view.officeapps.live.com Open in urlscan Pro
2a01:111:f100:9001::1761:950c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r20.rs6.net/tn.jsp?f=001mra0OtWc_rqzFjniScyB5V2cK0Wv0eWm4qM8q7-x0S3vcZudwTqb9hLahHEbTtp8HpXncOjnn2Fh7ch0XFEU...
Effective URL:
https://view.officeapps.live.com/op/view.aspx?src=https://c.s-microsoft.com/en-us/CMSFiles/Executive%20Compensation%20Recovery%20...
Submission: On December 09 via api (December 9th 2021, 12:56:16 pm UTC) from SE — Scanned from DE

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 54 HTTP transactions. The main IP is 2a01:111:f100:9001::1761:950c, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is view.officeapps.live.com.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on April 30th 2021. Valid for: a year.

This is the only time view.officeapps.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
1 1	23.79.157.152 23.79.157.152	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a01:111:f100... 2a01:111:f100:9001::1761:950c	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
16	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
28	2a02:26f0:6c0... 2a02:26f0:6c00:294::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.111.225.185 104.111.225.185	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.237.183 104.111.237.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:1ec:29::60 2620:1ec:29::60	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	40.90.142.226 40.90.142.226	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.190.160.73 20.190.160.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	20.42.65.90 20.42.65.90	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
54	9

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.157.152 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-157-152.deploy.static.akamaitechnologies.com

aka.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:111:f100:9001::1761:950c (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pnl1-word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a02:26f0:6c00:294::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.225.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-225-185.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.237.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-183.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:29::60 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

amcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.90.142.226 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: i-am3p-cor002.api.p001.1drv.com

storage.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.160.73 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.42.65.90 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	office.net c1-word-view-15.cdn.office.net	2 MB
19	live.com 1 redirects view.officeapps.live.com pnl1-word-view.officeapps.live.com storage.live.com login.live.com	218 KB
3	microsoft.com browser.events.data.microsoft.com browser.pipe.aria.microsoft.com	1 KB
2	sharepointonline.com static2.sharepointonline.com	68 KB
1	msftauth.net amcdn.msftauth.net	9 KB
1	live.net js.live.net	16 KB
1	aka.ms 1 redirects aka.ms	596 B
1	rs6.net 1 redirects r20.rs6.net	362 B
54	8

	Domain	Requested by
28	c1-word-view-15.cdn.office.net	pnl1-word-view.officeapps.live.com c1-word-view-15.cdn.office.net
16	pnl1-word-view.officeapps.live.com	pnl1-word-view.officeapps.live.com c1-word-view-15.cdn.office.net
2	browser.events.data.microsoft.com	c1-word-view-15.cdn.office.net
2	static2.sharepointonline.com
1	browser.pipe.aria.microsoft.com	c1-word-view-15.cdn.office.net
1	login.live.com
1	storage.live.com	1 redirects
1	amcdn.msftauth.net	c1-word-view-15.cdn.office.net
1	js.live.net	c1-word-view-15.cdn.office.net
1	view.officeapps.live.com
1	aka.ms	1 redirects
1	r20.rs6.net	1 redirects
54	12

This site contains no links.

Subject Issuer	Validity	Valid
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2021-01-26` - `2022-01-26`	a year	crt.sh
*.sharepointonline.com Microsoft RSA TLS CA 01	`2021-07-08` - `2022-07-08`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2021-09-29` - `2022-09-29`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 06	`2021-11-22` - `2022-11-17`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 05	`2021-09-23` - `2022-09-18`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://view.officeapps.live.com/op/view.aspx?src=https://c.s-microsoft.com/en-us/CMSFiles/Executive%20Compensation%20Recovery%20Policy.docx?version=0685b846-89dd-eef2-bc22-dca3407e96ca
Frame ID: 0108AC20027636A5FCA6E8F4C374C847
Requests: 2 HTTP requests in this frame

Frame: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
Frame ID: BC0E903B7CEDC3C74133BDC9DEAC1A94
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Executive Compensation Recovery Policy.docx

Page URL History Show full URLs

https://r20.rs6.net/tn.jsp?f=001mra0OtWc_rqzFjniScyB5V2cK0Wv0eWm4qM8q7-x0S3vcZudwTqb9hLahHEbTtp8... HTTP 302
https://aka.ms/executivecompensationrecovery HTTP 301
https://view.officeapps.live.com/op/view.aspx?src=https://c.s-microsoft.com/en-us/CMSFiles/Executive%20Compen... Page URL

Page Statistics

54
Requests

96 %
HTTPS

36 %
IPv6

8
Domains

12
Subdomains

9
IPs

3
Countries

2321 kB
Transfer

11083 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r20.rs6.net/tn.jsp?f=001mra0OtWc_rqzFjniScyB5V2cK0Wv0eWm4qM8q7-x0S3vcZudwTqb9hLahHEbTtp8HpXncOjnn2Fh7ch0XFEU6gT6-tYGJeVyspBskFCcMk3qgywimtdBQDJEZG_btVqIyCvyAuP8TykroV94QXa-pxNKWj_BMsCPndQPiyeynzg=&c=vkvgZ8KGoIzc1wjxK1TvEYSKE7kSlEV7TXQdTmmZCfK6wdu2m_JH2A==&ch=aMQnUs5qEa8A-hfaSAQRgJpBF0yLlFYcUrv6gdbThmnV8GSOSJYosg== HTTP 302
https://aka.ms/executivecompensationrecovery HTTP 301
https://view.officeapps.live.com/op/view.aspx?src=https://c.s-microsoft.com/en-us/CMSFiles/Executive%20Compensation%20Recovery%20Policy.docx?version=0685b846-89dd-eef2-bc22-dca3407e96ca Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1639054572824 HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1639054573&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request view.aspx Show response
view.officeapps.live.com/op/
Redirect Chain

https://r20.rs6.net/tn.jsp?f=001mra0OtWc_rqzFjniScyB5V2cK0Wv0eWm4qM8q7-x0S3vcZudwTqb9hLahHEbTtp8HpXncOjnn2Fh7ch0XFEU6gT6-tYGJeVyspBskFCcMk3qgywimtdBQDJEZG_btVqIyCvyAuP8TykroV94QXa-pxNKWj_BMsCPndQPi...
https://aka.ms/executivecompensationrecovery
https://view.officeapps.live.com/op/view.aspx?src=https://c.s-microsoft.com/en-us/CMSFiles/Executive%20Compensation%20Recovery%20Policy.docx?version=0685b846-89dd-eef2-bc22-dca3407e96ca

4 KB
2 KB

210ms
21ms

Document
text/html

2a01:111:f100:9001::1761:950c
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.officeapps.live.com/op/view.aspx?src=https://c.s-microsoft.com/en-us/CMSFiles/Executive%20Compensation%20Recovery%20Policy.docx?version=0685b846-89dd-eef2-bc22-dca3407e96ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:111:f100:9001::1761:950c Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

f416f68ded613bf9d6a1174a7c004c9f09e342e3975739f33cfb3375c0f641f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-correlationid: 7a6537d0-d72c-45e4-9caf-174fb108b01a
x-officefe: AM4PEPF000128C3
x-officeversion: 16.0.14712.41004
x-officecluster: PNL1
x-content-type-options: nosniff
x-officefd: AM4PEPF000068A5
date: Thu, 09 Dec 2021 12:56:11 GMT

Redirect headers

Location: https://view.officeapps.live.com/op/view.aspx?src=https://c.s-microsoft.com/en-us/CMSFiles/Executive%20Compensation%20Recovery%20Policy.docx?version=0685b846-89dd-eef2-bc22-dca3407e96ca
Server: Kestrel
Request-Context: appId=cid-v1:9b037ab9-fa5a-4c09-81bd-41ffa859f01e
X-Response-Cache-Status: True
Content-Length: 0
Expires: Thu, 09 Dec 2021 12:56:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 09 Dec 2021 12:56:11 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

GET
DATA 200
OK truncated
/ 695 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 wordviewerframe.aspx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 82 KB
84 KB 78ms
32ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e2e02da6cb9dc4bdbb3f18b7054ebb78e9980eea4e2ab26895ea07a40bff6d7

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net messaging.growth.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://view.officeapps.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://view.officeapps.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: d11ec836-7faf-4a24-9410-9d1275ee4549
x-usersessionid: d11ec836-7faf-4a24-9410-9d1275ee4549
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00012373
x-officeversion: 16.0.14802.41010
x-officecluster: PNL1
x-content-type-options: nosniff
content-security-policy: font-src data: c1-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net messaging.growth.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
document-policy: js-profiling
x-officefd: AM4PEPF00012373
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: AECBBF9C992F449696300FE8FCE7FCB7 Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:11Z
date: Thu, 09 Dec 2021 12:56:11 GMT

GET
H/1.1 200
OK WordViewer.css
c1-word-view-15.cdn.office.net/wv/s/h852C9B9F5F13F62E_resources/1031/ Frame BC0E 226 KB
27 KB 68ms
9ms Stylesheet
text/css 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h852C9B9F5F13F62E_resources/1031/WordViewer.css

Requested by

Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

852c9b9f5f13f62e18c3ee3887605564d58cf3db4d778d49b2c5e1cf352a8cda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "f27a353184dad71:0"
X-OfficeCluster: PUS3
X-OfficeVersion: 16.0.14709.41008
X-OfficeFE: BN3PEPF00002147
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 27044
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice,afd_wordcapacity,afd_onenoteslice,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 16 Nov 2021 00:52:12 GMT
X-OFFICEFD: BN3PEPF00001E1B
X-MSEdge-Ref: Ref A: EF04FD8EC58F4E8CB16B953F650ADEFF Ref B: AMS04EDGE2105 Ref C: 2021-11-28T18:07:05Z
X-UserSessionId: 49e1ed2c-54d6-470c-a673-e5cdfd703388
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 49e1ed2c-54d6-470c-a673-e5cdfd703388
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjaxDS.js Show response
c1-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/ Frame BC0E 106 KB
24 KB 66ms
8ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

d8326bb4760631a8487732482af651a31c4d630a4a86a5c34e1bb44cce542e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "35d038388fdad71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14709.41008
X-OfficeFE: AM4PEPF000102D5
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 23628
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Tue, 16 Nov 2021 02:11:08 GMT
X-OFFICEFD: AM4PEPF000102D5
X-UserSessionId: 11d2c481-f234-4c11-ab34-f7541950137e
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 11d2c481-f234-4c11-ab34-f7541950137e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK CommonIntl.js Show response
c1-word-view-15.cdn.office.net/wv/s/h073013B55B48B9AC_App_Scripts/1031/ Frame BC0E 138 KB
30 KB 63ms
7ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h073013B55B48B9AC_App_Scripts/1031/CommonIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5ecbd1e492ba9862e8e584dc6a7b69b45c516a2839a9e9849e1a51c933f7f117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"60dc91b488e8d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: AM4PEPF000131F2
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 29983
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 20:59:47 GMT
X-OFFICEFD: AM4PEPF000131F2
X-MSEdge-Ref: Ref A: 07005C5BF1414C77BC7912D8077F8001 Ref B: AMS04EDGE1516 Ref C: 2021-12-03T20:59:47Z
X-UserSessionId: 121da407-a5d6-4241-89b6-1b786a325881
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 121da407-a5d6-4241-89b6-1b786a325881
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Compat.js Show response
c1-word-view-15.cdn.office.net/wv/s/h06FE78141D1F3A43_App_Scripts/ Frame BC0E 6 KB
2 KB 62ms
7ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h06FE78141D1F3A43_App_Scripts/Compat.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "715ba904fe2d71:0"
X-OfficeCluster: US2C
X-OfficeVersion: 16.0.14709.41008
X-OfficeFE: DM3PEPF00013CAA
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
Content-Length: 1365
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
Last-Modified: Thu, 25 Nov 2021 22:55:37 GMT
X-OFFICEFD: DM3PEPF00001D64
X-MSEdge-Ref: Ref A: 7876910A167844E8821C2CB1B059A791 Ref B: AM3EDGE0917 Ref C: 2021-11-26T18:48:14Z
X-UserSessionId: ba507e56-bfa6-41a2-8a73-7929fb4e6338
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: ba507e56-bfa6-41a2-8a73-7929fb4e6338
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WordViewerIntl.js Show response
c1-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/ Frame BC0E 21 KB
5 KB 64ms
8ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/WordViewerIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "cdbaf81dbeded71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14709.41008
X-OfficeFE: DB5PEPF0000C63B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 4307
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Sun, 21 Nov 2021 09:56:55 GMT
X-OFFICEFD: DB5PEPF0000C63B
X-MSEdge-Ref: Ref A: D2AF10C07AC94E4DB915464309780AD9 Ref B: AM3EDGE0408 Ref C: 2021-11-30T22:58:14Z
X-UserSessionId: 3a745702-fff2-417f-b15e-38977d496a62
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 3a745702-fff2-417f-b15e-38977d496a62
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK word-app-intl.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/h40BCD9D1562E9B5A_App_Scripts/1031/ Frame BC0E 435 KB
71 KB 65ms
8ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h40BCD9D1562E9B5A_App_Scripts/1031/word-app-intl.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

40bcd9d1562e9b5a2abe1e6e7065d7e3ca8cd65b0818dce08a5ead3874e6ebfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"d9b9bb885e8d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: DB5PEPF0000D2E0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 72125
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 20:38:24 GMT
X-OFFICEFD: DB5PEPF0000D2E0
X-MSEdge-Ref: Ref A: 981F38A614314B02B19817A4D553A967 Ref B: AMS04EDGE1719 Ref C: 2021-12-03T20:38:24Z
X-UserSessionId: ea5a2ecf-651a-4b0e-ad66-72f74d37bb45
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: ea5a2ecf-651a-4b0e-ad66-72f74d37bb45
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WordViewerDS.js Show response
c1-word-view-15.cdn.office.net/wv/s/hC13EB24950BD306C_App_Scripts/ Frame BC0E 3 MB
443 KB 11ms
8ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/hC13EB24950BD306C_App_Scripts/WordViewerDS.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c13eb24950bd306c69a3a5a6cf8f4e79836a3722d2dc994110f32f45dc998df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"3ef1cb6e82e8d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: DB5PEPF000083ED
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 453269
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 03 Dec 2021 20:14:53 GMT
X-OFFICEFD: DB5PEPF000083ED
X-UserSessionId: 340d254e-39c7-43bb-8c62-876cea994042
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 340d254e-39c7-43bb-8c62-876cea994042
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 0
414 B 21ms
21ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14802.41010&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
X-UserSessionId: d11ec836-7faf-4a24-9410-9d1275ee4549
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.14802.41010
x-officefe: AM4PEPF0001293C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 135ad5ef-0cc2-45a1-bcb1-db95cc39c854
x-officecluster: PNL1
x-usersessionid: d11ec836-7faf-4a24-9410-9d1275ee4549
date: Thu, 09 Dec 2021 12:56:11 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 8902A5CEC1F54D72BEC467D086080088 Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:12Z
timing-allow-origin: *

GET
H2 404 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 1 KB
1 KB 118ms
118ms Image
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token=1&access_token_ttl=0&z=b5d4be756b2c998f09502c7ac15d31f9585c1d14a58d56013aa0bd036edaabae&v=00000000-0000-0000-0000-000000000802&usid=d11ec836-7faf-4a24-9410-9d1275ee4549&splashscreen=1&build=16.0.14802.41010&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00006A0D
x-officeversion: 16.0.14802.41010
x-officefe: AM4PEPF00006A0D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1245
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 61ef3f40-f89d-48fc-9450-efc748d06eba
x-officefd: AM4PEPF00006A0D
x-usersessionid: d11ec836-7faf-4a24-9410-9d1275ee4549
date: Thu, 09 Dec 2021 12:56:11 GMT
x-download-options: noopen
content-type: text/html
cache-control: no-cache
x-msedge-ref: Ref A: A16C9EF33B74480E987BDBD39AF775F1 Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:12Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 0
181 B 19ms
19ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14802.41010&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
X-UserSessionId: d11ec836-7faf-4a24-9410-9d1275ee4549
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":91,"Value":"https://c1-word-view-15.cdn.office.net:443/wv/s/h40BCD9D1562E9B5A_App_Scripts/1031/word-app-intl.min.js","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.14802.41010
x-officefe: AM4PEPF0001293C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 69522dd5-916f-46a0-b676-b70539fcdab2
x-officecluster: PNL1
x-usersessionid: d11ec836-7faf-4a24-9410-9d1275ee4549
date: Thu, 09 Dec 2021 12:56:11 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: B0EA3B088EDC4E3A898E5299EC89B322 Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:12Z
timing-allow-origin: *

GET
H/1.1 200
OK sharedheaderplaceholder-icons.woff
c1-word-view-15.cdn.office.net/wv/s/hE5C1E39EBD126206_App_Scripts/fonts/ Frame BC0E 3 KB
4 KB 8ms
8ms Font
font/x-woff 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/hE5C1E39EBD126206_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e5c1e39ebd1262067f33a6505542dde5b313b2b6e68f0f125d10164e027ef7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"c1f0b2613ee6d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14709.41008
X-OfficeFE: DB5PEPF0000D130
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 2748
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 30 Nov 2021 23:02:43 GMT
X-OFFICEFD: DB5PEPF0000D130
X-MSEdge-Ref: Ref A: 9C7068635AD446EDAA6F423A16580C02 Ref B: AM3EDGE0611 Ref C: 2021-11-30T23:02:43Z
X-UserSessionId: 1158c0d5-5e12-4f0b-91ec-0ecf4c3f1665
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: 1158c0d5-5e12-4f0b-91ec-0ecf4c3f1665
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 0
348 B 21ms
21ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14802.41010&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
X-UserSessionId: d11ec836-7faf-4a24-9410-9d1275ee4549
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":320,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.14802.41010
x-officefe: AM4PEPF0001293C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: c15bfc52-d498-480c-bba6-20fbef5e994d
x-officecluster: PNL1
x-usersessionid: d11ec836-7faf-4a24-9410-9d1275ee4549
date: Thu, 09 Dec 2021 12:56:11 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: FA3A8D4EF7C743BFBCA24471F112ADF7 Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:12Z
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 0
174 B 32ms
32ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hC13EB24950BD306C_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officeversion: 16.0.14802.41010
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 6eafafc2-cacc-4ca2-b6e4-92a703700a03
x-officecluster: PNL1
x-usersessionid: 6eafafc2-cacc-4ca2-b6e4-92a703700a03
date: Thu, 09 Dec 2021 12:56:11 GMT
x-download-options: noopen
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 683362C7985E41AE8C26D65B3D50ADB4 Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:12Z
timing-allow-origin: *
x-officefe: AM4PEPF000102D6

GET
H2 200 docdatahandler.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 444 B
866 B 39ms
39ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token=1&access_token_ttl=0&z=b5d4be756b2c998f09502c7ac15d31f9585c1d14a58d56013aa0bd036edaabae&type=png&o15=1&ui=de-DE

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

1f430d24b6db911d02b21a7b0d851f754935c94d67f347b231de50a9955333eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012373
X-UserSessionId: d11ec836-7faf-4a24-9410-9d1275ee4549
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14802.41010
X-Key: 18jCW0FBfGf9trTyq+VsFrx3Oczf+YkFrsCMo5Yteos=,637746513719929207
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012373
x-officeversion: 16.0.14802.41010
x-officefe: AM4PEPF00012373
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 415
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 14ae5bcd-798b-4331-b487-87f0cade5aed, 36aa3829-d66a-4049-84b3-ce38b2c4b641
x-officefd: AM4PEPF000069FB
x-usersessionid: d11ec836-7faf-4a24-9410-9d1275ee4549, d11ec836-7faf-4a24-9410-9d1275ee4549
x-powered-by: ARR/3.0
date: Thu, 09 Dec 2021 12:56:11 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 00674BEAD08B4E199755EA8D3BAE9097 Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:12Z
timing-allow-origin: *, *
expires: Fri, 09 Dec 2022 12:56:12 GMT

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/ Frame BC0E 40 KB
7 KB 10ms
10ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hC13EB24950BD306C_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"9bd1246f82e8d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: AM4PEPF00006032
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5997
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 20:14:53 GMT
X-OFFICEFD: AM4PEPF00006032
X-MSEdge-Ref: Ref A: FF8B4BDF0953435BA00D6185C20BD582 Ref B: AMS04EDGE2006 Ref C: 2021-12-03T20:14:53Z
X-UserSessionId: 016fefb0-f3ba-4b3b-a824-1d241d2f9bcf
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 016fefb0-f3ba-4b3b-a824-1d241d2f9bcf
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK segoeui.woff
c1-word-view-15.cdn.office.net/wv/s/h852C9B9F5F13F62E_resources/1031/ Frame BC0E 22 KB
23 KB 7ms
7ms Font
font/x-woff 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h852C9B9F5F13F62E_resources/1031/segoeui.woff

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h852C9B9F5F13F62E_resources/1031/WordViewer.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1-word-view-15.cdn.office.net/wv/s/h852C9B9F5F13F62E_resources/1031/WordViewer.css
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"50d7f8dcbee5d71:0"
X-OfficeCluster: GEU3C
X-OfficeVersion: 16.0.14723.41019
X-OfficeFE: DU2PEPF00009215
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
Content-Length: 22720
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
Last-Modified: Tue, 30 Nov 2021 07:49:54 GMT
X-OFFICEFD: DU2PEPF00009212
X-MSEdge-Ref: Ref A: 67B673020BB3440DACBDA8B3E1A575A3 Ref B: AMS04EDGE1713 Ref C: 2021-11-30T07:49:54Z
X-UserSessionId: a022caa8-8b2a-4014-bb2e-d40c95c822c2
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: a022caa8-8b2a-4014-bb2e-d40c95c822c2
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
BLOB 200
OK 4d6d69e6-4cfe-48c9-9f02-be1392a560c8
https://pnl1-word-view.officeapps.live.com/ Frame BC0E 224 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pnl1-word-view.officeapps.live.com/4d6d69e6-4cfe-48c9-9f02-be1392a560c8
Requested by: Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf394c5b419639e1ba6d31509887addf54526117869c7ed912fc054c4effcc5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 224
Content-Type: application/javascript

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 0
358 B 23ms
23ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14802.41010&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
X-UserSessionId: d11ec836-7faf-4a24-9410-9d1275ee4549
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":552,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.14802.41010
x-officefe: AM4PEPF0001030F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 9871dd81-be73-4884-be25-5e9c84eb9571
x-officecluster: PNL1
x-usersessionid: d11ec836-7faf-4a24-9410-9d1275ee4549
date: Thu, 09 Dec 2021 12:56:11 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 52CF07902216430D86F2420966347C62 Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:12Z
timing-allow-origin: *

GET
H/1.1 200
OK WordViewerDS.dll1.js Show response
c1-word-view-15.cdn.office.net/wv/s/hC13EB24950BD306C_App_Scripts/ Frame BC0E 814 KB
135 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/hC13EB24950BD306C_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hC13EB24950BD306C_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

eb548f4da78e7d58d035a6d873898703b7bbc1f1d0fd6e6472430786293b316f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"b6f3976f82e8d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: AM4PEPF000131EE
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 137261
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 20:14:54 GMT
X-OFFICEFD: AM4PEPF000131EE
X-MSEdge-Ref: Ref A: 71CCD7B37C0B4B37A2938927F9481947 Ref B: AMS04EDGE2015 Ref C: 2021-12-03T20:14:54Z
X-UserSessionId: 897d1198-f268-4c0d-9e22-116b7e53dc1c
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 897d1198-f268-4c0d-9e22-116b7e53dc1c
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-word-view-15.cdn.office.net/wv/s/161480241010_resources/1031/ Frame BC0E 695 B
2 KB 7ms
7ms Image
image/gif 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_resources/1031/progress.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"2e9720d083e8d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: AM4PEPF00011BC1
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 20:24:46 GMT
X-OFFICEFD: AM4PEPF00011BC1
X-MSEdge-Ref: Ref A: 465A1A016B96471F9315075A8E6CFD8B Ref B: AM3EDGE0321 Ref C: 2021-12-03T20:24:46Z
X-UserSessionId: 38c47cec-099e-40df-8aa7-513eb6602f2a
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 38c47cec-099e-40df-8aa7-513eb6602f2a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 39 KB
40 KB 34ms
33ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=d11ec836-7faf-4a24-9410-9d1275ee4549&build=16.0.14802.41010&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token=1&access_token_ttl=0&z=b5d4be756b2c998f09502c7ac15d31f9585c1d14a58d56013aa0bd036edaabae&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d2e4eabee34675472fba204882311df5569b6b81e50dcd5d72d33312f811f83c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012373
x-officeversion: 16.0.14802.41010
x-officefe: AM4PEPF00012373
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 40059
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token=1&access_token_ttl=0&z=b5d4be756b2c998f09502c7ac15d31f9585c1d14a58d56013aa0bd036edaabae00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 97502be1-4802-4c11-bdfa-ef1df78b8f0f
x-officefd: AM4PEPF00012373
x-usersessionid: d11ec836-7faf-4a24-9410-9d1275ee4549
date: Thu, 09 Dec 2021 12:56:11 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 713134E273A143C3ABC5F138DB737A12 Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:12Z
timing-allow-origin: *
expires: Fri, 09 Dec 2022 12:56:12 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 29 KB
30 KB 68ms
68ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=d11ec836-7faf-4a24-9410-9d1275ee4549&build=16.0.14802.41010&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token=1&access_token_ttl=0&z=b5d4be756b2c998f09502c7ac15d31f9585c1d14a58d56013aa0bd036edaabae&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

feec0e38835ed1a29cf5985f4a45c018d6bd155782aee262e9c9b4db94791781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF0001293C
x-officeversion: 16.0.14802.41010
x-officefe: AM4PEPF0001293C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 29629
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token=1&access_token_ttl=0&z=b5d4be756b2c998f09502c7ac15d31f9585c1d14a58d56013aa0bd036edaabae00000000-0000-0000-0000-000000000802p2.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 1293ba1c-4d40-4e8b-8a43-ccfb1aa31089
x-officefd: AM4PEPF0001293C
x-usersessionid: d11ec836-7faf-4a24-9410-9d1275ee4549
date: Thu, 09 Dec 2021 12:56:11 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 64BCB6D653624C2D8F14C78A84BAE774 Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:12Z
timing-allow-origin: *
expires: Fri, 09 Dec 2022 12:56:12 GMT

GET
H2 200 ResReader.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 27 KB
8 KB 54ms
54ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=d11ec836-7faf-4a24-9410-9d1275ee4549&build=16.0.14802.41010&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token=1&access_token_ttl=0&z=b5d4be756b2c998f09502c7ac15d31f9585c1d14a58d56013aa0bd036edaabae&waccluster=PNL1

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

43efd93a05667b0ded8807ca77579f69d57a7df35a9151c2c95e6a9754b54d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012373
X-UserSessionId: d11ec836-7faf-4a24-9410-9d1275ee4549
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14802.41010
X-Key: 18jCW0FBfGf9trTyq+VsFrx3Oczf+YkFrsCMo5Yteos=,637746513719929207
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012373
x-officeversion: 16.0.14802.41010
x-officefe: AM4PEPF00012373
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 7252
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token=1&access_token_ttl=0&z=b5d4be756b2c998f09502c7ac15d31f9585c1d14a58d56013aa0bd036edaabae00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 95562b54-508a-4fe2-9fca-8ea334392864, 6f609864-d1e3-4ee3-b9d3-a01b57648d5d
x-officefd: AM4PEPF000102D6
x-usersessionid: d11ec836-7faf-4a24-9410-9d1275ee4549, d11ec836-7faf-4a24-9410-9d1275ee4549
x-powered-by: ARR/3.0
date: Thu, 09 Dec 2021 12:56:11 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: EAB5E0C2438F4A69BD8E3E1DD1A0DD9C Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:12Z
timing-allow-origin: *, *
expires: Fri, 09 Dec 2022 12:56:12 GMT

GET
H/1.1 200
OK appResourceLoader.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/ Frame BC0E 6 KB
3 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/appResourceLoader.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hC13EB24950BD306C_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

209f551af4c90fe63aacf340a219ee6f4b3a5d0dbbcc32bd8ec81ef7bece5d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"194dfd6f82e8d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: AM4PEPF00012379
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 2023
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 03 Dec 2021 20:14:55 GMT
X-OFFICEFD: AM4PEPF00012379
X-UserSessionId: c219c230-f810-406d-9958-fc49cbdba730
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: c219c230-f810-406d-9958-fc49cbdba730
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-word-view-15.cdn.office.net/wv/s/161480241010_resources/1031/ Frame BC0E 695 B
2 KB 7ms
7ms Image
image/gif 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_resources/1031/progress.gif

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hC13EB24950BD306C_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"2e9720d083e8d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: AM4PEPF00011BC1
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 20:24:46 GMT
X-OFFICEFD: AM4PEPF00011BC1
X-MSEdge-Ref: Ref A: 465A1A016B96471F9315075A8E6CFD8B Ref B: AM3EDGE0321 Ref C: 2021-12-03T20:24:46Z
X-UserSessionId: 38c47cec-099e-40df-8aa7-513eb6602f2a
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 38c47cec-099e-40df-8aa7-513eb6602f2a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wv.png
c1-word-view-15.cdn.office.net/wv/s/161480241010_resources/1031/ Frame BC0E 34 KB
35 KB 8ms
7ms Image
image/png 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_resources/1031/wv.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"cc745b7f87e8d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: DB5PEPF0000D131
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 35196
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 20:51:08 GMT
X-OFFICEFD: DB5PEPF0000D131
X-MSEdge-Ref: Ref A: 60E02E79B5774F31A0037D31999EF46C Ref B: AM3EDGE1009 Ref C: 2021-12-03T20:51:08Z
X-UserSessionId: fb446008-6468-4adc-91b4-08e035f53937
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: fb446008-6468-4adc-91b4-08e035f53937
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress16.gif
c1-word-view-15.cdn.office.net/wv/s/161480241010_resources/1031/ Frame BC0E 668 B
2 KB 16ms
8ms Image
image/gif 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_resources/1031/progress16.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"3fde507f87e8d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: DB5PEPF0000D12A
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 668
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 20:51:08 GMT
X-OFFICEFD: DB5PEPF0000D12A
X-MSEdge-Ref: Ref A: E58FACD3D3BD46E29F49E9A330936A37 Ref B: AM3EDGE0411 Ref C: 2021-12-03T20:51:08Z
X-UserSessionId: a2a39245-75cf-4a3c-ab36-fe6dd7d3ad82
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: a2a39245-75cf-4a3c-ab36-fe6dd7d3ad82
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 39 KB
40 KB 29ms
29ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d2e4eabee34675472fba204882311df5569b6b81e50dcd5d72d33312f811f83c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012373
x-officeversion: 16.0.14802.41010
x-officefe: AM4PEPF00012373
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 40059
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token=1&access_token_ttl=0&z=b5d4be756b2c998f09502c7ac15d31f9585c1d14a58d56013aa0bd036edaabae00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: c9062f82-90ef-401e-bb8f-e923020cb17c
x-officefd: AM4PEPF00012373
x-usersessionid: d11ec836-7faf-4a24-9410-9d1275ee4549
date: Thu, 09 Dec 2021 12:56:11 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: E36504A77DEF4149A34B292A54247C17 Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:12Z
timing-allow-origin: *
expires: Fri, 09 Dec 2022 12:56:12 GMT

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 0
445 B 17ms
17ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14802.41010&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
X-UserSessionId: d11ec836-7faf-4a24-9410-9d1275ee4549
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":683,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.14802.41010
x-officefe: AM4PEPF000069FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_excelslice_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: efa118ca-318c-41d5-8351-5828cb551509
x-officecluster: PNL1
x-usersessionid: d11ec836-7faf-4a24-9410-9d1275ee4549
date: Thu, 09 Dec 2021 12:56:11 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: D00466538F96495CBA05185CB784BC95 Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:12Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 0
373 B 21ms
20ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14802.41010&waccluster=PNL1

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: AM4PEPF00012373
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14802.41010
X-Key: 18jCW0FBfGf9trTyq+VsFrx3Oczf+YkFrsCMo5Yteos=,637746513719929207
X-bULS-SuppressionETag: 352D23C4F4A7A2018361EF087F6B9743417AA6F2
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 1
X-UserSessionId: d11ec836-7faf-4a24-9410-9d1275ee4549
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
X-UserType: WOPI
X-AccessTokenTtl: 0
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.14802.41010
x-officefe: AM4PEPF0001293C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 352D23C4F4A7A2018361EF087F6B9743417AA6F2
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: d613cee1-7aaa-45c5-b4e3-4b5271a9a190
x-officecluster: PNL1
x-usersessionid: d11ec836-7faf-4a24-9410-9d1275ee4549
date: Thu, 09 Dec 2021 12:56:11 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 3353D8C3E9404E42800CD5F88A6EF71F Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:12Z
timing-allow-origin: *

GET
H/1.1 200
OK word-app-intl.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/1031/ Frame BC0E 435 KB
71 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/1031/word-app-intl.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/appResourceLoader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

40bcd9d1562e9b5a2abe1e6e7065d7e3ca8cd65b0818dce08a5ead3874e6ebfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"dcbf68be88e8d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: DB5PEPF000064AD
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 72125
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 03 Dec 2021 21:00:03 GMT
X-OFFICEFD: DB5PEPF000064AD
X-UserSessionId: bc2e1dbd-2bbe-4a56-887d-4638c09b0294
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: bc2e1dbd-2bbe-4a56-887d-4638c09b0294
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK common.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/ Frame BC0E 1 MB
221 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/common.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hC13EB24950BD306C_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

462c36aa350b21e949da3a7175def07fa5858bfa6beff0c7a222050d1dc045cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"d984e7082e8d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: AM4PEPF00011BC2
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 225312
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 20:14:55 GMT
X-OFFICEFD: AM4PEPF00011BC2
X-MSEdge-Ref: Ref A: 2C5E47E7D35140E180B6D00676935464 Ref B: AMS04EDGE2016 Ref C: 2021-12-03T20:14:55Z
X-UserSessionId: 4eb14eb0-7401-4831-8f1a-3f1c7fdcd48c
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 4eb14eb0-7401-4831-8f1a-3f1c7fdcd48c
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK appChrome.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/ Frame BC0E 209 KB
39 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/appChrome.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hC13EB24950BD306C_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

58a552a3ee8772b55822a6e7087012dc4231e52835f2b7a4568b4f61adc7f2a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"f6cd7082e8d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: DB5PEPF0000D12E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 38908
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 20:14:55 GMT
X-OFFICEFD: DB5PEPF0000D12E
X-MSEdge-Ref: Ref A: 471823F120BB4E4895B06A30573E32CA Ref B: AM3EDGE0614 Ref C: 2021-12-03T20:14:55Z
X-UserSessionId: 9256b7e5-8c48-4c95-b318-3e9b27a51e72
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 9256b7e5-8c48-4c95-b318-3e9b27a51e72
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 ResReader.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 27 KB
8 KB 30ms
30ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

43efd93a05667b0ded8807ca77579f69d57a7df35a9151c2c95e6a9754b54d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012373
X-UserSessionId: d11ec836-7faf-4a24-9410-9d1275ee4549
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14802.41010
X-Key: 18jCW0FBfGf9trTyq+VsFrx3Oczf+YkFrsCMo5Yteos=,637746513719929207
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012373
x-officeversion: 16.0.14802.41010
x-officefe: AM4PEPF00012373
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 7252
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token=1&access_token_ttl=0&z=b5d4be756b2c998f09502c7ac15d31f9585c1d14a58d56013aa0bd036edaabae00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 20ef6b37-5b0c-4506-967f-ee9f070db216, 8efd1dfe-8c15-49ec-a269-0d76f6e0d661
x-officefd: AM4PEPF00006A0D
x-usersessionid: d11ec836-7faf-4a24-9410-9d1275ee4549, d11ec836-7faf-4a24-9410-9d1275ee4549
x-powered-by: ARR/3.0
date: Thu, 09 Dec 2021 12:56:11 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 952FC62766284C20A2EBCAF4EB50CC27 Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:12Z
timing-allow-origin: *, *
expires: Fri, 09 Dec 2022 12:56:12 GMT

GET
H/1.1 200
OK common50.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/ Frame BC0E 2 MB
329 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/common50.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/appResourceLoader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2b0688e86c0085e4e9565a0ecb17f26ab2dae0016f14b40f40bd389a3d3df19a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"38fa07082e8d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: AM4PEPF000069E8
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 335827
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 20:14:56 GMT
X-OFFICEFD: AM4PEPF000069E8
X-MSEdge-Ref: Ref A: C766B606833149AC85171BCEB22AEE92 Ref B: AMS04EDGE2213 Ref C: 2021-12-03T20:14:56Z
X-UserSessionId: c5ef8cea-084d-46d5-825c-501d776642bb
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: c5ef8cea-084d-46d5-825c-501d776642bb
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK appChromeLazy.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/ Frame BC0E 514 KB
109 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/appChromeLazy.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/appResourceLoader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cb459ab665e45ed1ea080603d96e4de4566cb5f8a7c1935a82519dde22079172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"6dcb3b7182e8d71:0"
X-OfficeCluster: PUS3
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: BN3PEPF000021F2
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 110786
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 20:14:57 GMT
X-OFFICEFD: BN3PEPF00001E08
X-MSEdge-Ref: Ref A: 843CB333195A49508DF5FAF4FE678FF9 Ref B: AMS04EDGE1210 Ref C: 2021-12-03T20:14:57Z
X-UserSessionId: 1ab5ba16-a60d-42f7-95ef-499d8540532f
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 1ab5ba16-a60d-42f7-95ef-499d8540532f
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame BC0E 31 KB
32 KB 39ms
7ms Font
application/font-woff2 104.111.225.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.225.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-185.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 09 Dec 2021 12:56:12 GMT
last-modified: Thu, 26 Oct 2017 19:02:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ZtEeVbekE932qE6Fhpfntg==
etag: 0x8D51CA4122953A7
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 7e674b6c-001e-0087-216e-521548000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14303708
x-ms-version: 2009-09-19
content-length: 31824

GET
H/1.1 200
OK word-app-intl-lazy.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/1031/ Frame BC0E 631 KB
74 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/1031/word-app-intl-lazy.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hC13EB24950BD306C_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2a929ae9a693c7d4bc91b2563d4d1034c9a173d4951af155c6bbb5d6b9e1a690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"5b6671bf88e8d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: DB5PEPF000064AD
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 74838
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 21:00:05 GMT
X-OFFICEFD: DB5PEPF000064AD
X-MSEdge-Ref: Ref A: D8438C136CE94B76A4F28FED242A69C5 Ref B: AMS04EDGE1613 Ref C: 2021-12-03T21:00:05Z
X-UserSessionId: 22649f45-3f93-4923-95e9-a59db8ed8ab5
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 22649f45-3f93-4923-95e9-a59db8ed8ab5
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK uiSlice20.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/ Frame BC0E 896 KB
182 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/uiSlice20.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/appResourceLoader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

603f182726243efd7088f0330ae2d7a637c070694b07c6ba465404a0c814be68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"7d5ad7082e8d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: DB5PEPF0000D129
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 185258
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 03 Dec 2021 20:14:56 GMT
X-OFFICEFD: DB5PEPF0000D129
X-UserSessionId: 4d25d600-2adb-4ee0-ad09-eaf34778c8a4
Date: Thu, 09 Dec 2021 12:56:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 4d25d600-2adb-4ee0-ad09-eaf34778c8a4
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK shellstrings.json Show response
c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/suiteux-shell/strings/de/ Frame BC0E 15 KB
6 KB 8ms
8ms XHR
application/json 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/suiteux-shell/strings/de/shellstrings.json

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/appChromeLazy.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a1ad1bc9ed348b85ce1e65eec8d543300fe432b2b8868ae97a5f3bcae634b9d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"03936da85e8d71:0"
X-OfficeCluster: US2C
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: DM3PEPF00013CAC
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 4933
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 20:39:22 GMT
X-OFFICEFD: DM3PEPF00008A26
X-MSEdge-Ref: Ref A: 766AB3D7CDAA429091F2610AC499DD4C Ref B: AM3EDGE0414 Ref C: 2021-12-03T20:39:22Z
X-UserSessionId: 114676d8-b649-41c5-801f-9bd776129d19
Date: Thu, 09 Dec 2021 12:56:13 GMT
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
X-CorrelationId: 114676d8-b649-41c5-801f-9bd776129d19
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK suiteux.shell.core.js Show response
c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/suiteux-shell/js/ Frame BC0E 255 KB
70 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/appChromeLazy.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

9f083f67e91bcb52e3558a3b8a3108167a12b1004be12e8bff64eb4d14be9b8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"bd22165183e8d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: AM4PEPF000131EF
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 70648
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 03 Dec 2021 20:21:12 GMT
X-OFFICEFD: AM4PEPF000131EF
X-UserSessionId: ab4c4142-5445-4c65-949e-1a95bc5fe76f
Date: Thu, 09 Dec 2021 12:56:13 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: ab4c4142-5445-4c65-949e-1a95bc5fe76f
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK suiteux.shell.consappdata.js Show response
c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/suiteux-shell/js/ Frame BC0E 7 KB
3 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/appChromeLazy.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f412c733f8c379b1fe7b914b83555d455423667e9d50fbb23613b6114d7fa2e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"6d3ac5e487e8d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: DB5PEPF0000D03A
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1930
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 20:53:58 GMT
X-OFFICEFD: DB5PEPF0000D03A
X-MSEdge-Ref: Ref A: 3962E7F915324DAAA3B8846A7B245CC6 Ref B: AM3EDGE0820 Ref C: 2021-12-03T20:53:58Z
X-UserSessionId: 7c0c404c-9e01-446c-9a45-2818e645b13a
Date: Thu, 09 Dec 2021 12:56:13 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 7c0c404c-9e01-446c-9a45-2818e645b13a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame BC0E 35 KB
36 KB 10ms
10ms Font
application/font-woff2 104.111.225.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.225.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-185.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 09 Dec 2021 12:56:13 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: acf6ab5b-401e-0096-046c-528ffc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14302576
x-ms-version: 2009-09-19
content-length: 36344

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame BC0E 42 KB
16 KB 58ms
6ms Script
application/javascript 104.111.237.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hC13EB24950BD306C_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.111.237.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-183.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:56:13 GMT
X-MSNServer: RD0003FF242117
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31657, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H2 200 me Show response
amcdn.msftauth.net/ Frame BC0E 27 KB
9 KB 205ms
24ms Script
application/javascript 2620:1ec:29::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://amcdn.msftauth.net/me?partner=WordOnline&version=10.21153.1&market=DE-DE&wrapperId=suiteshell

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:29::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f15d04287e3e8c8cfbd7d144c4a3cfcf2f8f1eb2057746402967daa5f2489cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Dec 2021 12:56:13 GMT
x-azure-ref: 07fyxYQAAAADu/N4DXwCeRa9j2d9xDm7/TE9OMjFFREdFMDIxMwBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43200
x-ua-compatible: IE=edge
expires: Thu, 09 Dec 2021 23:14:37 GMT

GET
H/1.1 200
OK suiteux.shell.plus.js Show response
c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/suiteux-shell/js/ Frame BC0E 276 KB
61 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/appChromeLazy.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5ee954bf39e4c51fe242b61b2753801d80412c0bae346418acb6c6f7b8c33827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"a265b5183e8d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: DB5PEPF0000CE8C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 61217
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 03 Dec 2021 20:21:13 GMT
X-OFFICEFD: DB5PEPF0000CE8C
X-MSEdge-Ref: Ref A: 9E69F06461B441A3948635CD007904FC Ref B: AM3EDGE0809 Ref C: 2021-12-03T20:21:13Z
X-UserSessionId: 22246f65-efcf-4852-811f-13f82fee2d7b
Date: Thu, 09 Dec 2021 12:56:13 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 22246f65-efcf-4852-811f-13f82fee2d7b
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1

200
OK

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1639054572824
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1639054573&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252f...

0
0

220ms
127ms

Image
text/html

20.190.160.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1639054573&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
Protocol: HTTP/1.1
Server: 20.190.160.73 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: AM3PPF880CAF11A
x-qosstats: {"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-asmversion: UNKNOWN; 19.813.1129.2003
date: Thu, 09 Dec 2021 12:56:12 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1639054573&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
x-throwsite: 4212.9205
x-clienterrorcode: PassportAuthFail
ms-cv: DpUbRclZ0ka9KFjqNQ/lbQ.0
content-length: 0
x-errorcodechain: Unauthenticated

GET
H/1.1 200
OK otelFull.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/ Frame BC0E 103 KB
29 KB 10ms
9ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/otelFull.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hC13EB24950BD306C_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

36da7c3931e03ae21506b0e7a9a26573e414d4ca7bb659c7c6c8a421a79efb6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"0f7dcb84e8d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14723.41020
X-OfficeFE: DB5PEPF0000C633
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 28386
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 03 Dec 2021 20:26:26 GMT
X-OFFICEFD: DB5PEPF0000C633
X-UserSessionId: 7e24dcf1-a0c8-4e33-88ef-68b8605ab5ff
Date: Thu, 09 Dec 2021 12:56:13 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 7e24dcf1-a0c8-4e33-88ef-68b8605ab5ff
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame BC0E 4 B
338 B 396ms
93ms XHR
application/json 20.42.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.42.65.90 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:56:13 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://pnl1-word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 translation.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame BC0E 2 KB
2 KB 66ms
65ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token=1&access_token_ttl=0&z=b5d4be756b2c998f09502c7ac15d31f9585c1d14a58d56013aa0bd036edaabae&uilang=de-DE

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hD8326BB4760631A8_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

11dfb4b2372132b04a3c95e15439f54164329396690ff19c5eccf66a657a740d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012373
X-UserSessionId: d11ec836-7faf-4a24-9410-9d1275ee4549
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14802.41010
X-Key: 18jCW0FBfGf9trTyq+VsFrx3Oczf+YkFrsCMo5Yteos=,637746513719929207
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token_ttl=0&hid=7a6537d0-d72c-45e4-9caf-174fb108b01a
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012373
x-officeversion: 16.0.14802.41010
x-officefe: AM4PEPF00012373
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1364
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: ffa76ec3-8a64-4e17-b84d-5c4be76fcc2a
x-officefd: AM4PEPF00012373
x-usersessionid: d11ec836-7faf-4a24-9410-9d1275ee4549
date: Thu, 09 Dec 2021 12:56:12 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: AFA2D0D585064D15B814FB66DFAEDBC9 Ref B: AM3EDGE0710 Ref C: 2021-12-09T12:56:13Z
timing-allow-origin: *
expires: -1

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame BC0E 0
397 B 447ms
129ms XHR
application/json 20.42.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=c6c190a1b73c4a63bba89835d546cf28-f2a0482f-a00d-48d9-822e-e89cc89eb64d-7688&client-time-epoch-millis=1639054574820&time-delta-to-apply-millis=use-collector-delta
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.42.65.90 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 12:56:14 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 955
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame BC0E 24 B
435 B 387ms
103ms XHR
application/json 20.42.65.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.4.6&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1639054574885&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161480241010_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.42.65.90 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 4a43245106e0874b95dc5edec8fc630a06f82bf5ce87f245b1b9cd286313ca59

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 09 Dec 2021 12:56:15 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 888
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://pnl1-word-view.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.view.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: fa2a5d698966f7d7e324c9418f0d6afe5baa510b3f69893d182791392fbd5149
pnl1-word-view.officeapps.live.com/	1970-01-20 01:27:10	Name: DcLcid Value: ui=1031&data=1031
pnl1-word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
pnl1-word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: ShCLSessionID Value: 1639054572559_0.7640714750524227
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: b6c9f40232834505b6792946a91711a1
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=63539&lt=1639054573&co=1
.login.live.com/	1970-01-20 08:39:10	Name: MSCC Value: 78.47.208.24-DE
.login.live.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.DdIAHTeLUMSCRQw7yC2NPb4Z6hbXnaFore7rRDmDcOZMpcCCRew4cnWX67sjdidTURp3RWiPyrBBM8bI6Eybw8MO1acpYj!XAvOxWF10FyON7y4ryMVYMrR9Yi2IWYPSUoh0Y4P0sWlhyFzicEqX5muJaAEc3slVG!O8!iVL3UYHMxks5L0qP5WD9chrNzEptLAvJA7HxvDBDcG4Ga9YuutQZvVIMWClrCUo4lB15MLm!bfxKmsZo2ZEYYMaqb1E9KpamztN3FZpT7WHOwwp1FRDaZyCBWV0SwAyGTWsxULYaewy0TNWRIqstNwK5nCsOO206qNvmwOBaBY0rkhFmwCaplN0vkxMJfh8zFsnD0DRHgj4f2BnxCJlsOF22EDkvLZ30lTosg8XyY1NhFLIQpyAZcIdiwg7iAhTuFuxWvvd1xdAuqUWIbeUshF1f!GRCO2omwJp7V3CzHTIZFfWwyShIgiuEHGk5bKP
.login.live.com/	1969-12-31 23:59:59	Name: MSPOK Value: $uuid-cefd061c-ab99-452c-b1dd-654e9bb302e8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fc%252Es%252Dmicrosoft%252Ecom%253A443%252Fen%252Dus%252FCMSFiles%252FExecutive%252520Compensation%252520Recovery%252520Policy%252Edocx%253Fversion%253D0685b846%252D89dd%252Deef2%252Dbc22%252Ddca3407e96ca&access_token=1&access_token_ttl=0&z=b5d4be756b2c998f09502c7ac15d31f9585c1d14a58d56013aa0bd036edaabae&v=00000000-0000-0000-0000-000000000802&usid=d11ec836-7faf-4a24-9410-9d1275ee4549&splashscreen=1&build=16.0.14802.41010&waccluster=PNL1 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aka.ms
amcdn.msftauth.net
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c1-word-view-15.cdn.office.net
js.live.net
login.live.com
pnl1-word-view.officeapps.live.com
r20.rs6.net
static2.sharepointonline.com
storage.live.com
view.officeapps.live.com
104.111.225.185
104.111.237.183
20.190.160.73
20.42.65.90
208.75.122.11
23.79.157.152
2620:1ec:29::60
2620:1ec:a92::171
2a01:111:f100:9001::1761:950c
2a02:26f0:6c00:294::4b36
40.90.142.226
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0
11dfb4b2372132b04a3c95e15439f54164329396690ff19c5eccf66a657a740d
1f430d24b6db911d02b21a7b0d851f754935c94d67f347b231de50a9955333eb
209f551af4c90fe63aacf340a219ee6f4b3a5d0dbbcc32bd8ec81ef7bece5d34
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
2a929ae9a693c7d4bc91b2563d4d1034c9a173d4951af155c6bbb5d6b9e1a690
2b0688e86c0085e4e9565a0ecb17f26ab2dae0016f14b40f40bd389a3d3df19a
2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48
36da7c3931e03ae21506b0e7a9a26573e414d4ca7bb659c7c6c8a421a79efb6c
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
40bcd9d1562e9b5a2abe1e6e7065d7e3ca8cd65b0818dce08a5ead3874e6ebfc
43efd93a05667b0ded8807ca77579f69d57a7df35a9151c2c95e6a9754b54d25
462c36aa350b21e949da3a7175def07fa5858bfa6beff0c7a222050d1dc045cd
4a43245106e0874b95dc5edec8fc630a06f82bf5ce87f245b1b9cd286313ca59
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
58a552a3ee8772b55822a6e7087012dc4231e52835f2b7a4568b4f61adc7f2a3
5e2e02da6cb9dc4bdbb3f18b7054ebb78e9980eea4e2ab26895ea07a40bff6d7
5ecbd1e492ba9862e8e584dc6a7b69b45c516a2839a9e9849e1a51c933f7f117
5ee954bf39e4c51fe242b61b2753801d80412c0bae346418acb6c6f7b8c33827
603f182726243efd7088f0330ae2d7a637c070694b07c6ba465404a0c814be68
852c9b9f5f13f62e18c3ee3887605564d58cf3db4d778d49b2c5e1cf352a8cda
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
9f083f67e91bcb52e3558a3b8a3108167a12b1004be12e8bff64eb4d14be9b8e
a1ad1bc9ed348b85ce1e65eec8d543300fe432b2b8868ae97a5f3bcae634b9d4
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
c13eb24950bd306c69a3a5a6cf8f4e79836a3722d2dc994110f32f45dc998df0
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
cb459ab665e45ed1ea080603d96e4de4566cb5f8a7c1935a82519dde22079172
cf394c5b419639e1ba6d31509887addf54526117869c7ed912fc054c4effcc5b
d2e4eabee34675472fba204882311df5569b6b81e50dcd5d72d33312f811f83c
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d8326bb4760631a8487732482af651a31c4d630a4a86a5c34e1bb44cce542e02
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c1e39ebd1262067f33a6505542dde5b313b2b6e68f0f125d10164e027ef7e3
eb548f4da78e7d58d035a6d873898703b7bbc1f1d0fd6e6472430786293b316f
f15d04287e3e8c8cfbd7d144c4a3cfcf2f8f1eb2057746402967daa5f2489cba
f412c733f8c379b1fe7b914b83555d455423667e9d50fbb23613b6114d7fa2e8
f416f68ded613bf9d6a1174a7c004c9f09e342e3975739f33cfb3375c0f641f8
feec0e38835ed1a29cf5985f4a45c018d6bd155782aee262e9c9b4db94791781

view.officeapps.live.com Open in urlscan Pro 2a01:111:f100:9001::1761:950c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

54 Requests

96 %HTTPS

36 %IPv6

8 Domains

12 Subdomains

9 IPs

3 Countries

2321 kBTransfer

11083 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

view.officeapps.live.com Open in urlscan Pro
2a01:111:f100:9001::1761:950c Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

96 %
HTTPS

36 %
IPv6

8
Domains

12
Subdomains

9
IPs

3
Countries

2321 kB
Transfer

11083 kB
Size

9
Cookies

54 HTTP transactions
1 data transactions