urlscan.io logo urlscan.io
SecurityTrails logo

view.officeapps.live.com Open in urlscan Pro
2603:1063:2000:1::12  Public Scan

Go To Rescan Add Verdict Report
URL: https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fstatic.s123-cdn-static-d.com%2Fuploads%2F2930990%2Fnormal_6477341...
Submission: On September 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 4 domains to perform 61 HTTP transactions. The main IP is 2603:1063:2000:1::12, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is view.officeapps.live.com. The Cisco Umbrella rank of the primary domain is 21841.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on June 20th 2023. Valid for: a year.
This is the only time view.officeapps.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 2603:1063:200... 8075 (MICROSOFT...)
32 2a02:26f0:310... 20940 (AKAMAI-ASN1)
12 2603:1063:220... 8075 (MICROSOFT...)
1 1 13.105.66.144 8075 (MICROSOFT...)
1 20.190.160.14 8075 (MICROSOFT...)
1 20.50.201.195 8075 (MICROSOFT...)
1 23.210.112.207 16625 (AKAMAI-AS)
61 7
12    2603:1063:2000:1::12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
view.officeapps.live.com
pnl1-word-view.officeapps.live.com
32    2a02:26f0:3100::1725:e2a8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
res-1.cdn.office.net
12    2603:1063:2206:14::45 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
euc-word-telemetry.officeapps.live.com
1    13.105.66.144 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
storage.live.com
1    20.190.160.14 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    20.50.201.195 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eu-office.events.data.microsoft.com
1    23.210.112.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-112-207.deploy.static.akamaitechnologies.com
js.live.net
Apex Domain
Subdomains		 Transfer
32 office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 387
3 MB
26 live.com
view.officeapps.live.com — Cisco Umbrella Rank: 21841
pnl1-word-view.officeapps.live.com — Cisco Umbrella Rank: 159881
euc-word-telemetry.officeapps.live.com — Cisco Umbrella Rank: 9264
storage.live.com — Cisco Umbrella Rank: 137
login.live.com — Cisco Umbrella Rank: 94
292 KB
1 live.net
js.live.net — Cisco Umbrella Rank: 5349
16 KB
1 microsoft.com
eu-office.events.data.microsoft.com — Cisco Umbrella Rank: 1820
61 4
Domain Requested by
32 res-1.cdn.office.net pnl1-word-view.officeapps.live.com
res-1.cdn.office.net
12 euc-word-telemetry.officeapps.live.com pnl1-word-view.officeapps.live.com
res-1.cdn.office.net
11 pnl1-word-view.officeapps.live.com pnl1-word-view.officeapps.live.com
res-1.cdn.office.net
1 js.live.net res-1.cdn.office.net
1 eu-office.events.data.microsoft.com
1 login.live.com
1 storage.live.com 1 redirects
1 view.officeapps.live.com
61 8

This site contains no links.

Subject Issuer Validity Valid
officeapps.live.com
Microsoft Azure TLS Issuing CA 02		 2023-06-20 -
2024-06-14		 a year crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA		 2023-04-17 -
2024-04-17		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2023-06-06 -
2024-05-31		 a year crt.sh
p.sfx.ms
Microsoft Azure TLS Issuing CA 05		 2023-06-14 -
2024-06-08		 a year crt.sh

This page contains 2 frames:

Primary Page: https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fstatic.s123-cdn-static-d.com%2Fuploads%2F2930990%2Fnormal_6477341a1f9f5.docx&wdOrigin=BROWSELINK%22
Frame ID: E8E6F9726642759A79923A8EB4619AB0
Requests: 2 HTTP requests in this frame

Frame: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Frame ID: B2255A2FEB4D2247557C869CEE3B2261
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

normal_6477341a1f9f5.docx

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE

Page Statistics

61
Requests

95 %
HTTPS

43 %
IPv6

4
Domains

8
Subdomains

7
IPs

4
Countries

2890 kB
Transfer

13848 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1693616653060 HTTP 302
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=16&ct=1693616653&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request view.aspx
view.officeapps.live.com/op/ 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fstatic.s123-cdn-static-d.com%2Fuploads%2F2930990%2Fnormal_6477341a1f9f5.docx&wdOrigin=BROWSELINK%22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5401fcb27d6be2c3e02082a9f30b99a626b742656de1470960233bf33147d55f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-type
text/html; charset=utf-8
date
Sat, 02 Sep 2023 01:04:10 GMT
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
1de7231d-db3b-447b-aadc-bd543106d0a9
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest_control
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest_control
x-msedge-ref
Ref A: 22BE26F689EC4E6D977FCD39648EA477 Ref B: FRA231050414023 Ref C: 2023-09-02T01:04:11Z
x-officecluster
PNL1
x-officefd
AM4PEPF00021F10
x-officefe
AM4PEPF000069DF
x-officeversion
16.0.16823.41002
truncated
/ 		695 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
wordviewerframe.aspx
pnl1-word-view.officeapps.live.com/wv/ Frame B225 		97 KB
100 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
87f434012fac5e5ef9fa9a5ee523f529987cfd3185b73ef48290044ddb1c4f70
Security Headers
Name Value
Content-Security-Policy font-src data: 'self' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; media-src blob: *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://view.officeapps.live.com
Referer
https://view.officeapps.live.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-security-policy
font-src data: 'self' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; media-src blob: *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type
text/html; charset=utf-8
date
Sat, 02 Sep 2023 01:04:10 GMT
document-policy
js-profiling
expires
-1
origin-trial
AtAgCmjF9NSDe7WG5+zXddNhpryHIhWvHG5BxTAcMRn1V9oswBhX2RSXHeDxLcwXMB/NYHr3BAXOBJJY1ita2BAAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNzAzOTgwODAwfQ==
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
reporting-endpoints
default="https://pnl1-word-view.officeapps.live.com/wv/BrowserReportingHandler.ashx"
server-timing
prerender;dur=0,render;dur=0,total;dur=0
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
7a1fd676-74ca-4360-8a60-48b755d80b28
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest
x-msedge-ref
Ref A: 7D12849D6B594A509991ABFD412410C1 Ref B: FRA231050414023 Ref C: 2023-09-02T01:04:11Z
x-officecluster
PNL1
x-officefd
AM4PEPF00012931
x-officefe
AM4PEPF00012931
x-officeversion
16.0.16829.41007
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
WordViewer.css
res-1.cdn.office.net/officeonline/wv/s/hBEC3828C907F157E_resources/1031/ Frame B225 		273 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/hBEC3828C907F157E_resources/1031/WordViewer.css
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bec3828c907f157e92740de53428d53a1bbe0a7dfbce05b52dd6c43150aa46d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pnl1-word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
34025
last-modified
Thu, 20 Apr 2023 16:27:13 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616651.8b92a28"}],"include_subdomains ":true}
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
c132df6f-001e-0041-3fcd-bea773000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
clientManifest.js
res-1.cdn.office.net/officeonline/wv/s/h70EAE60710D17EFE_resources/de-DE/ Frame B225 		199 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/h70EAE60710D17EFE_resources/de-DE/clientManifest.js
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
70eae60710d17efe99bf219ed059eb13f30af5eb565350ff512056fcc2a8e23b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 29 Aug 2023 17:09:43 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616651.8b92a2b"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
52329647-f01e-006a-0c48-dc27bf000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
content-length
52325
MicrosoftAjaxDS.js
res-1.cdn.office.net/officeonline/wv/s/h60A82C06E357C29F_App_Scripts/ Frame B225 		123 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/h60A82C06E357C29F_App_Scripts/MicrosoftAjaxDS.js
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
60a82c06e357c29f34b99def3ed8d8eaae74ca8f44892ca214f1e38c1986363b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 01 May 2023 00:13:20 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616651.8b92a2c"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ecd4eacb-e01e-0014-4960-dbb7f8000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
content-length
27797
CommonIntl.js
res-1.cdn.office.net/officeonline/wv/s/h64909810A5BFE5AF_App_Scripts/1031/ Frame B225 		206 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/h64909810A5BFE5AF_App_Scripts/1031/CommonIntl.js
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
582a5a7a34147bca22d96170d437ae3e44ec1716b7aaf76fcaf5a49dbb6e8ae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sun, 27 Aug 2023 14:54:08 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616651.8b92a2d"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bdd3e9f1-701e-0016-1675-da0940000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
content-length
40480
Compat.js
res-1.cdn.office.net/officeonline/wv/s/hCBA89239522795D5_App_Scripts/ Frame B225 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/hCBA89239522795D5_App_Scripts/Compat.js
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Apr 2023 08:44:38 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616651.8b92a3c"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b9280896-f01e-0045-242f-dc2a74000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
content-length
1373
wac-wordviewer-strings.min.js
res-1.cdn.office.net/officeonline/wv/s/hAEE0193D9099F1AA_App_Scripts/1031/ Frame B225 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/hAEE0193D9099F1AA_App_Scripts/1031/wac-wordviewer-strings.min.js
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
aee0193d9099f1aa39256bacfeb4f0ee8e6022395b1ca5bc26ab9afa89936265
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Apr 2023 08:46:28 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616651.8b92a3d"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
efffcc86-f01e-0027-0fff-dce853000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
content-length
4317
word-app-intl.min.js
res-1.cdn.office.net/officeonline/wv/s/h16C484AB48C430EA_App_Scripts/1031/ Frame B225 		577 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/h16C484AB48C430EA_App_Scripts/1031/word-app-intl.min.js
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
16c484ab48c430ea637d449e790541e3df7ef13a302ac4c2584e9bd208921230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
89623
last-modified
Tue, 29 Aug 2023 11:05:42 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616651.8b92a29"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7d8290ee-601e-000a-156c-db5b20000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
appResourceLoader.min.js
res-1.cdn.office.net/officeonline/wv/s/h360F6AA9F0180A1D_App_Scripts/exp/ Frame B225 		25 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/h360F6AA9F0180A1D_App_Scripts/exp/appResourceLoader.min.js
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
360f6aa9f0180a1dc1940ec6299d7a7365d69a72e8c1e93487f6cea693e7d84a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 29 Aug 2023 11:05:50 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616651.8b92a2a"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dca55153-201e-0034-0860-dbcc5f000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
content-length
4360
WordViewerDS.js
res-1.cdn.office.net/officeonline/wv/s/h8F91857F6BD6B5DB_App_Scripts/ Frame B225 		3 MB
499 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/h8F91857F6BD6B5DB_App_Scripts/WordViewerDS.js
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8f91857f6bd6b5db45ed435b22ccbedf880f7c2de0578fcca5ced8d31e930ef7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 29 Aug 2023 15:04:32 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616651.8b92a3e"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2b32f1a8-d01e-000f-3df6-da89fb000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
content-length
510195
RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16829.41007&waccluster=PNL1&usid=7a1fd676-74ca-4360-8a60-48b755d80b28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2206:14::45 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-browserulsbeacon,x-usersessionid
Access-Control-Request-Method
POST
Origin
https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://pnl1-word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age
86400
cache-control
private
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 02 Sep 2023 01:04:10 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
x-correlationid
ec209f40-664d-4a9b-9c3e-804c9c2c2b8a
x-officecluster
PGTEU2
x-officefd
DB3PEPF000077F7
x-officefe
DB3PEPF000077F7
x-officeversion
16.0.16831.41005
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame B225 		0
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16829.41007&waccluster=PNL1&usid=7a1fd676-74ca-4360-8a60-48b755d80b28
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2206:14::45 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
X-UserSessionId
7a1fd676-74ca-4360-8a60-48b755d80b28
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
X-BrowserUlsBeacon
[{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"},{"Index":1,"MsSinceStart":0,"Value":"https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9","Type":"Referrer"}]

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Sep 2023 01:04:10 GMT
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion
16.0.16831.41005
x-officefe
DB3PEPF000077F7
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
content-length
0
x-correlationid
203f95b2-1a19-49fa-a1cc-0d5cdb03e93d
server
Microsoft-IIS/10.0
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
x-officecluster
PGTEU2
x-download-options
noopen
x-officefd
DB3PEPF000077F7
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type
text/plain
access-control-allow-origin
https://pnl1-word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame B225 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token=1&access_token_ttl=0&z=1f78031a49b234d790f1a9991668f6fb9f064de85f26ee1f3b36b00a56b23f5c&v=00000000-0000-0000-0000-000000000802&usid=7a1fd676-74ca-4360-8a60-48b755d80b28&splashscreen=1&build=16.0.16829.41007&waccluster=PNL1
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bc21864de5cd4d1c764bf1b0138d989b2594c2aa008dbafaed4b834b44b36175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Sep 2023 01:04:11 GMT
x-content-type-options
nosniff
x-wacfrontend
AM4PEPF000069E4
x-officeversion
16.0.16830.41006
x-officefe
AM4PEPF000069E4
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4,5e4w=afd_excelslicetest
content-length
53636
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4,afd_excelslicetest
x-correlationid
c3877274-b728-4f7f-a0d0-7ddf89835d53
x-officecluster
PNL1
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
x-msedge-ref
Ref A: 8E3D01E0126D42DE97D161F57811BFBB Ref B: FRA231050414023 Ref C: 2023-09-02T01:04:11Z
x-officefd
AM4PEPF000069E4
etag
"WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token=1&access_token_ttl=0&z=1f78031a49b234d790f1a9991668f6fb9f064de85f26ee1f3b36b00a56b23f5c00000000-0000-0000-0000-000000000802p1.img"
x-download-options
noopen
content-type
image/png
cache-control
private
timing-allow-origin
*
expires
Sun, 01 Sep 2024 01:04:11 GMT
RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame B225 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16829.41007&waccluster=PNL1&usid=7a1fd676-74ca-4360-8a60-48b755d80b28
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2206:14::45 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
X-UserSessionId
7a1fd676-74ca-4360-8a60-48b755d80b28
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
X-BrowserUlsBeacon
[{"Index":1,"MsSinceStart":106,"Value":"https://res-1.cdn.office.net:443/officeonline/wv/s/hBEC3828C907F157E_resources/1031/WordViewer.css","Type":"ResourceDownloadSuccess"},{"Index":2,"MsSinceStart":107,"Value":"{'k':[{'e': 4,'n':'BBISS'}]}","Type":"Kpi"},{"Index":3,"MsSinceStart":145,"Value":"https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9","Type":"Referrer"}]

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Sep 2023 01:04:10 GMT
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion
16.0.16831.41005
x-officefe
DB3PEPF000077F7
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
content-length
0
x-correlationid
c51190e0-abf3-42be-aed9-1a87f2ce63fa
server
Microsoft-IIS/10.0
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
x-officecluster
PGTEU2
x-download-options
noopen
x-officefd
DB3PEPF000077F7
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type
text/plain
access-control-allow-origin
https://pnl1-word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16829.41007&waccluster=PNL1&usid=7a1fd676-74ca-4360-8a60-48b755d80b28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2206:14::45 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-browserulsbeacon,x-usersessionid
Access-Control-Request-Method
POST
Origin
https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://pnl1-word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age
86400
cache-control
private
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 02 Sep 2023 01:04:10 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
x-correlationid
1dc3b14b-4cc7-42b7-b100-08a2a63ea484
x-officecluster
PGTEU2
x-officefd
DB3PEPF000077F7
x-officefe
DB3PEPF000077F7
x-officeversion
16.0.16831.41005
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
sharedheaderplaceholder-icons.woff
res-1.cdn.office.net/officeonline/wv/s/h09A1411BF361D3D6_App_Scripts/fonts/ Frame B225 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/h09A1411BF361D3D6_App_Scripts/fonts/sharedheaderplaceholder-icons.woff
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09a1411bf361d3d649f4ff5098e0197510232477bf099872f58f5d1ec483e9af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Apr 2023 08:44:32 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616651.8b92a82"}],"include_subdomains ":true}
content-type
application/font-woff
access-control-allow-origin
*
x-ms-request-id
9c643e58-001e-0041-5bfc-70a773000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
2944
quic-version
0x00000001
RemoteTelemetry.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame B225 		0
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-word-view.officeapps.live.com/wv/RemoteTelemetry.ashx?usid=7a1fd676-74ca-4360-8a60-48b755d80b28&build=16.0.16829.41007&waccluster=PNL1
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h8F91857F6BD6B5DB_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Sep 2023 01:04:11 GMT
x-content-type-options
nosniff
x-officeversion
16.0.16829.41007
x-officefe
AM4PEPF000131E3
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest_control
content-length
0
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_pptcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest_control
x-correlationid
ecdd8d5a-abc6-489d-a02a-d6145d2a6d5d
x-officecluster
PNL1
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
x-msedge-ref
Ref A: 7E7A281BC1304AACA999303C15F2302F Ref B: FRA231050414023 Ref C: 2023-09-02T01:04:11Z
x-download-options
noopen
access-control-allow-origin
https://pnl1-word-view.officeapps.live.com
cache-control
private
timing-allow-origin
*
docdatahandler.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame B225 		446 B
846 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token=1&access_token_ttl=0&z=1f78031a49b234d790f1a9991668f6fb9f064de85f26ee1f3b36b00a56b23f5c&type=png&o15=1&ui=de-DE
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h60A82C06E357C29F_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
043ecb17a77d3c98d7903690fd7790358064beffebe7f78055b982f09cd4dc57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
6
X-WacFrontEnd
AM4PEPF00012931
X-UserSessionId
7a1fd676-74ca-4360-8a60-48b755d80b28
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.16829.41007
X-Key
FELH+Ew2rBw2eEZRVaUHOYx1a8z0bwEUEKNAx4KDtZs=,638292134516150654
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Referer
https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 02 Sep 2023 01:04:11 GMT
x-wacfrontend
AM4PEPF00012931
x-officeversion
16.0.16829.41007
x-powered-by
ARR/3.0
x-officefe
AM4PEPF00012931
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4,5e4w=afd_excelslicetest
content-length
418
x-msedge-features
typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4,afd_excelslicetest
x-routed-to-target-server-path
WAC_WFE_AFFINITY_TARGET_URL
x-correlationid
a9af8284-a749-4289-ba72-8a21560ec611, a9af8284-a749-4289-ba72-8a21560ec611
x-officecluster
PNL1
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28, 7a1fd676-74ca-4360-8a60-48b755d80b28
x-msedge-ref
Ref A: 62CED47D1A39462599D55210307FF223 Ref B: FRA231050414023 Ref C: 2023-09-02T01:04:12Z
x-officefd
AM4PEPF000131EA
x-download-options
noopen
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
cache-control
private
timing-allow-origin
*, *
expires
Sun, 01 Sep 2024 01:04:12 GMT
wacairspaceanimationlibrary.js
res-1.cdn.office.net/officeonline/wv/s/hDD4039F8AFAC6FD7_App_Scripts/ Frame B225 		41 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/hDD4039F8AFAC6FD7_App_Scripts/wacairspaceanimationlibrary.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h8F91857F6BD6B5DB_App_Scripts/WordViewerDS.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dd4039f8afac6fd76b462c4fd4f90374b18db762719108491ac2e365196d71ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
6113
last-modified
Tue, 11 Apr 2023 08:44:33 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92af8"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
783fc6ad-e01e-002b-09b4-dc7f5b000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
segoeui.woff
res-1.cdn.office.net/officeonline/wv/s/hBEC3828C907F157E_resources/1031/ Frame B225 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/hBEC3828C907F157E_resources/1031/segoeui.woff
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/hBEC3828C907F157E_resources/1031/WordViewer.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://res-1.cdn.office.net/officeonline/wv/s/hBEC3828C907F157E_resources/1031/WordViewer.css
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 20 Apr 2023 16:27:12 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92afd"}],"include_subdomains ":true}
content-type
application/font-woff
access-control-allow-origin
*
x-ms-request-id
3749081e-a01e-0067-0168-76ef6b000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
22720
quic-version
0x00000001
RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16829.41007&waccluster=PNL1&usid=7a1fd676-74ca-4360-8a60-48b755d80b28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2206:14::45 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-browserulsbeacon,x-usersessionid
Access-Control-Request-Method
POST
Origin
https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://pnl1-word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age
86400
cache-control
private
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 02 Sep 2023 01:04:11 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
x-correlationid
30c1219d-bbdf-4039-a2ee-cfded40ee40d
x-officecluster
PGTEU2
x-officefd
DB3PEPF000077F7
x-officefe
DB3PEPF000077F7
x-officeversion
16.0.16831.41005
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame B225 		0
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16829.41007&waccluster=PNL1&usid=7a1fd676-74ca-4360-8a60-48b755d80b28
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2206:14::45 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
X-UserSessionId
7a1fd676-74ca-4360-8a60-48b755d80b28
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
X-BrowserUlsBeacon
[{"Index":3,"MsSinceStart":323,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"},{"Index":4,"MsSinceStart":356,"Value":"https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9","Type":"Referrer"}]

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Sep 2023 01:04:11 GMT
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion
16.0.16831.41005
x-officefe
DB3PEPF000077F7
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
content-length
0
x-correlationid
e7ca4fee-7727-441b-a3a7-725e3be3ed9c
server
Microsoft-IIS/10.0
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
x-officecluster
PGTEU2
x-download-options
noopen
x-officefd
DB3PEPF000077F7
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type
text/plain
access-control-allow-origin
https://pnl1-word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
07f640b1-7647-46b9-83a2-ccd1065b8895
https://pnl1-word-view.officeapps.live.com/ Frame B225 		191 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://pnl1-word-view.officeapps.live.com/07f640b1-7647-46b9-83a2-ccd1065b8895
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65c2588ffcda4f6e049a0e35842354a1c034f507aab2b0cdb7bdbe579cb583a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length
191
Content-Type
application/javascript
RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16829.41007&waccluster=PNL1&usid=7a1fd676-74ca-4360-8a60-48b755d80b28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2206:14::45 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-browserulsbeacon,x-usersessionid
Access-Control-Request-Method
POST
Origin
https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://pnl1-word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age
86400
cache-control
private
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 02 Sep 2023 01:04:11 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
x-correlationid
7c9890c7-0075-47da-92b8-33f7f71f8e75
x-officecluster
PGTEU2
x-officefd
DB3PEPF000077F7
x-officefe
DB3PEPF000077F7
x-officeversion
16.0.16831.41005
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame B225 		0
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16829.41007&waccluster=PNL1&usid=7a1fd676-74ca-4360-8a60-48b755d80b28
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2206:14::45 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
X-UserSessionId
7a1fd676-74ca-4360-8a60-48b755d80b28
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
X-BrowserUlsBeacon
[{"Index":4,"MsSinceStart":557,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"},{"Index":5,"MsSinceStart":557,"Value":"https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9","Type":"Referrer"}]

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Sep 2023 01:04:11 GMT
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion
16.0.16831.41005
x-officefe
DB3PEPF000077F7
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
content-length
0
x-correlationid
5b2a642d-8bf5-4dfb-a085-0568f7659925
server
Microsoft-IIS/10.0
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
x-officecluster
PGTEU2
x-download-options
noopen
x-officefd
DB3PEPF000077F7
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type
text/plain
access-control-allow-origin
https://pnl1-word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
WordViewerDS.dll1.js
res-1.cdn.office.net/officeonline/wv/s/h6E85AE0F223E4697_App_Scripts/ Frame B225 		853 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/h6E85AE0F223E4697_App_Scripts/WordViewerDS.dll1.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h8F91857F6BD6B5DB_App_Scripts/WordViewerDS.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6e85ae0f223e46979db9b709a2a854baeeac28d10a61a44c142a711db670348a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
146232
last-modified
Tue, 29 Aug 2023 15:03:40 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92ba5"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
74fbeb47-901e-0021-7ff8-dadbec000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
progress.gif
res-1.cdn.office.net/officeonline/wv/s/hA3596C17DAD9A003_resources/1031/ Frame B225 		695 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/hA3596C17DAD9A003_resources/1031/progress.gif
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pnl1-word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Apr 2023 08:46:02 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92bb6"}],"include_subdomains ":true}
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
ffc07f61-101e-0000-22cc-71ff97000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
695
quic-version
0x00000001
ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame B225 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=7a1fd676-74ca-4360-8a60-48b755d80b28&build=16.0.16829.41007&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token=1&access_token_ttl=0&z=1f78031a49b234d790f1a9991668f6fb9f064de85f26ee1f3b36b00a56b23f5c&waccluster=PNL1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bc21864de5cd4d1c764bf1b0138d989b2594c2aa008dbafaed4b834b44b36175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Sep 2023 01:04:11 GMT
x-content-type-options
nosniff
x-wacfrontend
AM4PEPF000131F1
x-officeversion
16.0.16830.41006
x-officefe
AM4PEPF000131F1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest
content-length
53636
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest
x-correlationid
cf247bce-3cf8-4ea9-ac00-cf4d8875c9fc
x-officecluster
PNL1
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
x-msedge-ref
Ref A: 0E1C69F351FC47F1A70850A77BDECF7D Ref B: FRA231050414023 Ref C: 2023-09-02T01:04:12Z
x-officefd
AM4PEPF000131F1
etag
"WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token=1&access_token_ttl=0&z=1f78031a49b234d790f1a9991668f6fb9f064de85f26ee1f3b36b00a56b23f5c00000000-0000-0000-0000-000000000802p1.img"
x-download-options
noopen
content-type
image/png
cache-control
private
timing-allow-origin
*
expires
Sun, 01 Sep 2024 01:04:12 GMT
ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame B225 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=7a1fd676-74ca-4360-8a60-48b755d80b28&build=16.0.16829.41007&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token=1&access_token_ttl=0&z=1f78031a49b234d790f1a9991668f6fb9f064de85f26ee1f3b36b00a56b23f5c&waccluster=PNL1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c85868c2dfd80bf1202e680529fbb3434b282cd12a2dbd3a62dcea01ae8d4134
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Sep 2023 01:04:11 GMT
x-content-type-options
nosniff
x-wacfrontend
AM4PEPF000069E1
x-officeversion
16.0.16830.41006
x-officefe
AM4PEPF000069E1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest_control
content-length
13981
x-msedge-features
typeheadertest,afd_waccluster,afd_pptcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest_control
x-correlationid
7314df0a-1599-4d6d-8268-c80101764e7e
x-officecluster
PNL1
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
x-msedge-ref
Ref A: DED07F29FF69464C9BC19C254CDE9845 Ref B: FRA231050414023 Ref C: 2023-09-02T01:04:12Z
x-officefd
AM4PEPF000069E1
etag
"WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token=1&access_token_ttl=0&z=1f78031a49b234d790f1a9991668f6fb9f064de85f26ee1f3b36b00a56b23f5c00000000-0000-0000-0000-000000000802p2.img"
x-download-options
noopen
content-type
image/png
cache-control
private
timing-allow-origin
*
expires
Sun, 01 Sep 2024 01:04:12 GMT
ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame B225 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p3.img&v=00000000-0000-0000-0000-000000000802&usid=7a1fd676-74ca-4360-8a60-48b755d80b28&build=16.0.16829.41007&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token=1&access_token_ttl=0&z=1f78031a49b234d790f1a9991668f6fb9f064de85f26ee1f3b36b00a56b23f5c&waccluster=PNL1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1b13c49d380a50313d85fc2a113a2ffe43ae66042cbfc3ffca02728eddfa2e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Sep 2023 01:04:11 GMT
x-content-type-options
nosniff
x-wacfrontend
AM4PEPF00010310
x-officeversion
16.0.16830.41006
x-officefe
AM4PEPF00010310
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4,5e4w=afd_excelslicetest
content-length
17014
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4,afd_excelslicetest
x-correlationid
8145f0b6-00e2-41fe-8823-14812077ad59
x-officecluster
PNL1
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
x-msedge-ref
Ref A: 834053BEAE7B4F85AB90C4A51B8AA6F4 Ref B: FRA231050414023 Ref C: 2023-09-02T01:04:12Z
x-officefd
AM4PEPF00010310
etag
"WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token=1&access_token_ttl=0&z=1f78031a49b234d790f1a9991668f6fb9f064de85f26ee1f3b36b00a56b23f5c00000000-0000-0000-0000-000000000802p3.img"
x-download-options
noopen
content-type
image/png
cache-control
private
timing-allow-origin
*
expires
Sun, 01 Sep 2024 01:04:12 GMT
ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame B225 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p4.img&v=00000000-0000-0000-0000-000000000802&usid=7a1fd676-74ca-4360-8a60-48b755d80b28&build=16.0.16829.41007&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token=1&access_token_ttl=0&z=1f78031a49b234d790f1a9991668f6fb9f064de85f26ee1f3b36b00a56b23f5c&waccluster=PNL1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
92508bf4f7ebd0ef1d9c1dd3f3d0d803ddf4618a09d6c3dee6629b551ca18d2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Sep 2023 01:04:11 GMT
x-content-type-options
nosniff
x-wacfrontend
AM4PEPF00006A1C
x-officeversion
16.0.16829.41007
x-officefe
AM4PEPF00006A1C
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4,5e4w=afd_excelslicetest
content-length
22499
x-msedge-features
typeheadertest,afd_waccluster,afd_onenoteslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4,afd_excelslicetest
x-correlationid
5be7db32-d697-4c05-a24d-70f2b21aff14
x-officecluster
PNL1
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
x-msedge-ref
Ref A: C89FBFDE6B57401B99BFADE0CCD2C6E7 Ref B: FRA231050414023 Ref C: 2023-09-02T01:04:12Z
x-officefd
AM4PEPF00006A1C
etag
"WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token=1&access_token_ttl=0&z=1f78031a49b234d790f1a9991668f6fb9f064de85f26ee1f3b36b00a56b23f5c00000000-0000-0000-0000-000000000802p4.img"
x-download-options
noopen
content-type
image/png
cache-control
private
timing-allow-origin
*
expires
Sun, 01 Sep 2024 01:04:12 GMT
RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16829.41007&waccluster=PNL1&usid=7a1fd676-74ca-4360-8a60-48b755d80b28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2206:14::45 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
haep,x-accesstoken,x-accesstokenttl,x-buls-suppressionetag,x-key,x-officeversion,x-requested-with,x-usersessionid,x-usertype,x-waccluster,x-wacfrontend,x-xhr
Access-Control-Request-Method
POST
Origin
https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://pnl1-word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age
86400
cache-control
private
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 02 Sep 2023 01:04:11 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
x-correlationid
b523198c-4147-4427-b35b-8e841acd870a
x-officecluster
PGTEU2
x-officefd
DB3PEPF000077F7
x-officefe
DB3PEPF000077F7
x-officeversion
16.0.16831.41005
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
RemoteTelemetry.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame B225 		0
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-word-view.officeapps.live.com/wv/RemoteTelemetry.ashx?usid=7a1fd676-74ca-4360-8a60-48b755d80b28&build=16.0.16829.41007&waccluster=PNL1
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h8F91857F6BD6B5DB_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Sep 2023 01:04:11 GMT
x-content-type-options
nosniff
x-officeversion
16.0.16829.41007
x-officefe
AM4PEPF00012931
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control,5e4w=afd_excelslicetest_control
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control,afd_excelslicetest_control
x-correlationid
17771961-8361-472e-b4c7-2df5dbcdea0e
x-officecluster
PNL1
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
x-msedge-ref
Ref A: B8434828F1FF4163B363B1461078AD60 Ref B: FRA231050414023 Ref C: 2023-09-02T01:04:12Z
x-download-options
noopen
access-control-allow-origin
https://pnl1-word-view.officeapps.live.com
cache-control
private
timing-allow-origin
*
RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame B225 		0
120 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16829.41007&waccluster=PNL1&usid=7a1fd676-74ca-4360-8a60-48b755d80b28
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h8F91857F6BD6B5DB_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2206:14::45 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

X-WacFrontEnd
AM4PEPF00012931
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.16829.41007
X-Key
FELH+Ew2rBw2eEZRVaUHOYx1a8z0bwEUEKNAx4KDtZs=,638292134516150654
X-bULS-SuppressionETag
AF516587B2EFAD678693BC4E4667D19E4F43E0CA
X-Requested-With
Fetch
X-xhr
1
haep
6
X-AccessToken
1
X-AccessTokenTtl
0
X-UserSessionId
7a1fd676-74ca-4360-8a60-48b755d80b28
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://pnl1-word-view.officeapps.live.com/
X-UserType
WOPI
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Sep 2023 01:04:11 GMT
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion
16.0.16831.41005
x-officefe
DB3PEPF000077F7
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
AF516587B2EFAD678693BC4E4667D19E4F43E0CA
cross-origin-resource-policy
cross-origin
content-disposition
attachment
content-length
0
x-correlationid
7eb7f93a-9a5c-4a73-a862-6e5797ff7b66
server
Microsoft-IIS/10.0
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
x-officecluster
PGTEU2
x-download-options
noopen
x-officefd
DB3PEPF000077F7
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type
text/plain
access-control-allow-origin
https://pnl1-word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
word-app-intl.min.js
res-1.cdn.office.net/officeonline/wv/s/161682941007_App_Scripts/1031/ Frame B225 		577 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/161682941007_App_Scripts/1031/word-app-intl.min.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h360F6AA9F0180A1D_App_Scripts/exp/appResourceLoader.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
16c484ab48c430ea637d449e790541e3df7ef13a302ac4c2584e9bd208921230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
89623
last-modified
Tue, 29 Aug 2023 17:08:32 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92bf7"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
843199fd-b01e-0036-23f6-da72e7000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
common.min.js
res-1.cdn.office.net/officeonline/wv/s/hBBBC09C04ED406DA_App_Scripts/exp/ Frame B225 		2 MB
318 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/hBBBC09C04ED406DA_App_Scripts/exp/common.min.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h360F6AA9F0180A1D_App_Scripts/exp/appResourceLoader.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bbbc09c04ed406da054c6aab5b96b721a7d23c5188a0310d0937b5f16357c75a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
325429
last-modified
Tue, 29 Aug 2023 11:05:59 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92bf9"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8a9bea6c-a01e-0015-78f6-dae824000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
appChrome.min.js
res-1.cdn.office.net/officeonline/wv/s/hF81AA7D8E2D9F082_App_Scripts/exp/ Frame B225 		329 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/hF81AA7D8E2D9F082_App_Scripts/exp/appChrome.min.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h360F6AA9F0180A1D_App_Scripts/exp/appResourceLoader.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f81aa7d8e2d9f0822ab5d0d68ef995e5a14ee85726c375dcf6fbf885ab09115d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
64045
last-modified
Tue, 29 Aug 2023 11:05:57 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92bfa"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4a90cda9-a01e-0005-38f6-da2d4c000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
progress.gif
res-1.cdn.office.net/officeonline/wv/s/hA3596C17DAD9A003_resources/1031/ Frame B225 		695 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/hA3596C17DAD9A003_resources/1031/progress.gif
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h8F91857F6BD6B5DB_App_Scripts/WordViewerDS.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pnl1-word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Apr 2023 08:46:02 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92c0e"}],"include_subdomains ":true}
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
ffc07f61-101e-0000-22cc-71ff97000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
695
quic-version
0x00000001
wv.png
res-1.cdn.office.net/officeonline/wv/s/161682941007_resources/1031/ Frame B225 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/161682941007_resources/1031/wv.png
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pnl1-word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 29 Aug 2023 17:08:50 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92c11"}],"include_subdomains ":true}
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
4619bac6-801e-0012-06f6-da8447000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
35196
quic-version
0x00000001
progress16.gif
res-1.cdn.office.net/officeonline/wv/s/h38E88B6AF6C65319_resources/1031/ Frame B225 		668 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/h38E88B6AF6C65319_resources/1031/progress16.gif
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pnl1-word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Apr 2023 08:44:52 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92c12"}],"include_subdomains ":true}
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
5f8d02d2-e01e-0066-7ccc-71b0b7000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
668
quic-version
0x00000001
RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame B225 		0
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16829.41007&waccluster=PNL1&usid=7a1fd676-74ca-4360-8a60-48b755d80b28
Requested by
Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2206:14::45 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
X-UserSessionId
7a1fd676-74ca-4360-8a60-48b755d80b28
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
X-BrowserUlsBeacon
[{"Index":5,"MsSinceStart":608,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"},{"Index":6,"MsSinceStart":683,"Value":"https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9","Type":"Referrer"}]

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Sep 2023 01:04:11 GMT
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion
16.0.16831.41005
x-officefe
DB3PEPF000077F7
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
content-length
0
x-correlationid
463c3d80-114b-4838-b055-3386fb94094c
server
Microsoft-IIS/10.0
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
x-officecluster
PGTEU2
x-download-options
noopen
x-officefd
DB3PEPF000077F7
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type
text/plain
access-control-allow-origin
https://pnl1-word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16829.41007&waccluster=PNL1&usid=7a1fd676-74ca-4360-8a60-48b755d80b28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2206:14::45 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-browserulsbeacon,x-usersessionid
Access-Control-Request-Method
POST
Origin
https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://pnl1-word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age
86400
cache-control
private
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 02 Sep 2023 01:04:11 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
x-correlationid
b3f07a18-95e0-4391-93ee-683053c096b4
x-officecluster
PGTEU2
x-officefd
DB3PEPF000077F7
x-officefe
DB3PEPF000077F7
x-officeversion
16.0.16831.41005
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28
common50.min.js
res-1.cdn.office.net/officeonline/wv/s/h4080BDE156A82B3B_App_Scripts/exp/ Frame B225 		2 MB
451 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/h4080BDE156A82B3B_App_Scripts/exp/common50.min.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h360F6AA9F0180A1D_App_Scripts/exp/appResourceLoader.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4080bde156a82b3b6a60faf7f1e5c40e07e7100abd2206604bc7a943daa6fc5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
461323
last-modified
Tue, 29 Aug 2023 15:04:23 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92c88"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b3860070-b01e-0019-575f-db7f2c000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
appChromeLazy.min.js
res-1.cdn.office.net/officeonline/wv/s/h04ECFE3F2B091710_App_Scripts/exp/ Frame B225 		661 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/h04ECFE3F2B091710_App_Scripts/exp/appChromeLazy.min.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h360F6AA9F0180A1D_App_Scripts/exp/appResourceLoader.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
04ecfe3f2b091710fc298291dcdbd6efaf18c5f211c00e5e0531ddde00a1869e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
134922
last-modified
Tue, 29 Aug 2023 11:05:51 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92c89"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b10f1a91-601e-0025-7dfb-da56eb000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
segoeui-semibold.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/ Frame B225 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 14 Dec 2022 21:53:31 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92c8d"}],"include_subdomains ":true}
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
346b9e01-101e-004d-7550-14307b000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
31824
quic-version
0x00000001
ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame B225 		87 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=7a1fd676-74ca-4360-8a60-48b755d80b28&build=16.0.16829.41007&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token=1&access_token_ttl=0&z=1f78031a49b234d790f1a9991668f6fb9f064de85f26ee1f3b36b00a56b23f5c&waccluster=PNL1
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h60A82C06E357C29F_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
8a010d2b7364fdc204f787602f75ba08794e312709e34cbbe4a17d091e36f3d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
6
X-WacFrontEnd
AM4PEPF00012931
X-UserSessionId
7a1fd676-74ca-4360-8a60-48b755d80b28
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.16829.41007
X-Key
FELH+Ew2rBw2eEZRVaUHOYx1a8z0bwEUEKNAx4KDtZs=,638292134516150654
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Referer
https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 02 Sep 2023 01:04:11 GMT
x-wacfrontend
AM4PEPF00012931
x-officeversion
16.0.16829.41007
x-powered-by
ARR/3.0
x-officefe
AM4PEPF00012931
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest_control
content-length
21886
x-msedge-features
typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest_control
x-routed-to-target-server-path
WAC_WFE_AFFINITY_TARGET_URL
x-correlationid
eb8ecae0-88b2-47fd-8413-d9d326293705, eb8ecae0-88b2-47fd-8413-d9d326293705
x-officecluster
PNL1
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28, 7a1fd676-74ca-4360-8a60-48b755d80b28
x-msedge-ref
Ref A: 6EE6AD7D5C434A6C8E8AEB402115C8F9 Ref B: FRA231050414023 Ref C: 2023-09-02T01:04:12Z
x-officefd
AM4PEPF000069E4
etag
"WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token=1&access_token_ttl=0&z=1f78031a49b234d790f1a9991668f6fb9f064de85f26ee1f3b36b00a56b23f5c00000000-0000-0000-0000-000000000802p_1_10.xml"
x-download-options
noopen
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
cache-control
private
timing-allow-origin
*, *
expires
Sun, 01 Sep 2024 01:04:12 GMT
word-app-intl-lazy.min.js
res-1.cdn.office.net/officeonline/wv/s/h715168485B00A2A6_App_Scripts/1031/ Frame B225 		792 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/h715168485B00A2A6_App_Scripts/1031/word-app-intl-lazy.min.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h8F91857F6BD6B5DB_App_Scripts/WordViewerDS.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
715168485b00a2a61aba23719f5b969d3f0119bf44dd00ce1c40ae08f4520c66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
104274
last-modified
Sat, 12 Aug 2023 05:59:39 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92cb9"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ca93fe6e-d01e-0052-0a7f-da837f000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
uiSlice20.min.js
res-1.cdn.office.net/officeonline/wv/s/h72FA107F513F53DE_App_Scripts/exp/ Frame B225 		1 MB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/h72FA107F513F53DE_App_Scripts/exp/uiSlice20.min.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h360F6AA9F0180A1D_App_Scripts/exp/appResourceLoader.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
72fa107f513f53dec39aa00430f9c7703d3eb89197fe57221ccc175afd9db231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
216737
last-modified
Tue, 29 Aug 2023 11:05:59 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92cc3"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dc7c3c36-101e-004d-33fb-da307b000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
de-de
res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/ Frame B225 		25 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/de-de
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h04ECFE3F2B091710_App_Scripts/exp/appChromeLazy.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f9eee35a8207c786ef8787f2f922457c7177f4dc80574cef1b3f4e2a630723e2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pnl1-word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=2592000, max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 02 Sep 2023 01:04:12 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
5125
pragma
no-cache
x-cdn-provider
Akamai
vary
Accept-Encoding
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92d03"}],"include_subdomains ":true}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=300
timing-allow-origin
*
x-o365suiteuxshell-correlationid
d279888d-27f5-4693-b782-2b3ecbe8f6a6
quic-version
0x00000001
shellstrings.json
res-1.cdn.office.net/officeonline/wv/s/161682941007_App_Scripts/suiteux-shell/strings/de/ Frame B225 		15 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/161682941007_App_Scripts/suiteux-shell/strings/de/shellstrings.json
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h04ECFE3F2B091710_App_Scripts/exp/appChromeLazy.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
521663857e258e41e6ff21dc41aabc1fcb810000b54584519ef5f0cbda4bb2e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pnl1-word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
4612
last-modified
Tue, 29 Aug 2023 17:09:57 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92d3e"}],"include_subdomains ":true}
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cb870f96-401e-001d-1401-dbf22b000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
suiteux.shell.core.js
res-1.cdn.office.net/officeonline/wv/s/161682941007_App_Scripts/suiteux-shell/js/ Frame B225 		291 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/161682941007_App_Scripts/suiteux-shell/js/suiteux.shell.core.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h04ECFE3F2B091710_App_Scripts/exp/appChromeLazy.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
854fe9474151465515daca71e0bfd2f021dae98ff12c3b75e4cce956322f98f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
79609
last-modified
Tue, 29 Aug 2023 17:09:35 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92d61"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
94cc6111-101e-0010-1efb-dc3aff000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
segoeui-regular.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/ Frame B225 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 14 Dec 2022 21:53:29 GMT
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92d93"}],"include_subdomains ":true}
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
1fc271d7-801e-004f-6650-148ec3000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
public, max-age=630720000
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
36344
quic-version
0x00000001
suiteux.shell.consappdata.js
res-1.cdn.office.net/officeonline/wv/s/161682941007_App_Scripts/suiteux-shell/js/ Frame B225 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/161682941007_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h04ECFE3F2B091710_App_Scripts/exp/appChromeLazy.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d6e07440ae0d351a380af42db7b0315af10f8647e9128105eac4532b7f2567ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
2009
last-modified
Tue, 29 Aug 2023 17:09:43 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616652.8b92dac"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
199e718d-e01e-0059-2d02-db7814000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
suiteux.shell.plus.js
res-1.cdn.office.net/officeonline/wv/s/161682941007_App_Scripts/suiteux-shell/js/ Frame B225 		221 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/161682941007_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h04ECFE3F2B091710_App_Scripts/exp/appChromeLazy.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2acd96aec9e4eaf11acf473c6a11e40db5f9c941f08986893e7a77a479fec7e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
48166
last-modified
Tue, 29 Aug 2023 17:09:39 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616653.8b92dd6"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9e8e7e4e-e01e-0004-6cfd-da7290000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
4d6684a1-7d82-4acf-bf66-43b8e6aa2464
https://pnl1-word-view.officeapps.live.com/ Frame B225 		179 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://pnl1-word-view.officeapps.live.com/4d6684a1-7d82-4acf-bf66-43b8e6aa2464
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35f5715c5cfd909fe497dfe72cf64bf4b81e54540f8b9ecd648336ed1df8d72b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length
179
Content-Type
application/javascript
suiteux.shell.otellogging.js
res-1.cdn.office.net/officeonline/wv/s/161682941007_App_Scripts/suiteux-shell/js/ Frame B225 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/wv/s/161682941007_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h04ECFE3F2B091710_App_Scripts/exp/appChromeLazy.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3100::1725:e2a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d8cd6625e9ef89ef68f5d93f1ce0dcaaeadb81acaef269b6358ae4ee33171591
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 01:04:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
alt-svc
h3=":443"; ma=93600
content-length
32017
last-modified
Tue, 29 Aug 2023 17:09:43 GMT
x-cdn-provider
Akamai
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.a4e22517.1693616653.8b92df9"}],"include_subdomains ":true}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
379098cc-b01e-0019-0ff0-da7f2c000000
access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
cache-control
max-age=630720000
timing-allow-origin
*
quic-version
0x00000001
truncated
/ Frame B225 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df

Request headers

Referer
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
font/woff;charset=utf-8
truncated
/ Frame B225 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363eb907e4a7548d7555687aba0c66d5a4bf5731d8530ee648e49751f13e183e

Request headers

Referer
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
font/woff;charset=utf-8
login.srf
login.live.com/ Frame B225
Redirect Chain
  • https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1693616653060
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=16&ct=1693616653&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252f...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=16&ct=1693616653&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
Protocol
HTTP/1.1
Server
20.190.160.14 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pnl1-word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
x-msnserver
AM4PPF7940E3BE1
x-qosstats
{"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-asmversion
UNKNOWN; 19.1233.818.2005
date
Sat, 02 Sep 2023 01:04:12 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=16&ct=1693616653&rver=7.5.2146.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
x-throwsite
4212.9205
x-clienterrorcode
PassportAuthFail
ms-cv
84AeBmTtdkiX9fr51T9d6Q.0
content-length
0
x-errorcodechain
Unauthenticated
/
eu-office.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eu-office.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.201.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://pnl1-word-view.officeapps.live.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Sat, 02 Sep 2023 01:04:12 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
wl.ms.js
js.live.net/v5.0/ Frame B225 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.live.net/v5.0/wl.ms.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h8F91857F6BD6B5DB_App_Scripts/WordViewerDS.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.210.112.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-112-207.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer
https://pnl1-word-view.officeapps.live.com/
Origin
https://pnl1-word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Sat, 02 Sep 2023 01:04:13 GMT
X-MSNServer
RD0003FF1D5003
Content-Encoding
gzip
Last-Modified
Fri, 10 Jul 2020 18:30:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0b3b92be856d61:0"
X-ODWebServer
westeurope0-odwebp
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=48447, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16199
translation.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame B225 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token=1&access_token_ttl=0&z=1f78031a49b234d790f1a9991668f6fb9f064de85f26ee1f3b36b00a56b23f5c&uilang=de-DE
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/officeonline/wv/s/h60A82C06E357C29F_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
97ba0c34ffc6613a207d206e21aa0f76c131dc3e303495983f1afec0a29ba0d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
6
X-WacFrontEnd
AM4PEPF00012931
X-UserSessionId
7a1fd676-74ca-4360-8a60-48b755d80b28
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.16829.41007
X-Key
FELH+Ew2rBw2eEZRVaUHOYx1a8z0bwEUEKNAx4KDtZs=,638292134516150654
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Referer
https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fstatic%252Es123%252Dcdn%252Dstatic%252Dd%252Ecom%253A443%252Fuploads%252F2930990%252Fnormal%255F6477341a1f9f5%252Edocx&access_token_ttl=0&wdOrigin=BROWSELINK%22&hid=1de7231d-db3b-447b-aadc-bd543106d0a9
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 02 Sep 2023 01:04:12 GMT
x-wacfrontend
AM4PEPF00012931
x-officeversion
16.0.16829.41007
x-powered-by
ARR/3.0
x-officefe
AM4PEPF00012931
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest
content-length
1608
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest
x-routed-to-target-server-path
WAC_WFE_AFFINITY_TARGET_URL
x-correlationid
e11e1140-599e-4ed9-a1e4-f5e65d3e4032, e11e1140-599e-4ed9-a1e4-f5e65d3e4032
x-officecluster
PNL1
x-usersessionid
7a1fd676-74ca-4360-8a60-48b755d80b28, 7a1fd676-74ca-4360-8a60-48b755d80b28
x-msedge-ref
Ref A: 212A28EC899B43EC84182EDF6EF4E03A Ref B: FRA231050414023 Ref C: 2023-09-02T01:04:13Z
x-officefd
AM4PEPF000131E3
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store
timing-allow-origin
*, *
expires
-1

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture string| _iframeUrl string| _windowTitle string| _favIconUrl boolean| _shouldDoRedirect string| _failureRedirectUrl string| _accessToken function| OnLoad

8 Cookies

Domain/Path Name / Value
.view.officeapps.live.com/ Name: PNL1-ARRAffinity
Value: ce5f7fe80fefc172a07354fa6d473deaae8dfa198fba31bb571d230abdaa5dee
pnl1-word-view.officeapps.live.com/ Name: BIGipCookie
Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
pnl1-word-view.officeapps.live.com/ Name: ShCLSessionID
Value: 1693616652757_0.5633109986686475
.login.live.com/ Name: uaid
Value: bb5a8394a8af45198634b52007634019
.login.live.com/ Name: MSPRequ
Value: id=63539&lt=1693616653&co=1
.login.live.com/ Name: MSCC
Value: 45.141.152.72-DE
.login.live.com/ Name: MSPOK
Value: $uuid-76b75028-45d4-4a9f-bb59-e8cd7ae75ddc
.login.live.com/ Name: OParams
Value: 11O.DehyEYCnARVF1GVsmvVM6V1VTDaD8DyhYF0!J9Y5hzESQVyEfJZ*OekuFUfY!ntvFC!8KZ5!pfA4Xng4m6wMCry1SaCBCfeNIlklFuGJ*7lQDqVl!JWFl8KlTqQfo3d!ypaR!XHZuL9d*HRlP5*UUEYUxhIR1STemkoTwlAb6dTWqRy*XzKB0t*6XvyaE!xCrn*37sn*tNahvbSOZhqt8kGB*l!*E8JQoFE6tm17kips8JXc*msC6BWak1Ee!qDXVJZiskAMB2pqdsjOWzWyblic1sONm4nzWpih37scJD!QYzg*59loD6WbnyljZJnG8QS60L7M2ACm0J0z3P*KkpFoILIchnLontOwSooQPl3z82zfTJ5ehFRI5oAzpA37yg938D*t8WQOuOZ3gn4WiaaXYiWiVsHul6MdmCjGfH4p

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eu-office.events.data.microsoft.com
euc-word-telemetry.officeapps.live.com
js.live.net
login.live.com
pnl1-word-view.officeapps.live.com
res-1.cdn.office.net
storage.live.com
view.officeapps.live.com
13.105.66.144
20.190.160.14
20.50.201.195
23.210.112.207
2603:1063:2000:1::12
2603:1063:2206:14::45
2a02:26f0:3100::1725:e2a8
043ecb17a77d3c98d7903690fd7790358064beffebe7f78055b982f09cd4dc57
04ecfe3f2b091710fc298291dcdbd6efaf18c5f211c00e5e0531ddde00a1869e
09a1411bf361d3d649f4ff5098e0197510232477bf099872f58f5d1ec483e9af
16c484ab48c430ea637d449e790541e3df7ef13a302ac4c2584e9bd208921230
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
2acd96aec9e4eaf11acf473c6a11e40db5f9c941f08986893e7a77a479fec7e9
35f5715c5cfd909fe497dfe72cf64bf4b81e54540f8b9ecd648336ed1df8d72b
360f6aa9f0180a1dc1940ec6299d7a7365d69a72e8c1e93487f6cea693e7d84a
363eb907e4a7548d7555687aba0c66d5a4bf5731d8530ee648e49751f13e183e
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
4080bde156a82b3b6a60faf7f1e5c40e07e7100abd2206604bc7a943daa6fc5e
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
521663857e258e41e6ff21dc41aabc1fcb810000b54584519ef5f0cbda4bb2e5
5401fcb27d6be2c3e02082a9f30b99a626b742656de1470960233bf33147d55f
582a5a7a34147bca22d96170d437ae3e44ec1716b7aaf76fcaf5a49dbb6e8ae2
60a82c06e357c29f34b99def3ed8d8eaae74ca8f44892ca214f1e38c1986363b
65c2588ffcda4f6e049a0e35842354a1c034f507aab2b0cdb7bdbe579cb583a8
6e85ae0f223e46979db9b709a2a854baeeac28d10a61a44c142a711db670348a
70eae60710d17efe99bf219ed059eb13f30af5eb565350ff512056fcc2a8e23b
715168485b00a2a61aba23719f5b969d3f0119bf44dd00ce1c40ae08f4520c66
72fa107f513f53dec39aa00430f9c7703d3eb89197fe57221ccc175afd9db231
854fe9474151465515daca71e0bfd2f021dae98ff12c3b75e4cce956322f98f5
87f434012fac5e5ef9fa9a5ee523f529987cfd3185b73ef48290044ddb1c4f70
8a010d2b7364fdc204f787602f75ba08794e312709e34cbbe4a17d091e36f3d2
8f91857f6bd6b5db45ed435b22ccbedf880f7c2de0578fcca5ced8d31e930ef7
92508bf4f7ebd0ef1d9c1dd3f3d0d803ddf4618a09d6c3dee6629b551ca18d2f
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
97ba0c34ffc6613a207d206e21aa0f76c131dc3e303495983f1afec0a29ba0d2
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
aee0193d9099f1aa39256bacfeb4f0ee8e6022395b1ca5bc26ab9afa89936265
b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df
bbbc09c04ed406da054c6aab5b96b721a7d23c5188a0310d0937b5f16357c75a
bc21864de5cd4d1c764bf1b0138d989b2594c2aa008dbafaed4b834b44b36175
bec3828c907f157e92740de53428d53a1bbe0a7dfbce05b52dd6c43150aa46d8
c1b13c49d380a50313d85fc2a113a2ffe43ae66042cbfc3ffca02728eddfa2e2
c85868c2dfd80bf1202e680529fbb3434b282cd12a2dbd3a62dcea01ae8d4134
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6e07440ae0d351a380af42db7b0315af10f8647e9128105eac4532b7f2567ac
d8cd6625e9ef89ef68f5d93f1ce0dcaaeadb81acaef269b6358ae4ee33171591
dd4039f8afac6fd76b462c4fd4f90374b18db762719108491ac2e365196d71ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f81aa7d8e2d9f0822ab5d0d68ef995e5a14ee85726c375dcf6fbf885ab09115d
f9eee35a8207c786ef8787f2f922457c7177f4dc80574cef1b3f4e2a630723e2