BA7B91C435789749 Ref B: LON212050711005 Ref C: 2023-07-25T15:38:57Z
x-officefd: AM4PEPF00011BBA
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token=1&access_token_ttl=0&z=6a34660bde1e867914a85ba1c6eb9b740f2b441fcef2554ae5d4965f8fd2997100000000-0000-0000-0000-000000000802p1.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Wed, 24 Jul 2024 15:38:57 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 5762 94 KB
95 KB 48ms
47ms Image
image/png 2603:1063:2000:1::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=ae112ad6-cae1-407d-b939-702a191e6a42&build=16.0.16719.41014&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token=1&access_token_ttl=0&z=6a34660bde1e867914a85ba1c6eb9b740f2b441fcef2554ae5d4965f8fd29971&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f3a2f6b9887f38022c7c5a7d4915ccd39874965f832f48137bb1bb9b0d2cf294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=8ebed7a1-6029-4c6d-aa56-bba67fe0a103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 15:38:56 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF00010312
x-officeversion: 16.0.16719.41014
x-officefe: AM4PEPF00010312
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 96316
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 0ceac33d-1812-48cb-8c5d-4b974a52e450
x-officecluster: PNL1
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42
x-msedge-ref: Ref A: D4CF11FA06494619B4A93126C4DA373B Ref B: LON212050711005 Ref C: 2023-07-25T15:38:57Z
x-officefd: AM4PEPF00010312
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token=1&access_token_ttl=0&z=6a34660bde1e867914a85ba1c6eb9b740f2b441fcef2554ae5d4965f8fd2997100000000-0000-0000-0000-000000000802p2.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Wed, 24 Jul 2024 15:38:57 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 5762 85 KB
86 KB 50ms
49ms Image
image/png 2603:1063:2000:1::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p3.img&v=00000000-0000-0000-0000-000000000802&usid=ae112ad6-cae1-407d-b939-702a191e6a42&build=16.0.16719.41014&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token=1&access_token_ttl=0&z=6a34660bde1e867914a85ba1c6eb9b740f2b441fcef2554ae5d4965f8fd29971&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bd087e3f09585fe6a995574504c9cd8b5974381a923e447f0c1207867586b09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=8ebed7a1-6029-4c6d-aa56-bba67fe0a103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 15:38:56 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF000131F0
x-officeversion: 16.0.16719.41014
x-officefe: AM4PEPF000131F0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 87318
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 97d05160-67e9-4378-8200-5f0a1afe9fe6
x-officecluster: PNL1
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42
x-msedge-ref: Ref A: 72C85E78CD2C41C1AC82DCEBFB41DBD1 Ref B: LON212050711005 Ref C: 2023-07-25T15:38:57Z
x-officefd: AM4PEPF000131F0
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token=1&access_token_ttl=0&z=6a34660bde1e867914a85ba1c6eb9b740f2b441fcef2554ae5d4965f8fd2997100000000-0000-0000-0000-000000000802p3.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Wed, 24 Jul 2024 15:38:57 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 5762 91 KB
92 KB 107ms
107ms Image
image/png 2603:1063:2000:1::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p4.img&v=00000000-0000-0000-0000-000000000802&usid=ae112ad6-cae1-407d-b939-702a191e6a42&build=16.0.16719.41014&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token=1&access_token_ttl=0&z=6a34660bde1e867914a85ba1c6eb9b740f2b441fcef2554ae5d4965f8fd29971&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f4a33785a7b0af8334ff12936e948ab6ebe41a8a6e7037f1b646555bc88a44d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=8ebed7a1-6029-4c6d-aa56-bba67fe0a103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 15:38:57 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF00012936
x-officeversion: 16.0.16719.41014
x-officefe: AM4PEPF00012936
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 93659
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: f0e9657a-87ac-4939-93f0-78a2c627a298
x-officecluster: PNL1
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42
x-msedge-ref: Ref A: 5671B7C3DD2D4482B59B820BF19136A3 Ref B: LON212050711005 Ref C: 2023-07-25T15:38:57Z
x-officefd: AM4PEPF00012936
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token=1&access_token_ttl=0&z=6a34660bde1e867914a85ba1c6eb9b740f2b441fcef2554ae5d4965f8fd2997100000000-0000-0000-0000-000000000802p4.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Wed, 24 Jul 2024 15:38:57 GMT

GET
H2 200 ResReader.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 5762 190 KB
52 KB 54ms
53ms XHR
text/xml 2603:1063:2000:1::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=ae112ad6-cae1-407d-b939-702a191e6a42&build=16.0.16719.41014&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token=1&access_token_ttl=0&z=6a34660bde1e867914a85ba1c6eb9b740f2b441fcef2554ae5d4965f8fd29971&waccluster=PNL1

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h60A82C06E357C29F_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

fcdb27d53552dd06c56059894273710d56081ec3f1d22ae4c9a50693a2272842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 6
X-WacFrontEnd: AM4PEPF000131F0
X-UserSessionId: ae112ad6-cae1-407d-b939-702a191e6a42
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.16719.41014
X-Key: +hCPl7BoIwU5qLDFUbQ0trGYOk2v3FOidzd9LapgSv8=,638258963367861422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=8ebed7a1-6029-4c6d-aa56-bba67fe0a103
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jul 2023 15:38:56 GMT
x-wacfrontend: AM4PEPF000131F0
x-officeversion: 16.0.16719.41014
x-powered-by: ARR/3.0
x-officefe: AM4PEPF000131F0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 52139
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: ee04e3b0-7fe6-49b7-8781-8acd8f7c4a87, ee04e3b0-7fe6-49b7-8781-8acd8f7c4a87
x-officecluster: PNL1
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42, ae112ad6-cae1-407d-b939-702a191e6a42
x-msedge-ref: Ref A: 676C9677ABA54F678A894A6241091D28 Ref B: LON212050711005 Ref C: 2023-07-25T15:38:57Z
x-officefd: AM4PEPF00006032
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token=1&access_token_ttl=0&z=6a34660bde1e867914a85ba1c6eb9b740f2b441fcef2554ae5d4965f8fd2997100000000-0000-0000-0000-000000000802p_1_10.xml"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
timing-allow-origin: *, *
expires: Wed, 24 Jul 2024 15:38:57 GMT

OPTIONS
H2 200 RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 0
0 42ms
42ms Preflight 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16719.41014&waccluster=PNL1&usid=ae112ad6-cae1-407d-b939-702a191e6a42

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-browserulsbeacon,x-usersessionid
Access-Control-Request-Method: POST
Origin: https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age: 86400
cache-control: private
content-length: 0
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 15:38:57 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-correlationid: 3cffba9e-5eb4-4b66-b02f-3a0304a32ac5
x-officecluster: PGTEU1
x-officefd: DB5PEPF000119CA
x-officefe: DB5PEPF000119CA
x-officeversion: 16.0.16719.41014
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42

POST
H2 200 RemoteUls.ashx Show response
euc-word-telemetry.officeapps.live.com/wt/ Frame 5762 0
70 B 43ms
43ms XHR
text/plain 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16719.41014&waccluster=PNL1&usid=ae112ad6-cae1-407d-b939-702a191e6a42

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
X-UserSessionId: ae112ad6-cae1-407d-b939-702a191e6a42
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1033,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 15:38:57 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.16719.41014
x-officefe: DB5PEPF000119CA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 0
x-correlationid: d7393f7d-5dfa-4dcf-b597-d0a413f21333
server: Microsoft-IIS/10.0
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42
x-officecluster: PGTEU1
x-download-options: noopen
x-officefd: DB5PEPF000119CA
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

OPTIONS
H2 200 RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 0
0 43ms
42ms Preflight 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16719.41014&waccluster=PNL1&usid=ae112ad6-cae1-407d-b939-702a191e6a42

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: haep,x-accesstoken,x-accesstokenttl,x-buls-suppressionetag,x-key,x-officeversion,x-requested-with,x-usersessionid,x-usertype,x-waccluster,x-wacfrontend,x-xhr
Access-Control-Request-Method: POST
Origin: https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age: 86400
cache-control: private
content-length: 0
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 15:38:57 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-correlationid: c5534137-efd3-411c-a99c-f11302618436
x-officecluster: PGTEU1
x-officefd: DB5PEPF000119CA
x-officefe: DB5PEPF000119CA
x-officeversion: 16.0.16719.41014
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42

POST
H2 200 RemoteUls.ashx Show response
euc-word-telemetry.officeapps.live.com/wt/ Frame 5762 0
119 B 43ms
42ms XHR
text/plain 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16719.41014&waccluster=PNL1&usid=ae112ad6-cae1-407d-b939-702a191e6a42

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h60A82C06E357C29F_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: AM4PEPF000131F0
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.16719.41014
X-Key: +hCPl7BoIwU5qLDFUbQ0trGYOk2v3FOidzd9LapgSv8=,638258963367861422
X-bULS-SuppressionETag: A2D2C67674F717356DF837760D9EB55D296CD82E
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 6
X-AccessToken: 1
X-UserSessionId: ae112ad6-cae1-407d-b939-702a191e6a42
X-AccessTokenTtl: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://pnl1-word-view.officeapps.live.com/
X-UserType: WOPI
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 15:38:57 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.16719.41014
x-officefe: DB5PEPF000119CA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: A2D2C67674F717356DF837760D9EB55D296CD82E
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 0
x-correlationid: 0bc421ba-a82b-4d47-8a2c-2a3d57321d32
server: Microsoft-IIS/10.0
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42
x-officecluster: PGTEU1
x-download-options: noopen
x-officefd: DB5PEPF000119CA
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

GET
H3 200 word-app-intl.min.js Show response
res-1.cdn.office.net/officeonline/wv/s/161671941014_App_Scripts/2057/ Frame 5762 544 KB
82 KB 54ms
54ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/161671941014_App_Scripts/2057/word-app-intl.min.js

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h3FE040FEEA6D1726_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4aa83fe77752a7c6dc153ea1796b5eec87765e7fc11d4f54d13bf4675307847c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 83748
last-modified: Thu, 20 Jul 2023 06:16:17 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f3f2"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: af52b4dd-c01e-0003-5d94-bb1ef3000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
quic-version: 0x00000001

GET
H3 200 common.min.js Show response
res-1.cdn.office.net/officeonline/wv/s/h1E30DDD6BCEAD137_App_Scripts/exp/ Frame 5762 2 MB
314 KB 59ms
59ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/h1E30DDD6BCEAD137_App_Scripts/exp/common.min.js

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h3FE040FEEA6D1726_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1e30ddd6bcead13795f46d69665fa79a7dbe5b70b3f770cfcbfc8ae9cdaf78af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 321789
last-modified: Thu, 20 Jul 2023 01:10:29 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f3f6"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f5b5a20f-601e-0025-6086-bb56eb000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
quic-version: 0x00000001

GET
H3 200 appChrome.min.js Show response
res-1.cdn.office.net/officeonline/wv/s/h83D64374B07BF959_App_Scripts/exp/ Frame 5762 328 KB
62 KB 78ms
78ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/h83D64374B07BF959_App_Scripts/exp/appChrome.min.js

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h3FE040FEEA6D1726_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

83d64374b07bf959237b1b7c7b74ad59a33bdcc49f041b1a6758a714edb75af3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 63763
last-modified: Wed, 19 Jul 2023 00:13:53 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f3f9"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4a12f380-101e-0010-66ad-ba3aff000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
quic-version: 0x00000001

GET
H3 200 progress.gif
res-1.cdn.office.net/officeonline/wv/s/hA3596C17DAD9A003_resources/2057/ Frame 5762 695 B
721 B 46ms
46ms Image
image/gif 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/hA3596C17DAD9A003_resources/2057/progress.gif

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h90A177B1EF4D0D25_App_Scripts/WordViewerDS.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 11 Apr 2023 08:45:54 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f402"}],"include_subdomains ":true}
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 2ab5be5f-601e-0068-07ec-719907000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 695
quic-version: 0x00000001

GET
H3 200 wv.png
res-1.cdn.office.net/officeonline/wv/s/161671941014_resources/2057/ Frame 5762 34 KB
34 KB 46ms
46ms Image
image/png 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/161671941014_resources/2057/wv.png

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 20 Jul 2023 06:15:53 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f404"}],"include_subdomains ":true}
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 8b79ab71-501e-0001-7e94-bba04b000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 35196
quic-version: 0x00000001

GET
H3 200 progress16.gif
res-1.cdn.office.net/officeonline/wv/s/h38E88B6AF6C65319_resources/2057/ Frame 5762 668 B
694 B 62ms
62ms Image
image/gif 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/h38E88B6AF6C65319_resources/2057/progress16.gif

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 11 Apr 2023 08:45:08 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299537.8d7f405"}],"include_subdomains ":true}
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 55c6830d-501e-0011-1cec-716523000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 668
quic-version: 0x00000001

GET
H3 200 common50.min.js Show response
res-1.cdn.office.net/officeonline/wv/s/hE3CFF57BF14E896B_App_Scripts/exp/ Frame 5762 2 MB
463 KB 47ms
47ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/hE3CFF57BF14E896B_App_Scripts/exp/common50.min.js

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h3FE040FEEA6D1726_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3cff57bf14e896bacf82d10386e1eb9521cd136c0d76aa2ae9f0b98c19afa05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 474311
last-modified: Thu, 20 Jul 2023 01:11:12 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299538.8d7f456"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fd677e57-801e-005f-0686-bb4bab000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
quic-version: 0x00000001

GET
H3 200 appChromeLazy.min.js Show response
res-1.cdn.office.net/officeonline/wv/s/h52AB33300E29BCE2_App_Scripts/exp/ Frame 5762 656 KB
131 KB 51ms
51ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/h52AB33300E29BCE2_App_Scripts/exp/appChromeLazy.min.js

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h3FE040FEEA6D1726_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

52ab33300e29bce2fba7f34cf812da484a92730bfecceffb90c5f02dc5982b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 134451
last-modified: Wed, 19 Jul 2023 16:13:02 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299538.8d7f457"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5a0e5c7f-e01e-0049-1186-bbbd7c000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
quic-version: 0x00000001

GET
H3 200 segoeui-semibold.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/ Frame 5762 31 KB
31 KB 51ms
50ms Font
font/woff2 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Dec 2022 21:53:31 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299538.8d7f459"}],"include_subdomains ":true}
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: 346b9e01-101e-004d-7550-14307b000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: public, max-age=630720000
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 31824
quic-version: 0x00000001

POST
H2 200 RemoteTelemetry.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 5762 0
379 B 51ms
51ms XHR
text/plain 2603:1063:2000:1::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteTelemetry.ashx?usid=ae112ad6-cae1-407d-b939-702a191e6a42&build=16.0.16719.41014

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h90A177B1EF4D0D25_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=8ebed7a1-6029-4c6d-aa56-bba67fe0a103
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 15:38:57 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.16719.41014
x-officefe: AM4PEPF000131F0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: f4fefd00-7347-4d4b-b76d-7c6562d56f85
x-officecluster: PNL1
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42
x-msedge-ref: Ref A: 770F126EBD674675B17E473582C23A85 Ref B: LON212050711005 Ref C: 2023-07-25T15:38:58Z
x-download-options: noopen
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
cache-control: private
timing-allow-origin: *

GET
H3 200 word-app-intl-lazy.min.js Show response
res-1.cdn.office.net/officeonline/wv/s/hD9A50C8F358707A0_App_Scripts/2057/ Frame 5762 795 KB
102 KB 51ms
51ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/hD9A50C8F358707A0_App_Scripts/2057/word-app-intl-lazy.min.js

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h90A177B1EF4D0D25_App_Scripts/WordViewerDS.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d9a50c8f358707a05a8ff54757e6cc39375fe64822b8535bb9ecafc2997ff9ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 104427
last-modified: Mon, 17 Jul 2023 22:10:34 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299538.8d7f460"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b137f667-701e-005b-1f3f-bac6ac000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
quic-version: 0x00000001

GET
H3 200 uiSlice20.min.js Show response
res-1.cdn.office.net/officeonline/wv/s/hD3279F22302AEE28_App_Scripts/exp/ Frame 5762 1 MB
203 KB 51ms
49ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/hD3279F22302AEE28_App_Scripts/exp/uiSlice20.min.js

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h3FE040FEEA6D1726_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d3279f22302aee2877654fe01b2efa2a7113185a8526dcad64f08515fe275dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 207420
last-modified: Wed, 19 Jul 2023 16:12:59 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299538.8d7f472"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c7b572c0-001e-0023-6c86-bb6554000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
quic-version: 0x00000001

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 5762 42 KB
16 KB 228ms
53ms Script
application/javascript 104.77.34.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h90A177B1EF4D0D25_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.77.34.39 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-34-39.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 15:38:58 GMT
X-MSNServer: RD0003FF1D9E2A
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
X-ODWebServer: westeurope0-odwebp
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=19492, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16199

GET
H3 200 en-gb Show response
res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/ Frame 5762 25 KB
5 KB 51ms
51ms XHR
application/json 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/en-gb

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h52AB33300E29BCE2_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d3902bf33429dc27c687c5c003585a3a654cf7a3e58d4033711838e07da5be69

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=2592000, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jul 2023 15:38:58 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 5157
pragma: no-cache
x-cdn-provider: Akamai
vary: Accept-Encoding
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299538.8d7f49c"}],"include_subdomains ":true}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=300
timing-allow-origin: *
x-o365suiteuxshell-correlationid: 02919bfd-2609-4c49-bf5b-6e27b3faabc8
quic-version: 0x00000001

GET
H3 200 shellstrings.json Show response
res-1.cdn.office.net/officeonline/wv/s/161671941014_App_Scripts/suiteux-shell/strings/en-gb/ Frame 5762 14 KB
4 KB 47ms
47ms XHR
application/json 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/161671941014_App_Scripts/suiteux-shell/strings/en-gb/shellstrings.json

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h52AB33300E29BCE2_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

00a82ae03cfb0e5fdac594bb8144ea242d68cff8a2793a90e1167774373e525b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 3807
last-modified: Thu, 20 Jul 2023 06:16:39 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299538.8d7f4d4"}],"include_subdomains ":true}
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4ee2e79e-101e-0010-6594-bb3aff000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
quic-version: 0x00000001

GET
H3 200 suiteux.shell.core.js Show response
res-1.cdn.office.net/officeonline/wv/s/161671941014_App_Scripts/suiteux-shell/js/ Frame 5762 289 KB
77 KB 50ms
50ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/161671941014_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h52AB33300E29BCE2_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8243e5ea3540452b933b423e690c94da38cdca9f47229672255d50e50b5d9bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 79099
last-modified: Thu, 20 Jul 2023 06:16:41 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299538.8d7f510"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1ebb18d4-301e-0007-6086-bb93f4000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
quic-version: 0x00000001

GET
H3 200 segoeui-regular.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/ Frame 5762 35 KB
36 KB 50ms
50ms Font
font/woff2 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Dec 2022 21:53:29 GMT
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299538.8d7f515"}],"include_subdomains ":true}
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: 1fc271d7-801e-004f-6650-148ec3000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: public, max-age=630720000
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 36344
quic-version: 0x00000001

GET
H3 200 suiteux.shell.consappdata.js Show response
res-1.cdn.office.net/officeonline/wv/s/161671941014_App_Scripts/suiteux-shell/js/ Frame 5762 7 KB
2 KB 52ms
51ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/161671941014_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h52AB33300E29BCE2_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c738f9350dc1745d052bf36555a67a0f5bb852b6a85a39412fe67854f8c07616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 2008
last-modified: Thu, 20 Jul 2023 06:16:33 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299538.8d7f51c"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 864570d4-901e-000e-0ef3-bbd627000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
quic-version: 0x00000001

GET
BLOB 200
OK fff6d745-f96c-4d7d-a45c-73bf0475e3cd
https://pnl1-word-view.officeapps.live.com/ Frame 5762 179 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pnl1-word-view.officeapps.live.com/fff6d745-f96c-4d7d-a45c-73bf0475e3cd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e88f44d724b33bae8b4b848261d3db02f459edd1f4c2cd100bdf5f8bac5dc59

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Length: 179
Content-Type: application/javascript

GET
H3 200 suiteux.shell.plus.js Show response
res-1.cdn.office.net/officeonline/wv/s/161671941014_App_Scripts/suiteux-shell/js/ Frame 5762 221 KB
47 KB 53ms
53ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/161671941014_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h52AB33300E29BCE2_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ccfc4fc89ef52346090114af2fd14d883ec8eeab5ec2bc44e0c74b82dafa21dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 48107
last-modified: Thu, 20 Jul 2023 06:16:43 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299538.8d7f545"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f42fb3ea-b01e-0019-6586-bb7f2c000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
quic-version: 0x00000001

GET
H2 200 translation.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 5762 2 KB
2 KB 49ms
49ms XHR
text/html 2603:1063:2000:1::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token=1&access_token_ttl=0&z=6a34660bde1e867914a85ba1c6eb9b740f2b441fcef2554ae5d4965f8fd29971&uilang=en-GB

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h60A82C06E357C29F_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e81ca2badb4bc29ff95403cef5e76b4a364ad720c3d57a28d3920063d60c3cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 6
X-WacFrontEnd: AM4PEPF000131F0
X-UserSessionId: ae112ad6-cae1-407d-b939-702a191e6a42
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.16719.41014
X-Key: +hCPl7BoIwU5qLDFUbQ0trGYOk2v3FOidzd9LapgSv8=,638258963367861422
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=en%2DGB&rs=en%2DGB&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fwww%252Emaintel%252Eco%252Euk%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F06%252F230613%252DSchedule%252DF1%252DMobile%252DServices%252DVMO2%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=8ebed7a1-6029-4c6d-aa56-bba67fe0a103
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jul 2023 15:38:57 GMT
x-wacfrontend: AM4PEPF000131F0
x-officeversion: 16.0.16719.41014
x-powered-by: ARR/3.0
x-officefe: AM4PEPF000131F0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1583
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 036820d3-c00b-451d-9a0c-16a0d95a6bb3, 036820d3-c00b-451d-9a0c-16a0d95a6bb3
x-officecluster: PNL1
x-usersessionid: ae112ad6-cae1-407d-b939-702a191e6a42, ae112ad6-cae1-407d-b939-702a191e6a42
x-msedge-ref: Ref A: B52998A39F0C45AF8A1A5E0F6F8F3886 Ref B: LON212050711005 Ref C: 2023-07-25T15:38:58Z
x-officefd: AM4PEPF00010312
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
timing-allow-origin: *, *
expires: -1

OPTIONS
H2 200 /
eu-office.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 182ms
43ms Preflight 20.50.80.210
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-office.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.80.210 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-max-age: 3600
cache-control: public, 3600
content-length: 0
date: Tue, 25 Jul 2023 15:38:58 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

GET
H3 200 suiteux.shell.otellogging.js Show response
res-1.cdn.office.net/officeonline/wv/s/161671941014_App_Scripts/suiteux-shell/js/ Frame 5762 100 KB
31 KB 49ms
49ms Script
application/javascript 2a02:26f0:480:25::1726:6206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/officeonline/wv/s/161671941014_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js

Requested by

Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h52AB33300E29BCE2_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a02:26f0:480:25::1726:6206 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b40f1b5215acbffcc5ae2185d9d44da772e446bd0d96cef2cdb56c09720b313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc: h3=":443"; ma=93600
content-length: 32086
last-modified: Thu, 20 Jul 2023 06:16:30 GMT
x-cdn-provider: Akamai
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.46632617.1690299538.8d7f57c"}],"include_subdomains ":true}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1ebb1d40-301e-0007-6286-bb93f4000000
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control: max-age=630720000
timing-allow-origin: *
quic-version: 0x00000001

GET
DATA 200
OK truncated
/ Frame 5762 2 KB
2 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df

Request headers

Referer
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 5762 18 KB
18 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 363eb907e4a7548d7555687aba0c66d5a4bf5731d8530ee648e49751f13e183e

Request headers

Referer
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H/1.1

200
OK

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1690299538814
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=15&ct=1690299538&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252f...

0
0

274ms
142ms

Image
text/html

40.126.32.74
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=15&ct=1690299538&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
Protocol: HTTP/1.1
Server: 40.126.32.74 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: DB3PPF8B9A625B7
x-qosstats: {"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-asmversion: UNKNOWN; 19.1200.703.2004
date: Tue, 25 Jul 2023 15:38:58 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=15&ct=1690299538&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
x-throwsite: 4212.9205
x-clienterrorcode: PassportAuthFail
ms-cv: nBxkeUGPF0mqykciHiAuVw.0
content-length: 0
x-errorcodechain: Unauthenticated

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.view.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: 8abd472f0f356a4abd82030ccf318ce0836be78f6aa13ec4c729d240ae7aedb2
pnl1-word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
pnl1-word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: ShCLSessionID Value: 1690299538471_0.03438635654324984
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 4c9e866becc74f7cbb1a5bd2b0314b21
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=63539&lt=1690299539&co=1
.login.live.com/	1970-01-20 22:53:15	Name: MSCC Value: 217.138.196.101-UK
.login.live.com/	1969-12-31 23:59:59	Name: MSPOK Value: $uuid-4cd5f26c-a596-464e-ae8f-2949f3855407
.login.live.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.DS6EByWhMGusun9GUF1hCUPuShM5!RT!l4yv6lxvLSyOb0!QdlHVi21NP8BKmwS25oVp1kGuwST377RPjm1nimeO1mmERbDnVozgPnPzl2r5vy0jJezoxIymbJW24uYqlFpZzojK73Zn3loI1m8jAiKy6xlryWtu5kCBpkj9Fs8faSvL!2jnKtb2bXQM822KTbKFBIot6Ki5qBa70fZ!!fssd1iEqmDI!AlHDg4yzyAGBXOeIZIhqlWErWy7BLBQPaGVjKx6O5FbxKM28uVlNNP5LO6DeAollkmW00JwZNov3jY47kcmVuVCZryWidBpiJbPHcQsPDvDZYqEnpfPLcQXdq2pp4pnA*VMUOOlF!qwAv7DmBzLjMZJiLzx2dAanWT2SmJ4lO3gNup6boZ0gqkGoxBNAxGXlFrxT70P

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eu-office.events.data.microsoft.com
euc-word-telemetry.officeapps.live.com
js.live.net
login.live.com
pnl1-word-view.officeapps.live.com
res-1.cdn.office.net
storage.live.com
view.officeapps.live.com
104.77.34.39
20.50.80.210
2603:1063:2000:1::12
2603:1063:2206:14::33
2a02:26f0:480:25::1726:6206
40.126.32.74
40.90.136.179
00a82ae03cfb0e5fdac594bb8144ea242d68cff8a2793a90e1167774373e525b
06a8c0b8b8c30239055e6f518cf9c8a0a48ab8a68fb923db5888aff022d73814
09a1411bf361d3d649f4ff5098e0197510232477bf099872f58f5d1ec483e9af
1e30ddd6bcead13795f46d69665fa79a7dbe5b70b3f770cfcbfc8ae9cdaf78af
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
28b464eb307e45b9599be4e5f4e0a2203fbebf641feb3f523f53b69664e2483e
363eb907e4a7548d7555687aba0c66d5a4bf5731d8530ee648e49751f13e183e
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
3e88f44d724b33bae8b4b848261d3db02f459edd1f4c2cd100bdf5f8bac5dc59
3fe040feea6d1726fde707b6a255fa001cf248aaddad4acf519b7090fb72b821
4aa83fe77752a7c6dc153ea1796b5eec87765e7fc11d4f54d13bf4675307847c
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
52ab33300e29bce2fba7f34cf812da484a92730bfecceffb90c5f02dc5982b1d
53c7cd2a20d21644e2c8cc4edcdc86db44e1b041549b1d4537216c1ff95394c2
5b40f1b5215acbffcc5ae2185d9d44da772e446bd0d96cef2cdb56c09720b313
60a82c06e357c29f34b99def3ed8d8eaae74ca8f44892ca214f1e38c1986363b
61773f3906a5b35ec3f56c05259f9f81ea099afb1696bfeecfb1b2a47449fcd8
65c2588ffcda4f6e049a0e35842354a1c034f507aab2b0cdb7bdbe579cb583a8
8243e5ea3540452b933b423e690c94da38cdca9f47229672255d50e50b5d9bee
83d64374b07bf959237b1b7c7b74ad59a33bdcc49f041b1a6758a714edb75af3
90a177b1ef4d0d25a9670546a3b9515f3a609a7f4fef6904b6e50190360fd006
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
9727095ed1cafd34f5f84add61cd001c5ea4616b195dc6afe5f8d43a1b3c79aa
9744041125c432b7b1cf8a4140da456cb5f339e0c9ff1191b72ca81e0d45e0e0
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df
bd087e3f09585fe6a995574504c9cd8b5974381a923e447f0c1207867586b09b
bec3828c907f157e92740de53428d53a1bbe0a7dfbce05b52dd6c43150aa46d8
c738f9350dc1745d052bf36555a67a0f5bb852b6a85a39412fe67854f8c07616
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
cbac614609e2cba9efe06eebd07dc59ee60d9ab1e927b76f9a0329b71e1c8f81
cc048dd653af9eb0d17a677df6d151ecfeba6b5d989fa12fead66e7c6b07957e
ccfc4fc89ef52346090114af2fd14d883ec8eeab5ec2bc44e0c74b82dafa21dc
d3279f22302aee2877654fe01b2efa2a7113185a8526dcad64f08515fe275dde
d3902bf33429dc27c687c5c003585a3a654cf7a3e58d4033711838e07da5be69
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d9a50c8f358707a05a8ff54757e6cc39375fe64822b8535bb9ecafc2997ff9ed
dd4039f8afac6fd76b462c4fd4f90374b18db762719108491ac2e365196d71ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cff57bf14e896bacf82d10386e1eb9521cd136c0d76aa2ae9f0b98c19afa05
e81ca2badb4bc29ff95403cef5e76b4a364ad720c3d57a28d3920063d60c3cd2
f3a2f6b9887f38022c7c5a7d4915ccd39874965f832f48137bb1bb9b0d2cf294
f4a33785a7b0af8334ff12936e948ab6ebe41a8a6e7037f1b646555bc88a44d6
fcdb27d53552dd06c56059894273710d56081ec3f1d22ae4c9a50693a2272842
fe64a31bc1705ac964ec208e5170465ecab80f4477d0246d6b4b33ee6cbdbd1a

view.officeapps.live.com Open in urlscan Pro 2603:1063:2000:1::12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

95 %HTTPS

43 %IPv6

4 Domains

8 Subdomains

7 IPs

5 Countries

3207 kBTransfer

14160 kBSize

8 Cookies

0 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

view.officeapps.live.com Open in urlscan Pro
2603:1063:2000:1::12 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

95 %
HTTPS

43 %
IPv6

4
Domains

8
Subdomains

7
IPs

5
Countries

3207 kB
Transfer

14160 kB
Size

8
Cookies

62 HTTP transactions
3 data transactions