roberthhallpllc.sharefile.com Open in urlscan Pro
76.223.1.166 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Submission: On June 30 via manual (June 30th 2023, 3:05:43 pm UTC) from US — Scanned from DE

Summary HTTP 106 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 106 HTTP transactions. The main IP is 76.223.1.166, located in United States and belongs to AMAZON-02, US. The main domain is roberthhallpllc.sharefile.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 3rd 2023. Valid for: a year.

This is the only time roberthhallpllc.sharefile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	76.223.1.166 76.223.1.166	16509 (AMAZON-02) (AMAZON-02)
4	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
2	34.107.168.21 34.107.168.21	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	13.224.189.108 13.224.189.108	16509 (AMAZON-02) (AMAZON-02)
4	3.215.101.233 3.215.101.233	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	107.20.191.162 107.20.191.162	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:80e::2013	15169 (GOOGLE) (GOOGLE)
1	64.185.227.156 64.185.227.156	18450 (WEBNX) (WEBNX)
5	2603:1063:200... 2603:1063:2000::12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
24	2a02:26f0:350... 2a02:26f0:3500:588::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2603:1063:220... 2603:1063:2206:14::33	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.50.73.9 20.50.73.9	() ()
106	15

41 76.223.1.166 (United States)

ASN16509 (AMAZON-02, US)
PTR: adbc6357b41625fc7.awsglobalaccelerator.com

roberthhallpllc.sharefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
roberthhallpllc.sf-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sf-cv.sharefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.168.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.168.107.34.bc.googleusercontent.com

citrix-sharefile-content.customer.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.189.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-108.fra2.r.cloudfront.net

piletfeed-cdn.sharefile.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.215.101.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-101-233.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.191.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-191-162.compute-1.amazonaws.com

auth.sharefile.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

citrix-sharefile-data.customer.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.185.227.156 (Los Angeles, United States)

ASN18450 (WEBNX, US)
PTR: 64-185-227-156.static.webnx.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2603:1063:2000::12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:26f0:3500:588::1c24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1h-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2603:1063:2206:14::33 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

euc-word-telemetry.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.73.9 (None, )

ASN- ()

eu-office.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	sharefile.com roberthhallpllc.sharefile.com sf-cv.sharefile.com — Cisco Umbrella Rank: 57929	993 KB
24	office.net c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 7286	2 MB
15	sf-api.com roberthhallpllc.sf-api.com	35 KB
13	live.com word-view.officeapps.live.com — Cisco Umbrella Rank: 8317 euc-word-telemetry.officeapps.live.com — Cisco Umbrella Rank: 14866	156 KB
8	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1298 events.launchdarkly.com — Cisco Umbrella Rank: 973	5 KB
7	sharefile.io piletfeed-cdn.sharefile.io — Cisco Umbrella Rank: 31424 auth.sharefile.io — Cisco Umbrella Rank: 30007	1 MB
5	pendo.io citrix-sharefile-content.customer.pendo.io — Cisco Umbrella Rank: 27550 citrix-sharefile-data.customer.pendo.io — Cisco Umbrella Rank: 22742	161 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 331	1 KB
1	microsoft.com eu-office.events.data.microsoft.com
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2382	223 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 535	18 KB
106	11

	Domain	Requested by
24	c1h-word-view-15.cdn.office.net	word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
22	roberthhallpllc.sharefile.com	roberthhallpllc.sharefile.com
15	roberthhallpllc.sf-api.com	roberthhallpllc.sharefile.com
8	euc-word-telemetry.officeapps.live.com	word-view.officeapps.live.com
6	piletfeed-cdn.sharefile.io	roberthhallpllc.sharefile.com
5	word-view.officeapps.live.com	word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
4	sf-cv.sharefile.com	roberthhallpllc.sharefile.com
4	events.launchdarkly.com	roberthhallpllc.sharefile.com
4	app.launchdarkly.com	roberthhallpllc.sharefile.com
3	citrix-sharefile-data.customer.pendo.io	roberthhallpllc.sharefile.com
2	bam.nr-data.net	roberthhallpllc.sharefile.com
2	citrix-sharefile-content.customer.pendo.io	roberthhallpllc.sharefile.com
1	eu-office.events.data.microsoft.com
1	api.ipify.org	roberthhallpllc.sharefile.com
1	auth.sharefile.io	roberthhallpllc.sharefile.com
1	js-agent.newrelic.com	roberthhallpllc.sharefile.com
106	16

This site contains no links.

Subject Issuer	Validity	Valid
*.sharefile.com Amazon RSA 2048 M02	`2023-01-03` - `2024-02-01`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
citrix-sharefile-content.customer.pendo.io GTS CA 1D4	`2023-06-18` - `2023-09-16`	3 months	crt.sh
*.sharefile.io Amazon RSA 2048 M01	`2022-12-08` - `2024-01-06`	a year	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M02	`2023-06-21` - `2024-07-20`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
citrix-sharefile-data.customer.pendo.io GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
officeapps.live.com Microsoft Azure TLS Issuing CA 02	`2023-06-20` - `2024-06-14`	a year	crt.sh
*.cdn.office.net Microsoft Azure TLS Issuing CA 02	`2023-01-11` - `2024-01-06`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-06-07` - `2024-06-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Frame ID: 5A39E9718C8C74BF20B6225885A7BD99
Requests: 52 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sf-wopi2-sharefile-useast.sharefile.com/service/wopi2/files/fi9bc5ff-b476-7bf6-85e6-23b301206279&IsLicensedUser=1
Frame ID: C53663778FCCAAED4B48E415DBF0543A
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gen 22, Inc.Microsoft Word file

Page Statistics

106
Requests

97 %
HTTPS

29 %
IPv6

11
Domains

16
Subdomains

15
IPs

3
Countries

4582 kB
Transfer

21936 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

106 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request d-0be101d67364405a Show response
roberthhallpllc.sharefile.com/ 84 KB
26 KB 617ms
357ms Document
text/html 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

d054497002d14c3d02b3cf82109f62cc82f78808dcddf724754713528f9fa145

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com https://piletfeed-cdn.sharefile.io; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-m3fWDgTWm0BlFJ+rWZlmBg==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, no-store, must-revalidate
citrix-transactionid: 2cf46a7b-a598-41ec-9b17-460ca41f776c
content-encoding: gzip
content-length: 24478
content-security-policy: style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com https://piletfeed-cdn.sharefile.io; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-m3fWDgTWm0BlFJ+rWZlmBg==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 15:05:34 GMT
expires: 0
pragma: no-cache
referrer-policy: same-origin
strict-transport-security: max-age=16000000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 spinner.css
roberthhallpllc.sharefile.com/css/ 1 KB
1 KB 121ms
120ms Stylesheet
text/css 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/css/spinner.css

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Mon, 26 Jun 2023 23:59:52 GMT
etag: "0c1c4c8aa8d91:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 425
x-xss-protection: 1; mode=block

POST
H2 200 cspviolation
roberthhallpllc.sharefile.com/api/ 0
1005 B 123ms
122ms Other
text/plain 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/api/cspviolation

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

citrix-transactionid: 8adecf18-7f50-46db-8ca3-2644e678f12d
pragma: no-cache
date: Fri, 30 Jun 2023 15:05:34 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: same-origin
cache-control: private,no-cache, no-store, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 index.bd39f134f308ae6f13d4.js Show response
roberthhallpllc.sharefile.com/bundles/ 3 MB
716 KB 122ms
122ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/index.bd39f134f308ae6f13d4.js

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

08a331f8c8d378b32ba440547301b0f2ee6081a6e131fd74623f4ddabaf243f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 731345
x-xss-protection: 1; mode=block

GET
H2 200 spinner.svg
roberthhallpllc.sharefile.com/css/ 1 KB
2 KB 343ms
342ms Image
image/svg+xml 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roberthhallpllc.sharefile.com/css/spinner.svg

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/css/spinner.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roberthhallpllc.sharefile.com/css/spinner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:34 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Mon, 26 Jun 2023 23:59:52 GMT
etag: "0c1c4c8aa8d91:0"
content-type: image/svg+xml
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1093
x-xss-protection: 1; mode=block

OPTIONS
H2 200 5f33f5d44f29ea099db90d2a
app.launchdarkly.com/sdk/goals/ Frame 0
0 110ms
29ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://roberthhallpllc.sharefile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Fri, 30 Jun 2023 15:05:35 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230080-FRA
x-timer: S1688137535.353622,VS0,VE1

GET
H2 200 5f33f5d44f29ea099db90d2a Show response
app.launchdarkly.com/sdk/goals/ 2 B
176 B 29ms
29ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5f33f5d44f29ea099db90d2a

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Fri, 30 Jun 2023 15:05:35 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-fra-eddf8230080-FRA
x-timer: S1688137535.383260,VS0,VE1
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

GET
H2 200 Branding Show response
roberthhallpllc.sf-api.com/sf/v3/Accounts/ 3 KB
4 KB 188ms
161ms XHR
application/json 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sf-api.com/sf/v3/Accounts/Branding

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

8d9550dd41e38548739b235ff85f716a2d1ce46c4545c7141724aedc785fd84a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

citrix-transactionid: 6165dc06-cc31-45e5-ac44-59eeb2053eac
correlationid: 4r99cLkz00KJWfc1JjrurA
date: Fri, 30 Jun 2023 15:05:35 GMT
x-content-type-options: nosniff
x-sfapi-appcode: _None
x-sfapi-accountid: a2b32688-56da-43e4-8aaa-0d19b1b7cbbc
content-length: 2795
x-xss-protection: 1; mode=block
vary: Origin
x-frame-options: DENY
content-language: de
access-control-allow-origin: https://roberthhallpllc.sharefile.com
x-sfapi-requestid: tq0i-uP7KkyDnFvnLDJNwg
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: Thu, 29 Jun 2023 15:05:35 GMT

GET
H2 200 pendo.js Show response
citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 428 KB
142 KB 136ms
31ms Script
application/javascript 34.107.168.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by: Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.168.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.168.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 774f10a2102bd7c70ec8e0952ae3c5725c7d688cdfae9a0dcbb45c807b3a5207

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:00:37 GMT
content-encoding: gzip
age: 298
x-guploader-uploadid: ADPycdun8Ex9eUQWy2IDOj-MFlZBLjzgokY0S0VtCDdH-u7_kajtZYN5GrghDY_hNQ3DerPSD2vA0ZKLETt4egKwWNWFaKlEF8IN
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144697
last-modified: Thu, 29 Jun 2023 19:12:33 GMT
server: UploadServer
etag: "803cfd0255327b53f63193214ba94f12"
vary: Accept-Encoding
x-goog-generation: 1688065953666124
x-goog-hash: crc32c=fqkTEA==, md5=gDz9AlUye1P2MZMhS6lPEg==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 144697
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 30 Jun 2023 15:08:07 GMT

GET
H2 200 index.js Show response
piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-conversations-pilet/1.82.0/package/dist/ 651 KB
187 KB 227ms
147ms Script
application/x-javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-conversations-pilet/1.82.0/package/dist/index.js
Requested by: Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0b1b5c733cad7a85060a7836f3086af5ce3e867873e15ac0911a1954bee507d

Request headers

Referer
Origin: https://roberthhallpllc.sharefile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 07:26:52 GMT
content-encoding: gzip
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
last-modified: Fri, 02 Jun 2023 19:49:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 31048
x-amz-server-side-encryption: AES256
etag: W/"826c40e0fca60a61215468eb5648ffe4"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://roberthhallpllc.sharefile.com
x-amz-cf-id: XHdCRM6ibUVEy-_VrSFSZFinaios85-SOhjli8HBRyars0leHq4skA==

GET
H2 200 index.js Show response
piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-workflows-pilet/0.52.0/package/dist/ 2 MB
539 KB 113ms
33ms Script
application/x-javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-workflows-pilet/0.52.0/package/dist/index.js
Requested by: Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8727271876c18f02e55f75cbd99c53af380598db1c764a09c9db40d7ae34b30

Request headers

Referer
Origin: https://roberthhallpllc.sharefile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 21:27:25 GMT
content-encoding: br
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 21:27:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 63498
x-amz-server-side-encryption: AES256
etag: W/"4489eda19b2ad9230b4ffb497d59f486"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://roberthhallpllc.sharefile.com
x-amz-cf-id: DhjrUQq2RZ9npyxEGEN-NCk-84E6V9qOuee4WLITxc1YBFeeYz0Lpw==

GET
H2 200 index.js Show response
piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-projects-pilet/0.96.0/package/dist/ 2 MB
483 KB 228ms
148ms Script
application/x-javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-projects-pilet/0.96.0/package/dist/index.js
Requested by: Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40e94e5ce0aeab64aa4c10bf58e5f31dde687af3ed493ade95c0dbf9824d7e23

Request headers

Referer
Origin: https://roberthhallpllc.sharefile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 13:28:25 GMT
content-encoding: gzip
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 13:52:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 5842
x-amz-server-side-encryption: AES256
etag: W/"2423dd162b0000b194dc0fca0565af77"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://roberthhallpllc.sharefile.com
x-amz-cf-id: 09WpJwzyOcwYGXF3FR-ZofuFxIlVsw_DPsGDDN4UnwRWH8HvmcYOOA==

GET
H2 200 index.js Show response
piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-request-list-pilet/0.206.0/package/dist/ 456 KB
127 KB 251ms
172ms Script
application/x-javascript 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-request-list-pilet/0.206.0/package/dist/index.js
Requested by: Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56c6e1953f638db88d4636b56b945e439473bb466460eabc9ea99ccf39f895f5

Request headers

Referer
Origin: https://roberthhallpllc.sharefile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 18:34:02 GMT
content-encoding: gzip
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 18:17:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 74849
x-amz-server-side-encryption: AES256
etag: W/"ac657dc88b5145b55b63a59337120e24"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://roberthhallpllc.sharefile.com
x-amz-cf-id: krL8rleXPQ0ZEhCSec-Yb-MFOCM96z31O9XVrqbmt3HER9bJKMXn5Q==

GET
H2 200 main.css
piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-projects-pilet/0.96.0/package/dist/ 0
363 B 87ms
28ms Stylesheet
text/css 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-projects-pilet/0.96.0/package/dist/main.css
Requested by: Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 21:21:01 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 13:52:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 63876
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 0
x-amz-cf-id: EWl4-6ofWQwa6TQTybhqSXKXMkqlSeu8auZZlhZdDW7AOHaU_tcxBQ==

GET
H2 200 main.css
piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-request-list-pilet/0.206.0/package/dist/ 0
362 B 29ms
29ms Stylesheet
text/css 13.224.189.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-request-list-pilet/0.206.0/package/dist/main.css
Requested by: Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 21:21:00 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 18:17:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 63892
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 0
x-amz-cf-id: JF5wknCJRBTbWesiQTQjQEkLNJ1egAtYCJ-PlgRoZgfOKGlkjH16VQ==

GET
H2 200 07a3960126a65ffe7f12.js Show response
roberthhallpllc.sharefile.com/bundles/ 38 KB
12 KB 128ms
128ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/07a3960126a65ffe7f12.js

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

f85a17dad6e2281eaa1be4114c0f36073d4f6f6cb614cb1ce5cb50271ce09a25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roberthhallpllc.sharefile.com/share/view/0be101d67364405a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 11623
x-xss-protection: 1; mode=block

GET
H2 200 c277265830659d47826d.js Show response
roberthhallpllc.sharefile.com/bundles/ 2 KB
2 KB 122ms
121ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/c277265830659d47826d.js

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

89185c59d33863a2a33293c987e5d64d57d8d44bea4febeb4b5c2a1ed0ef9bae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roberthhallpllc.sharefile.com/share/view/0be101d67364405a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1009
x-xss-protection: 1; mode=block

GET
H2 200 c7280dbc44d96f56bb64.js Show response
roberthhallpllc.sharefile.com/bundles/ 21 KB
9 KB 131ms
131ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/c7280dbc44d96f56bb64.js

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

e35c26f59dd61849e29d0201e6627624b53177114d76d83d47a80808291f433c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roberthhallpllc.sharefile.com/share/view/0be101d67364405a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 8082
x-xss-protection: 1; mode=block

OPTIONS
H2 204 Branding
roberthhallpllc.sf-api.com/sf/v3/Accounts/ Frame 0
0 359ms
120ms Preflight 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://roberthhallpllc.sf-api.com/sf/v3/Accounts/Branding
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: adbc6357b41625fc7.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Access-Control-Request-Method: GET
Origin: https://roberthhallpllc.sharefile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Accept,Accept-Language,Authorization,Origin,X-HTTP-Method-Override,X-SF-App,X-SFAPI-Tool,X-SFAPI-ToolVersion,X-SF-CaptchaUserToken,X-SF-ClientCapabilities,X-SF-LimitedAuthId,CorrelationId
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://roberthhallpllc.sharefile.com
access-control-max-age: 600
date: Fri, 30 Jun 2023 15:05:36 GMT
vary: Origin
x-sfapi-requestid: SJjCW5zhhkOds0odVdProA

GET
H2 200 Branding Show response
roberthhallpllc.sf-api.com/sf/v3/Accounts/ 3 KB
4 KB 261ms
260ms XHR
application/json 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sf-api.com/sf/v3/Accounts/Branding

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

8d9550dd41e38548739b235ff85f716a2d1ce46c4545c7141724aedc785fd84a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: kNct6XB2F2xB4WegGfGDzQ
Accept: application/json, text/plain, */*
Referer
X-SF-App: ShareFileWeb
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: aef5b5c1-522c-4de3-bd29-8fd9fc2deab4
correlationid: kNct6XB2F2xB4WegGfGDzQ
date: Fri, 30 Jun 2023 15:05:36 GMT
x-content-type-options: nosniff
x-sfapi-appcode: _None
x-sfapi-accountid: a2b32688-56da-43e4-8aaa-0d19b1b7cbbc
content-length: 2795
x-xss-protection: 1; mode=block
vary: Origin
x-frame-options: DENY
content-language: de
access-control-allow-origin: https://roberthhallpllc.sharefile.com
x-sfapi-requestid: e8WErydKjUaTyWwJDv5ZJw
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: Thu, 29 Jun 2023 15:05:36 GMT

OPTIONS
H2 204 5f33f5d44f29ea099db90d2a
events.launchdarkly.com/events/diagnostic/ Frame 0
0 392ms
126ms Preflight 3.215.101.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f33f5d44f29ea099db90d2a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.215.101.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-101-233.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://roberthhallpllc.sharefile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Fri, 30 Jun 2023 15:05:36 GMT
strict-transport-security: max-age=31536000

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
18 KB 98ms
28ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1216.min.js

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
via: 1.1 varnish
date: Fri, 30 Jun 2023 15:05:36 GMT
strict-transport-security: max-age=300
x-amz-request-id: REH8T4KBA37AVBJA
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: lpXxWpalT6LoQmVqBFSIBeVhKAPBnXFaf4q/AlcmbWjdWWYefitLc2xW45W+quIhO15/u43msoU=
x-served-by: cache-fra-eddf8230133-FRA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1688137537.502508,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1092

POST
H2 202 5f33f5d44f29ea099db90d2a Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 129ms
128ms XHR
application/json 3.215.101.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5f33f5d44f29ea099db90d2a

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.215.101.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-101-233.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Jun 2023 15:05:36 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H/1.1 200
OK fd14b65b5e Show response
bam.nr-data.net/1/ 56 B
617 B 301ms
223ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/fd14b65b5e?a=129227699&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=2695&ck=1&ref=https://roberthhallpllc.sharefile.com/share/view/0be101d67364405a&be=656&fe=2585&dc=1597&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1688137533834,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:24,%22c%22:24,%22s%22:141,%22ce%22:261,%22rq%22:261,%22rp%22:618,%22rpe%22:736,%22dl%22:627,%22di%22:1597,%22ds%22:1597,%22de%22:1597,%22dc%22:2585,%22l%22:2585,%22le%22:2587%7D,%22navigation%22:%7B%7D%7D&fp=763&fcp=1109&jsonp=NREUM.setToken
Requested by: Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 15:05:36 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 7df74ef3d834195e-FRA

OPTIONS
H2 200 context
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/ Frame 0
0 29ms
29ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/context

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Access-Control-Request-Method: REPORT
Origin: https://roberthhallpllc.sharefile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: REPORT, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: REPORT, OPTIONS
content-encoding: gzip
content-length: 23
date: Fri, 30 Jun 2023 15:05:37 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230080-FRA
x-timer: S1688137537.089452,VS0,VE1

GET
H2 200 ec76597628377ee38097.js Show response
roberthhallpllc.sharefile.com/bundles/ 14 KB
5 KB 121ms
121ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/ec76597628377ee38097.js

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

373962670e67294b023b3def4dc7433f0b945be3c5a7e6411e5262cab7a08c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roberthhallpllc.sharefile.com/share/view/0be101d67364405a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 4112
x-xss-protection: 1; mode=block

GET
H2 200 6afcc7fe0f8fdc8084b4.js Show response
roberthhallpllc.sharefile.com/bundles/ 85 KB
25 KB 123ms
123ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/6afcc7fe0f8fdc8084b4.js

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

1d1adb4d6c6787b8ed81984d66cf98a7442174f32337afea799581d81b90421d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roberthhallpllc.sharefile.com/share/view/0be101d67364405a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 24628
x-xss-protection: 1; mode=block

GET
H2 200 55b9e1d7afacabfdd225.js Show response
roberthhallpllc.sharefile.com/bundles/ 85 KB
19 KB 126ms
125ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/55b9e1d7afacabfdd225.js

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

e26c6d368e2629caf91b2f591c0f2b40cb9f270d8c1836138db6cfdf489aeb73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roberthhallpllc.sharefile.com/share/view/0be101d67364405a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 17920
x-xss-protection: 1; mode=block

GET
H2 200 b7a978bb8f310daa6d10.js Show response
roberthhallpllc.sharefile.com/bundles/ 34 KB
11 KB 132ms
132ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/b7a978bb8f310daa6d10.js

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

98b24c81559f2161f815dfc1a99ec21a1970945a4c906b9ec6b86018553b1e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roberthhallpllc.sharefile.com/share/view/0be101d67364405a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 10107
x-xss-protection: 1; mode=block

GET
H2 200 container Show response
auth.sharefile.io/healthcheck/ 0
61 B 429ms
131ms XHR
text/plain 107.20.191.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.sharefile.io/healthcheck/container
Requested by: Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.191.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-191-162.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 30 Jun 2023 15:05:37 GMT
content-length: 0

REPORT
H2 200 context Show response
app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/ 22 KB
4 KB 164ms
164ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5f33f5d44f29ea099db90d2a/context
Requested by: Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 29a929fcd69b401e135254b5abc87fc5dac32d1e838c71a79f5d85f5eefb6cee

Request headers

Referer
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Jun 2023 15:05:37 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 3447
x-served-by: cache-fra-eddf8230050-FRA, cache-fra-eddf8230080-FRA
x-timer: S1688137537.119446,VS0,VE135
etag: "4361dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, REPORT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

GET
H2 200 17fecb6c90c9c55d0a3a.svg
roberthhallpllc.sharefile.com/bundles/ 6 KB
7 KB 121ms
121ms Image
image/svg+xml 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roberthhallpllc.sharefile.com/bundles/17fecb6c90c9c55d0a3a.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

10e6685aed14fccff700b8d3d1d0642d75319f796c691a065ecd1fa08965bc6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roberthhallpllc.sharefile.com/share/view/0be101d67364405a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:37 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 5856
x-xss-protection: 1; mode=block

GET
H2 200 74b07336-7560-45fc-7cd1-95032a784d52
citrix-sharefile-data.customer.pendo.io/data/ptm.gif/ 42 B
251 B 462ms
270ms Image
image/gif 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://citrix-sharefile-data.customer.pendo.io/data/ptm.gif/74b07336-7560-45fc-7cd1-95032a784d52?v=2.191.0_prod&ct=1688137537086&jzb=eJzVUjtv2zAQ_i-cbYsU9fQW1EHRIUlRp-kjCISjeIpYUKJAUQ7swP89ZGIYXhq0g4dsongf73vdPxO3HZAsiZLYO9VsyYwIa55GtJVTnb9hWVEwnqc8p1k5Ixs1KmdspaQHVV8vr1c31W013Lnf-Gt9c7X74x-AujZT795mIBY89m_M00zCPOGYzAsAmFPJSsFEXgtRe8xktR9unRvGZRRZI9C6tgWtB63rxdiCxUZpXNSmi15P0UbhU0QFMspklvMsSWgK_qXBmmEky2ditKz-hW6YO6XcT1qfS-je8_Pke3cL4stxl3s7kHG7211dXvMVlK3rmm9-RWOhw9fLn58vftSyL-Od_pSs9V1IauvQS02SdD87JtmhCzb8NcWcfagUD1TD53tsNfSPEzwGA7Cvvq-D0wcFAQrDsDIdqD64fErDQ_9HYIPgJhtMvyeGZyl5OCZ6cdzmf0lwgQqnEc2imMbcYzdoR2UCg3jBSraglRcpz1OJlBUnldAG5LuV4B-qEkHOQUScFr77ZzCQ02L_8ALrBKIT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:37 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 42

GET
H2 200 74b07336-7560-45fc-7cd1-95032a784d52 Show response
citrix-sharefile-data.customer.pendo.io/data/guide.json/ 11 KB
5 KB 418ms
228ms XHR
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://citrix-sharefile-data.customer.pendo.io/data/guide.json/74b07336-7560-45fc-7cd1-95032a784d52?id=4&jzb=eJyNj81O8zAQRd_FaxLbceK22SGVBQsoUgGJD6FobE8bIze2HKdIoL57nS4qsfnEzj_33DnzQ452tMnHe0Na0j3dPa433XMXXtM_fNtuHr4_yQ0Brf00pEsEKiUquVwWjTRQ1ALrYgkABTN8pbhaaKV0RqbocrhPKYwtpdErjKnvwbngnC7HHiLurMNS-wO93OjR4hdlCjnjRi6ErGvWQG46YAIDCUh7dZ2P9j--Dob9BHvMCRy6ly05XXeYUQhh7Q9gh_z_yySjl9o_7rhDSFPEkbTvxAvZkI88J-S-Id1ep-WnbD-rCEaZpBWrRGaPGEfrZ4Oq5Ctesi5Eb8jpdAYy036V&v=2.191.0_prod&ct=1688137537089

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

95f8f61e392e80bb58738c6b9b2c7ce2316ce5be1dae06acbd783f57994e8269

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
access-control-max-age: 600
vary: Accept-Encoding
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/json
access-control-allow-credentials: false
access-control-allow-headers: *

GET
H2 200 74b07336-7560-45fc-7cd1-95032a784d52 Show response
citrix-sharefile-data.customer.pendo.io/data/guide.gif/ 42 B
251 B 360ms
171ms XHR
image/gif 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://citrix-sharefile-data.customer.pendo.io/data/guide.gif/74b07336-7560-45fc-7cd1-95032a784d52?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1688137537090&v=2.191.0_prod

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:37 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 42

OPTIONS
H2 204 Shares(0be101d67364405a)
roberthhallpllc.sf-api.com/sf/v3/ Frame 0
0 123ms
121ms Preflight 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://roberthhallpllc.sf-api.com/sf/v3/Shares(0be101d67364405a)?%24expand=Items%2CItems%2FBundle%2CUser%2CUser%2FPreferences%2CCreator%2CCreator%2FAccount&includeExpired=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: adbc6357b41625fc7.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Access-Control-Request-Method: GET
Origin: https://roberthhallpllc.sharefile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Accept,Accept-Language,Authorization,Origin,X-HTTP-Method-Override,X-SF-App,X-SFAPI-Tool,X-SFAPI-ToolVersion,X-SF-CaptchaUserToken,X-SF-ClientCapabilities,X-SF-LimitedAuthId,CorrelationId
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://roberthhallpllc.sharefile.com
access-control-max-age: 600
date: Fri, 30 Jun 2023 15:05:37 GMT
vary: Origin
x-sfapi-requestid: 5B_wZVrNjkyphNPVsmXqjg

GET
H2 200 Shares(0be101d67364405a) Show response
roberthhallpllc.sf-api.com/sf/v3/ 5 KB
6 KB 187ms
186ms XHR
application/json 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sf-api.com/sf/v3/Shares(0be101d67364405a)?%24expand=Items%2CItems%2FBundle%2CUser%2CUser%2FPreferences%2CCreator%2CCreator%2FAccount&includeExpired=false

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

7b916e77c15656bc7844ab428f4dcec92b50ed4148c4d16dc93a8fae1f8d17e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: dPakf06cXtuGyVrD-2Oclg
Accept: application/json, text/plain, */*
Referer
X-SF-App: ShareFileWeb
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: 276df14f-4352-483e-bf22-9f0098b44f31
correlationid: dPakf06cXtuGyVrD-2Oclg
date: Fri, 30 Jun 2023 15:05:37 GMT
x-content-type-options: nosniff
x-sfapi-appcode: _None
x-sfapi-accountid: a2b32688-56da-43e4-8aaa-0d19b1b7cbbc
content-length: 5376
x-xss-protection: 1; mode=block
vary: Origin
x-frame-options: DENY
content-language: de
access-control-allow-origin: https://roberthhallpllc.sharefile.com
x-sfapi-requestid: T0acaMGceUuZzlcxh8ebZA
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: Thu, 29 Jun 2023 15:05:37 GMT

POST
H2 401 sharefileiostatus Show response
roberthhallpllc.sharefile.com/api/app/ 0
1012 B 173ms
172ms XHR
text/plain 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/api/app/sharefileiostatus

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

tracestate: 3347059@nr=0-1-294030-30142649-ebfb18ffa2fd9961----1688137537512
traceparent: 00-31818ae0dd08f02c49838ee692c4c752-ebfb18ffa2fd9961-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Authorization: Bearer null
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5NDAzMCIsImFwIjoiMzAxNDI2NDkiLCJpZCI6ImViZmIxOGZmYTJmZDk5NjEiLCJ0ciI6IjMxODE4YWUwZGQwOGYwMmM0OTgzOGVlNjkyYzRjNzUyIiwidGkiOjE2ODgxMzc1Mzc1MTIsInRrIjoiMzM0NzA1OSJ9fQ==
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://roberthhallpllc.sharefile.com/share/view/0be101d67364405a
X-Requested-With: XMLHttpRequest

Response headers

citrix-transactionid: 7de5a804-e13f-4903-bde5-fa0d4a6486e7
pragma: no-cache
date: Fri, 30 Jun 2023 15:05:37 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: same-origin
cache-control: private,no-cache, no-store, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 guide.-323232.1622565221517.css
citrix-sharefile-content.customer.pendo.io/ 13 KB
14 KB 34ms
31ms Stylesheet
text/css 34.107.168.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://citrix-sharefile-content.customer.pendo.io/guide.-323232.1622565221517.css
Requested by: Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.168.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.168.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4b3a8a6f91f2f2b51fb6ab816435bd3e3b0c6622d005ba080333f49444083c85

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 14:19:07 GMT
age: 2790
x-guploader-uploadid: ADPycdssiTe8odZpe0FnHcOYKiFhsRsQGuuLNfn1Ze4BgLU4sy1AqnDekChm86LGcyC0xOLyr2syqwVUPW0jJTG4nWVtsw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13593
last-modified: Tue, 01 Jun 2021 16:33:44 GMT
server: UploadServer
etag: "79e997ca126b2522cdb04fe90df21752"
x-goog-generation: 1622565224555518
x-goog-hash: crc32c=74UJIg==, md5=eemXyhJrJSLNsE/pDfIXUg==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 13593
accept-ranges: bytes
content-type: text/css
expires: Fri, 30 Jun 2023 15:19:07 GMT

OPTIONS
H2 204 ContentViewer
roberthhallpllc.sf-api.com/sf/v3/Items/ Frame 0
0 121ms
120ms Preflight 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://roberthhallpllc.sf-api.com/sf/v3/Items/ContentViewer
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: adbc6357b41625fc7.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,correlationid,x-sf-app,x-sf-clientcapabilities
Access-Control-Request-Method: POST
Origin: https://roberthhallpllc.sharefile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Accept,Accept-Language,Authorization,Origin,X-HTTP-Method-Override,X-SF-App,X-SFAPI-Tool,X-SFAPI-ToolVersion,X-SF-CaptchaUserToken,X-SF-ClientCapabilities,X-SF-LimitedAuthId,CorrelationId
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://roberthhallpllc.sharefile.com
access-control-max-age: 600
date: Fri, 30 Jun 2023 15:05:37 GMT
vary: Origin
x-sfapi-requestid: F4U_BzS0z0SFcIl6nmrL4Q

GET
H2 200 4ba4759c3e98938156d7.woff2
roberthhallpllc.sharefile.com/bundles/ 32 KB
33 KB 125ms
123ms Font
application/font-woff2 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/4ba4759c3e98938156d7.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

cbe1f708107d44b5a5c9bc9486fcda5f7c091a261dc725a24697687f878bf150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Origin: https://roberthhallpllc.sharefile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:37 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 32608
x-xss-protection: 1; mode=block

GET
H2 200 e86d2642f412b9493b14.woff2
roberthhallpllc.sharefile.com/bundles/ 32 KB
33 KB 122ms
121ms Font
application/font-woff2 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/e86d2642f412b9493b14.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

bea988eeadc7c0ddf9644c2dce7efb35f1767eac0187c0967f8a2567473cbbfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Origin: https://roberthhallpllc.sharefile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:37 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 32548
x-xss-protection: 1; mode=block

GET
H2 200 f6ebd504e3b19c186177.woff2
roberthhallpllc.sharefile.com/bundles/ 32 KB
33 KB 123ms
122ms Font
application/font-woff2 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/f6ebd504e3b19c186177.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

eb2423d9ac27b2c8974304b1bcdfc5031a84f3d5f22b31cb888127967c6bd906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Origin: https://roberthhallpllc.sharefile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:37 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 32688
x-xss-protection: 1; mode=block

POST
H2 200 ContentViewer Show response
roberthhallpllc.sf-api.com/sf/v3/Items/ 1 KB
2 KB 161ms
161ms XHR
application/json 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sf-api.com/sf/v3/Items/ContentViewer

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

13244b7553e3737818dcd5acb88c56d35c5b99b7624f69442ed79d99a3b02192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: Tpdyy0BLyHfgBlmJ-NMCTw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer
X-SF-App: ShareFileWeb

Response headers

citrix-transactionid: 045cbec4-998e-4a76-9ab0-99717f36f056
correlationid: Tpdyy0BLyHfgBlmJ-NMCTw
date: Fri, 30 Jun 2023 15:05:37 GMT
x-content-type-options: nosniff
x-sfapi-appcode: _None
x-sfapi-accountid: a2b32688-56da-43e4-8aaa-0d19b1b7cbbc
content-length: 1114
x-xss-protection: 1; mode=block
vary: Origin
x-frame-options: DENY
content-language: de
access-control-allow-origin: https://roberthhallpllc.sharefile.com
x-sfapi-requestid: Zz-gKOwqAESnxKMe7F-Ppw
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: Thu, 29 Jun 2023 15:05:37 GMT

OPTIONS
H2 204 Items(fi9bc5ff-b476-7bf6-85e6-23b301206279)
roberthhallpllc.sf-api.com/sf/v3/Shares(0be101d67364405a)/ Frame 0
0 127ms
119ms Preflight 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://roberthhallpllc.sf-api.com/sf/v3/Shares(0be101d67364405a)/Items(fi9bc5ff-b476-7bf6-85e6-23b301206279)?canCreateRootFolder=false&fileBox=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: adbc6357b41625fc7.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Access-Control-Request-Method: GET
Origin: https://roberthhallpllc.sharefile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Accept,Accept-Language,Authorization,Origin,X-HTTP-Method-Override,X-SF-App,X-SFAPI-Tool,X-SFAPI-ToolVersion,X-SF-CaptchaUserToken,X-SF-ClientCapabilities,X-SF-LimitedAuthId,CorrelationId
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://roberthhallpllc.sharefile.com
access-control-max-age: 600
date: Fri, 30 Jun 2023 15:05:37 GMT
vary: Origin
x-sfapi-requestid: yEqN3Hzkv0GMc6lOgi9f0w

OPTIONS
H2 204 Capabilities
roberthhallpllc.sf-api.com/sf/v3/ Frame 0
0 123ms
120ms Preflight 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://roberthhallpllc.sf-api.com/sf/v3/Capabilities
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: adbc6357b41625fc7.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Access-Control-Request-Method: GET
Origin: https://roberthhallpllc.sharefile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Accept,Accept-Language,Authorization,Origin,X-HTTP-Method-Override,X-SF-App,X-SFAPI-Tool,X-SFAPI-ToolVersion,X-SF-CaptchaUserToken,X-SF-ClientCapabilities,X-SF-LimitedAuthId,CorrelationId
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://roberthhallpllc.sharefile.com
access-control-max-age: 600
date: Fri, 30 Jun 2023 15:05:37 GMT
vary: Origin
x-sfapi-requestid: maauEgBU00KmXsOYHehvWQ

OPTIONS
H2 204 Shares(0be101d67364405a)
roberthhallpllc.sf-api.com/sf/v3/ Frame 0
0 121ms
119ms Preflight 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://roberthhallpllc.sf-api.com/sf/v3/Shares(0be101d67364405a)?%24expand=Items&includeExpired=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: adbc6357b41625fc7.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Access-Control-Request-Method: GET
Origin: https://roberthhallpllc.sharefile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Accept,Accept-Language,Authorization,Origin,X-HTTP-Method-Override,X-SF-App,X-SFAPI-Tool,X-SFAPI-ToolVersion,X-SF-CaptchaUserToken,X-SF-ClientCapabilities,X-SF-LimitedAuthId,CorrelationId
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://roberthhallpllc.sharefile.com
access-control-max-age: 600
date: Fri, 30 Jun 2023 15:05:37 GMT
vary: Origin
x-sfapi-requestid: WVBWlGdJ7k6TsIhKLeAoaA

GET
H2 200 3e445e518e4fbbd916d4.js Show response
roberthhallpllc.sharefile.com/bundles/ 14 KB
6 KB 129ms
119ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/3e445e518e4fbbd916d4.js

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

c9e0ba3804340669d62476019f3456e2eeb1d6e6cec548cf9bcc091680113dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roberthhallpllc.sharefile.com/share/view/0be101d67364405a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 4974
x-xss-protection: 1; mode=block

GET
H2 200 Items(fi9bc5ff-b476-7bf6-85e6-23b301206279) Show response
roberthhallpllc.sf-api.com/sf/v3/Shares(0be101d67364405a)/ 1 KB
3 KB 178ms
176ms XHR
application/json 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sf-api.com/sf/v3/Shares(0be101d67364405a)/Items(fi9bc5ff-b476-7bf6-85e6-23b301206279)?canCreateRootFolder=false&fileBox=false

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

357d2d5cdfbd9f531fe9993cd04060d499505409a64e76e3cd5e57362469a7d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: hygg5frAc6MohI42fFzeGA
Accept: application/json, text/plain, */*
Referer
X-SF-App: ShareFileWeb
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: 3aa31d84-1d40-46ce-9d0c-9d073a1c30de
correlationid: hygg5frAc6MohI42fFzeGA
date: Fri, 30 Jun 2023 15:05:38 GMT
x-content-type-options: nosniff
x-sfapi-appcode: _None
x-sfapi-accountid: a2b32688-56da-43e4-8aaa-0d19b1b7cbbc
content-length: 1435
x-xss-protection: 1; mode=block
vary: Origin
x-frame-options: DENY
content-language: de
access-control-allow-origin: https://roberthhallpllc.sharefile.com
x-sfapi-requestid: zXKH0gU9sEO9Yy6hLMMdOw
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: Thu, 29 Jun 2023 15:05:38 GMT

GET
H2 200 Capabilities Show response
roberthhallpllc.sf-api.com/sf/v3/ 6 KB
7 KB 123ms
122ms XHR
application/json 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sf-api.com/sf/v3/Capabilities

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

4e8289d098badd8279b55110317d4ab9cafdbfe938e6232302bad9c137aac022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: biXK-26l9B4n5WC8X0DFnA
Accept: application/json, text/plain, */*
Referer
X-SF-App: ShareFileWeb
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: 59d5d386-3b29-42d0-b728-bf30cd3984ea
correlationid: biXK-26l9B4n5WC8X0DFnA
date: Fri, 30 Jun 2023 15:05:38 GMT
x-content-type-options: nosniff
x-sfapi-appcode: _None
x-sfapi-accountid: a2b32688-56da-43e4-8aaa-0d19b1b7cbbc
content-length: 5709
x-xss-protection: 1; mode=block
vary: Origin
x-frame-options: DENY
content-language: de
access-control-allow-origin: https://roberthhallpllc.sharefile.com
x-sfapi-requestid: 8PIyCnKFukG17L0OsYJoeg
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: Thu, 29 Jun 2023 15:05:38 GMT

GET
H2 200 Shares(0be101d67364405a) Show response
roberthhallpllc.sf-api.com/sf/v3/ 3 KB
4 KB 170ms
169ms XHR
application/json 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sf-api.com/sf/v3/Shares(0be101d67364405a)?%24expand=Items&includeExpired=false

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

8d169dddc2520727c80ce142f0b67b885c67a520023bef81c01509928ab2a560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: mFkOI1bm4ouZrp2LlF5t-Q
Accept: application/json, text/plain, */*
Referer
X-SF-App: ShareFileWeb
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: e2ac90d8-07cc-4729-91ff-798c2fd80959
correlationid: mFkOI1bm4ouZrp2LlF5t-Q
date: Fri, 30 Jun 2023 15:05:38 GMT
x-content-type-options: nosniff
x-sfapi-appcode: _None
x-sfapi-accountid: a2b32688-56da-43e4-8aaa-0d19b1b7cbbc
content-length: 2599
x-xss-protection: 1; mode=block
vary: Origin
x-frame-options: DENY
content-language: de
access-control-allow-origin: https://roberthhallpllc.sharefile.com
x-sfapi-requestid: 47gH1f7GtUenCALvNmGnJg
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: Thu, 29 Jun 2023 15:05:38 GMT

POST
H2 200 launchrequest Show response
sf-cv.sharefile.com/service/contentviewer/ 309 B
1 KB 122ms
122ms XHR
text/plain 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sf-cv.sharefile.com/service/contentviewer/launchrequest

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

c3ed5ae7f2959d059f742c484494e0792f01d52581d3ddd9fd317c56bc360850

Security Headers

Name	Value
Content-Security-Policy	default-src https:; child-src https: blob:; frame-src https: blob:; font-src 'self' data: https:; frame-ancestors 'none'; img-src https: data: blob: https://pendo-static-5352587489443840.storage.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'nonce-qDGTOlNQdCwhb6qTwZ0PWw==' https://www.google-analytics.com https://cdn.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' https://cdn.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com; report-uri https://sf-cv.sharefile.com/cspviolation; upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

citrix-transactionid: cce7482d-41a1-4248-a0d0-3210026c370f
date: Fri, 30 Jun 2023 15:05:38 GMT
content-security-policy: default-src https:; child-src https: blob:; frame-src https: blob:; font-src 'self' data: https:; frame-ancestors 'none'; img-src https: data: blob: https://pendo-static-5352587489443840.storage.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'nonce-qDGTOlNQdCwhb6qTwZ0PWw==' https://www.google-analytics.com https://cdn.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' https://cdn.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com; report-uri https://sf-cv.sharefile.com/cspviolation; upgrade-insecure-requests;
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
requestid: 0HMR2BTK3QU5R:00000004
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: https://roberthhallpllc.sharefile.com
x-sfapi-requestid: 0HMR2BTK3QU5R:00000004
access-control-expose-headers: Content-Length,Accept-Ranges,Content-Type
access-control-allow-credentials: true
content-language: en
content-length: 309
x-xss-protection: 1; mode=block

OPTIONS
H2 204 launchrequest
sf-cv.sharefile.com/service/contentviewer/ Frame 0
0 149ms
120ms Preflight 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sf-cv.sharefile.com/service/contentviewer/launchrequest
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: adbc6357b41625fc7.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://roberthhallpllc.sharefile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-HTTP-Method-Override,X-SF-App,Authorization,X-SF-ClientCapabilities,X-SF-LimitedAuthId,X-SF-CaptchaUserToken,X-SF-Subdomain
access-control-allow-methods: GET,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://roberthhallpllc.sharefile.com
access-control-max-age: 600
citrix-transactionid: db12d168-5682-459c-8a6f-b8ab4cc561a5
content-language: en
date: Fri, 30 Jun 2023 15:05:38 GMT
requestid: 0HMR2BTK3QS4B:00000004
x-sfapi-requestid: 0HMR2BTK3QS4B:00000004

POST
H/1.1 200
OK fd14b65b5e Show response
bam.nr-data.net/events/1/ 24 B
417 B 166ms
166ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/fd14b65b5e?a=129227699&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=4232&ck=1&ref=https://roberthhallpllc.sharefile.com/share/view/0be101d67364405a
Requested by: Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 30 Jun 2023 15:05:38 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://roberthhallpllc.sharefile.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7df74efcfb10195e-FRA
Content-Length: 24

GET
H2 200 47f11ada74e932284a22.js Show response
roberthhallpllc.sharefile.com/bundles/ 13 KB
6 KB 121ms
120ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/47f11ada74e932284a22.js

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

2df60fde322e9015bb8ec98106199fc80e4aea25360156917b45055cdc0371c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roberthhallpllc.sharefile.com/share/view/0be101d67364405a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 4645
x-xss-protection: 1; mode=block

GET
H2 200 30984b9ede9c18856e94.js Show response
roberthhallpllc.sharefile.com/bundles/ 17 KB
6 KB 123ms
121ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/30984b9ede9c18856e94.js

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

6f58e6669581ce164b8826ab164cb989cd40b31758da173a26e9d81bc3b2d5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roberthhallpllc.sharefile.com/share/view/0be101d67364405a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 5487
x-xss-protection: 1; mode=block

GET
H2 200 231a565334c7688724dc.js Show response
roberthhallpllc.sharefile.com/bundles/ 11 KB
5 KB 123ms
122ms Script
application/javascript 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/231a565334c7688724dc.js

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

fa10c354017234c7b6f46173ebc5f6f7f9407a47f4984686d8b337a8c82d3a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roberthhallpllc.sharefile.com/share/view/0be101d67364405a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 4072
x-xss-protection: 1; mode=block

OPTIONS
H2 204 ProtocolLinks(Web)
roberthhallpllc.sf-api.com/sf/v3/Shares(0be101d67364405a)/Items(st9ad60e-fead-48fe-9144-a1edcdb18fc4)/ Frame 0
0 121ms
120ms Preflight 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://roberthhallpllc.sf-api.com/sf/v3/Shares(0be101d67364405a)/Items(st9ad60e-fead-48fe-9144-a1edcdb18fc4)/ProtocolLinks(Web)?action=View
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: adbc6357b41625fc7.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: correlationid,x-sf-app,x-sf-clientcapabilities
Access-Control-Request-Method: GET
Origin: https://roberthhallpllc.sharefile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Accept,Accept-Language,Authorization,Origin,X-HTTP-Method-Override,X-SF-App,X-SFAPI-Tool,X-SFAPI-ToolVersion,X-SF-CaptchaUserToken,X-SF-ClientCapabilities,X-SF-LimitedAuthId,CorrelationId
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://roberthhallpllc.sharefile.com
access-control-max-age: 600
date: Fri, 30 Jun 2023 15:05:38 GMT
vary: Origin
x-sfapi-requestid: 9zIG-wW06UmiQhiEKRch1w

GET
H2 200 ProtocolLinks(Web) Show response
roberthhallpllc.sf-api.com/sf/v3/Shares(0be101d67364405a)/Items(st9ad60e-fead-48fe-9144-a1edcdb18fc4)/ 4 KB
5 KB 570ms
569ms XHR
application/json 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sf-api.com/sf/v3/Shares(0be101d67364405a)/Items(st9ad60e-fead-48fe-9144-a1edcdb18fc4)/ProtocolLinks(Web)?action=View

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

2692ac2cd4647825128f07f1b7918ba156441c26566fc6032bcf00ea98293b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

CorrelationId: aKbIkMKOLmCcIkC1tvnvpQ
Accept: application/json, text/plain, */*
Referer
X-SF-App: ShareFileWeb
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSO

Response headers

citrix-transactionid: 5b5ca393-3aa0-4cd6-9433-b788d25ce9ef
correlationid: aKbIkMKOLmCcIkC1tvnvpQ
date: Fri, 30 Jun 2023 15:05:39 GMT
x-content-type-options: nosniff
x-sfapi-appcode: _None
x-sfapi-accountid: a2b32688-56da-43e4-8aaa-0d19b1b7cbbc
content-length: 3961
x-xss-protection: 1; mode=block
vary: Origin
x-frame-options: DENY
content-language: de
access-control-allow-origin: https://roberthhallpllc.sharefile.com
x-sfapi-requestid: 4a8mjeX6NkC1XrQNXKa05Q
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-sfapi-oauthclientid
x-robots-tag: noindex
expires: Thu, 29 Jun 2023 15:05:38 GMT

GET
H2 200 1cb825ff043ef7521574.woff2
roberthhallpllc.sharefile.com/bundles/ 32 KB
33 KB 120ms
120ms Font
application/font-woff2 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://roberthhallpllc.sharefile.com/bundles/1cb825ff043ef7521574.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

44077e6ceb62b989c9ef0d4659d5b6a261c31fdec49e317e8833a9fb9550e02c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Origin: https://roberthhallpllc.sharefile.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 15:05:38 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Tue, 27 Jun 2023 00:03:26 GMT
etag: "0dba9cb8aa8d91:0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 32588
x-xss-protection: 1; mode=block

OPTIONS
H2 204 5f33f5d44f29ea099db90d2a
events.launchdarkly.com/events/bulk/ Frame 0
0 127ms
127ms Preflight 3.215.101.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5f33f5d44f29ea099db90d2a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.215.101.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-101-233.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://roberthhallpllc.sharefile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Fri, 30 Jun 2023 15:05:38 GMT
strict-transport-security: max-age=31536000

POST
H2 202 5f33f5d44f29ea099db90d2a Show response
events.launchdarkly.com/events/bulk/ 0
344 B 253ms
253ms XHR
application/json 3.215.101.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5f33f5d44f29ea099db90d2a

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.215.101.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-101-233.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
X-LaunchDarkly-Payload-ID: 92a36740-1757-11ee-b470-df35d51ba35d
X-LaunchDarkly-Event-Schema: 4
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Jun 2023 15:05:38 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H/1.1 200
OK / Show response
api.ipify.org/ 23 B
223 B 364ms
113ms XHR
application/json 64.185.227.156
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.185.227.156 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-227-156.static.webnx.com
Software: nginx/1.25.1 /
Resource Hash: f20f8871aef226d39804ecc0793331f9336b3e27667058c4e7ba2a1704585e91

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Jun 2023 15:05:39 GMT
Server: nginx/1.25.1
Connection: keep-alive
Content-Length: 23
Vary: Origin
Content-Type: application/json

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame C536 105 KB
107 KB 165ms
58ms Document
text/html 2603:1063:2000::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sf-wopi2-sharefile-useast.sharefile.com/service/wopi2/files/fi9bc5ff-b476-7bf6-85e6-23b301206279&IsLicensedUser=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6aef712aada658052be6bcf9a864398b1ceb6b8eea5d0bc60cf625e8c2b0c9c7

Security Headers

Name	Value
Content-Security-Policy	font-src data: 'self' c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net .azureedge.net fs.microsoft.com .cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com .cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com .cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: 'self' c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Fri, 30 Jun 2023 15:05:38 GMT
document-policy: js-profiling
expires: -1
origin-trial: AtAgCmjF9NSDe7WG5+zXddNhpryHIhWvHG5BxTAcMRn1V9oswBhX2RSXHeDxLcwXMB/NYHr3BAXOBJJY1ita2BAAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNzAzOTgwODAwfQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
server-timing: prerender;dur=0,render;dur=0,total;dur=0
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: 598b9dd4-d205-4e28-b641-103f84db908b
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 6DF2357E08DB451BAD5C02245772C35A Ref B: FRA231050411047 Ref C: 2023-06-30T15:05:39Z
x-officecluster: PNL1
x-officefd: AM4PEPF000131EE
x-officefe: AM4PEPF000131EE
x-officeversion: 16.0.16627.41001
x-usersessionid: 598b9dd4-d205-4e28-b641-103f84db908b

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/hBEC3828C907F157E_resources/1031/ Frame C536 273 KB
34 KB 155ms
42ms Stylesheet
text/css 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hBEC3828C907F157E_resources/1031/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sf-wopi2-sharefile-useast.sharefile.com/service/wopi2/files/fi9bc5ff-b476-7bf6-85e6-23b301206279&IsLicensedUser=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bec3828c907f157e92740de53428d53a1bbe0a7dfbce05b52dd6c43150aa46d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:41 GMT
x-officeversion: 16.0.16616.41003
x-officefe: AM4PEPF00006A2D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 34025
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 26 Jun 2023 03:34:33 GMT
x-correlationid: 0a3da357-05eb-4dbf-8834-cfef52fc9577
x-usersessionid: 0a3da357-05eb-4dbf-8834-cfef52fc9577
x-msedge-ref: Ref A: C94A9189486244F99B408A500633FC16 Ref B: FRA231050412053 Ref C: 2023-06-26T11:48:28Z
x-officecluster: PNL1
etag: "a678811fdfa7d91:0"
x-officefd: AM4PEPF00006A2D
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clientManifest.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h1379B7CA3331580E_resources/de-DE/ Frame C536 209 KB
56 KB 147ms
34ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h1379B7CA3331580E_resources/de-DE/clientManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1379b7ca3331580e6034fdd9a9ba25596bc787b2b6d717d9f58fdd48c956fb5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:41 GMT
x-officeversion: 16.0.16623.41000
x-officefe: DB5PEPF00011A9E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 56477
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 28 Jun 2023 12:39:06 GMT
x-correlationid: c38d4b43-c2f3-45c8-995b-b49ac7c7801a
x-usersessionid: c38d4b43-c2f3-45c8-995b-b49ac7c7801a
x-msedge-ref: Ref A: CE2AB3865DF04F3099325B0F0F1E8BDA Ref B: FRA231050415021 Ref C: 2023-06-28T12:39:06Z
x-officecluster: PIE1
etag: W/"1de45c87bda9d91:0"
x-officefd: DB5PEPF00011A9E
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h60A82C06E357C29F_App_Scripts/ Frame C536 123 KB
28 KB 120ms
34ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h60A82C06E357C29F_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

60a82c06e357c29f34b99def3ed8d8eaae74ca8f44892ca214f1e38c1986363b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:41 GMT
x-officeversion: 16.0.16616.41003
x-officefe: GVX0EPF00008A5D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27797
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 21 Jun 2023 06:05:30 GMT
x-correlationid: 96d8738e-3e6d-4da7-bbc0-fc42a651918c
x-usersessionid: 96d8738e-3e6d-4da7-bbc0-fc42a651918c
x-msedge-ref: Ref A: DB7FD4F3AE3240258A5516541A1D7195 Ref B: FRA231050412049 Ref C: 2023-06-23T15:24:26Z
x-officecluster: PSE1
etag: "22bec2616a4d91:0"
x-officefd: GVX0EPF00008A5D
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h8D075F871C971FBD_App_Scripts/1031/ Frame C536 193 KB
38 KB 119ms
33ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h8D075F871C971FBD_App_Scripts/1031/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bf2cb31cad42fa08aad682a971c8fe48828b8864fb3fcf3821a73a9754ab591b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:41 GMT
x-officeversion: 16.0.16622.41002
x-officefe: GVX0EPF00008A4B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 38468
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 27 Jun 2023 20:15:09 GMT
x-correlationid: 4df44b9f-7086-4490-9f67-d056b9d2f29a
x-usersessionid: 4df44b9f-7086-4490-9f67-d056b9d2f29a
x-msedge-ref: Ref A: 37F27A5D81064BC7B1D6D89692D7BD88 Ref B: FRA231050413017 Ref C: 2023-06-27T20:15:09Z
x-officecluster: PSE1
etag: W/"1451861234a9d91:0"
x-officefd: GVX0EPF00008A4B
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame C536 6 KB
2 KB 125ms
124ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:41 GMT
x-officeversion: 16.0.16616.41003
x-officefe: AM4PEPF000069FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1373
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 21 Jun 2023 04:57:13 GMT
x-correlationid: b581881c-f6da-4236-9290-c3385fe3bcc8
x-usersessionid: b581881c-f6da-4236-9290-c3385fe3bcc8
x-msedge-ref: Ref A: 242A84148F3E4BE686681A8B999294D7 Ref B: FRA231050414029 Ref C: 2023-06-25T09:33:43Z
x-officecluster: PNL1
etag: "6f922dd8fca3d91:0"
x-officefd: AM4PEPF000069FC
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wac-wordviewer-strings.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hAEE0193D9099F1AA_App_Scripts/1031/ Frame C536 15 KB
5 KB 124ms
123ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hAEE0193D9099F1AA_App_Scripts/1031/wac-wordviewer-strings.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

aee0193d9099f1aa39256bacfeb4f0ee8e6022395b1ca5bc26ab9afa89936265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:41 GMT
x-officeversion: 16.0.16622.41002
x-officefe: DM3PEPF00014DF0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4317
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 24 Jun 2023 00:50:42 GMT
x-correlationid: 4b4654f1-2139-4483-889d-438f22268d25
x-usersessionid: 4b4654f1-2139-4483-889d-438f22268d25
x-msedge-ref: Ref A: 9DD2A714AA3B4BD6A3069BE01C1AC5D1 Ref B: FRA231050412031 Ref C: 2023-06-24T21:09:32Z
x-officecluster: US4C
etag: "29f726e735a6d91:0"
x-officefd: DM3PEPF00014DF0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hC007B0C71FCEF09D_App_Scripts/1031/ Frame C536 23 KB
5 KB 123ms
122ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC007B0C71FCEF09D_App_Scripts/1031/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

72dbdbc38cf44bb00d65c393ba261c363aaca900022e75c8e64e4401e5527dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:41 GMT
x-officeversion: 16.0.16626.41001
x-officefe: DB5PEPF00011AAA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4591
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 29 Jun 2023 07:50:21 GMT
x-correlationid: 0735645a-ed64-4ba4-a38f-b3ff2e46d087
x-usersessionid: 0735645a-ed64-4ba4-a38f-b3ff2e46d087
x-msedge-ref: Ref A: 8C43215ABDAC40A88F0331AEF3CF76D0 Ref B: FRA231050416017 Ref C: 2023-06-29T13:31:19Z
x-officecluster: PIE1
etag: "40fd295b5eaad91:0"
x-officefd: DB5PEPF00011AAA
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h01AE978C1848FD1E_App_Scripts/1031/ Frame C536 561 KB
87 KB 146ms
33ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h01AE978C1848FD1E_App_Scripts/1031/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

01ae978c1848fd1ebbaa1a5ec810def93a5b2c1a7048b556630d2a25305603db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:41 GMT
x-officeversion: 16.0.16622.41002
x-officefe: DB5PEPF00011AA6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 88171
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 27 Jun 2023 20:15:09 GMT
x-correlationid: d9e3888f-3c58-4f2d-855b-922eab5a28de
x-usersessionid: d9e3888f-3c58-4f2d-855b-922eab5a28de
x-msedge-ref: Ref A: 43AA4EAE7FEB4D16A11249C84FAECC17 Ref B: FRA231050412037 Ref C: 2023-06-27T20:15:09Z
x-officecluster: PIE1
etag: W/"2b174a1234a9d91:0"
x-officefd: DB5PEPF00011AA6
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h37C2B898D6FAD1C6_App_Scripts/exp/ Frame C536 21 KB
5 KB 145ms
32ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h37C2B898D6FAD1C6_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

37c2b898d6fad1c6e56421fc7148e6f166eb6f55a532532606b287b528a8b2a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:41 GMT
x-officeversion: 16.0.16622.41002
x-officefe: GVX0EPF00008A0A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4018
x-msedge-features: typeheadertest,afd_waccluster,afd_powerpointslice,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 27 Jun 2023 20:07:52 GMT
x-correlationid: 40f219af-ed5a-4236-b50e-02c580f2882b
x-usersessionid: 40f219af-ed5a-4236-b50e-02c580f2882b
x-msedge-ref: Ref A: 6BECC1EF62674C2BBB32CBABAFBDB495 Ref B: FRA231050415039 Ref C: 2023-06-27T20:07:52Z
x-officecluster: PSE1
etag: W/"4768c3d33a9d91:0"
x-officefd: GVX0EPF00008A0A
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hA1365718379734D8_App_Scripts/ Frame C536 3 MB
493 KB 126ms
125ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hA1365718379734D8_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a1365718379734d823ee3f247fa956d1ceb9e4bef500af19811785902acdd72a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:41 GMT
x-officeversion: 16.0.16623.41000
x-officefe: DB5PEPF00011AD3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 504107
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 28 Jun 2023 12:38:41 GMT
x-correlationid: c36b5a62-ac7e-4a8b-a93f-27de9ca8df11
x-usersessionid: c36b5a62-ac7e-4a8b-a93f-27de9ca8df11
x-msedge-ref: Ref A: BFA9040A124B450DB8E1D0A9482B0502 Ref B: FRA231050413025 Ref C: 2023-06-28T12:38:41Z
x-officecluster: PIE1
etag: W/"ec6c8278bda9d91:0"
x-officefd: DB5PEPF00011AD3
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame C536 42 KB
44 KB 1815ms
1815ms Image
image/png 2603:1063:2000::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fsf%2Dwopi2%2Dsharefile%2Duseast%2Esharefile%2Ecom%2Fservice%2Fwopi2%2Ffiles%2Ffi9bc5ff%2Db476%2D7bf6%2D85e6%2D23b301206279&access_token=GvhAgAopDZetCQzDybBK7GINaiabJFf28I%2F2%2FpPI9objv4A5K928wGs934Cw7ZmwRbGNKkst8opb6%2Bdl7dEDgF9iVCoHvSHHSt6z4w4OGu%2FBBrfcZe6HwslH1ld0ZEs36uGb%2BmiNpkYvhardktNRRgWAhOEqRFAnQE0sqKS0ZX31WXyELCRv5AqehcABRbb%2BFw%2F0RDBuAbzrVY2e96%2BvSgcUt3h05y3nbtwSk264P99oSgUvj00iphKCLTXG%2FZyOPG1aHlxVYh7LacD%2BoOSe5g%2F6I%2FaPEOaJhBs%2Fo7BfaIACzKx%2FJPZTp%2BE79GEn5sDasJr%2Bb37mUv%2B8gQPEwmWSfbCOQvALMqLMYLemQ%2Btktz9iCS1%2Bde7eQryXonOSatL1R%2Fh1kzR2rztYon35q7FdZ%2Bq5aHejLaPK3FrwjGLP7uwLChgfBJa0IQYz021WEpEs2uzati9Ied4ptEjZlrjmnAH2KqH9KV33xN9garan9%2BYaU3lpSJvzdd0YZN9Wzz9nPhfoxr11yuP7cuRPQKxv0poIhAzK%2FgeSWXiAYCtynEhCHIKJJxdisAxGBDjnY0H0ZrcCxWBm5PaOXbY6%2FWGj7gb0ozW6SzLMsTzRY4KwB2Z2jCB1s9qdvVUNGreAgfGPZsOHQVUU3jxQG%2FFz94hgRReMVcWAKSffC2qg9y%2BA0I4zPtXGOHYuUyb3ODk%2FP%2FgbxMBWG8d68AiyrtaVsh3gT1bYKn9HiyIRM6UuHUicicsVG05mEaNq%2F2V7QZFH6CjdQXX8ir6DCMpjNUUWWyR9yoHauE2q0bqZkhiitzYd%2B2BjtAfFhprKhaF99biRbTKWBs6ZeYnjIzktZ%2B99M2VKaYKUqtd9%2B%2BehqoRnFFHzew0WZwwrb%2BaT7PUFkeXxHs6uJFRTR5LSYGraTWmnOTFPStSZ4l6zkerj94Dp17lK3ye0ZFlfeTq7tqOnatI4cheIXtDt8gu6kB3Yj6zxe2NzzFsEKoxS8h3bj7JhU15gCQZRbeoi3BN5w8%2Bw60kP7AQe2GlObZCdfhC7FG4z15PUYaK6I6swkPQ7xCHykEQUsiuTWLX9tJASl1cn7no4eIx9KK1jeqF3gje0pTW0qojOUchBxT4Fg8B%2FeVgv0vdFXc%2BFCaunc9EbMa3UHDZSnhEPH3lkp9SPR0JdMMJxrd%2BnO1eN7l8fJEf4L%2B0gPX75%2BYs8hvdEEP6MP2Zp%2FG71feUsa63JLovNT%2B9bDTgcGBEbQK%2FZgFvIYvWdRyfoNvSgOvJGSy3Tc9LzyM22C4fxe6kgoYAcwV7sk1fmNmuKZgcyH69DXef7R%2FOhTSdIuIUJJOkKolLy3fbnUcL%2BmOMU%3D&access_token_ttl=0&z=62a245148f4b0f39589d5e58d43c9a55&v=00000000-0000-0000-0000-000000000802&usid=598b9dd4-d205-4e28-b641-103f84db908b&splashscreen=1&build=16.0.16627.41001&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3fe0e213459d3fde7d98e420f928628b1a9e532947edf7e021cf67f2c922ecfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sf-wopi2-sharefile-useast.sharefile.com/service/wopi2/files/fi9bc5ff-b476-7bf6-85e6-23b301206279&IsLicensedUser=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 15:05:42 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF00010311
x-officeversion: 16.0.16627.41001
x-officefe: AM4PEPF00010311
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 43125
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 59991279-49c5-441a-a9c2-a8c52669d271
x-officecluster: PNL1
x-usersessionid: 598b9dd4-d205-4e28-b641-103f84db908b
x-msedge-ref: Ref A: 8ADC02CF1A1546D18AE52893BFD1E6B6 Ref B: FRA231050411047 Ref C: 2023-06-30T15:05:40Z
x-officefd: AM4PEPF00010311
etag: "WOPIsrc=https%3A%2F%2Fsf%2Dwopi2%2Dsharefile%2Duseast%2Esharefile%2Ecom%2Fservice%2Fwopi2%2Ffiles%2Ffi9bc5ff%2Db476%2D7bf6%2D85e6%2D23b301206279&access_token=GvhAgAopDZetCQzDybBK7GINaiabJFf28I%2F2%2FpPI9objv4A5K928wGs934Cw7ZmwRbGNKkst8opb6%2Bdl7dEDgF9iVCoHvSHHSt6z4w4OGu%2FBBrfcZe6HwslH1ld0ZEs36uGb%2BmiNpkYvhardktNRRgWAhOEqRFAnQE0sqKS0ZX31WXyELCRv5AqehcABRbb%2BFw%2F0RDBuAbzrVY2e96%2BvSgcUt3h05y3nbtwSk264P99oSgUvj00iphKCLTXG%2FZyOPG1aHlxVYh7LacD%2BoOSe5g%2F6I%2FaPEOaJhBs%2Fo7BfaIACzKx%2FJPZTp%2BE79GEn5sDasJr%2Bb37mUv%2B8gQPEwmWSfbCOQvALMqLMYLemQ%2Btktz9iCS1%2Bde7eQryXonOSatL1R%2Fh1kzR2rztYon35q7FdZ%2Bq5aHejLaPK3FrwjGLP7uwLChgfBJa0IQYz021WEpEs2uzati9Ied4ptEjZlrjmnAH2KqH9KV33xN9garan9%2BYaU3lpSJvzdd0YZN9Wzz9nPhfoxr11yuP7cuRPQKxv0poIhAzK%2FgeSWXiAYCtynEhCHIKJJxdisAxGBDjnY0H0ZrcCxWBm5PaOXbY6%2FWGj7gb0ozW6SzLMsTzRY4KwB2Z2jCB1s9qdvVUNGreAgfGPZsOHQVUU3jxQG%2FFz94hgRReMVcWAKSffC2qg9y%2BA0I4zPtXGOHYuUyb3ODk%2FP%2FgbxMBWG8d68AiyrtaVsh3gT1bYKn9HiyIRM6UuHUicicsVG05mEaNq%2F2V7QZFH6CjdQXX8ir6DCMpjNUUWWyR9yoHauE2q0bqZkhiitzYd%2B2BjtAfFhprKhaF99biRbTKWBs6ZeYnjIzktZ%2B99M2VKaYKUqtd9%2B%2BehqoRnFFHzew0WZwwrb%2BaT7PUFkeXxHs6uJFRTR5LSYGraTWmnOTFPStSZ4l6zkerj94Dp17lK3ye0ZFlfeTq7tqOnatI4cheIXtDt8gu6kB3Yj6zxe2NzzFsEKoxS8h3bj7JhU15gCQZRbeoi3BN5w8%2Bw60kP7AQe2GlObZCdfhC7FG4z15PUYaK6I6swkPQ7xCHykEQUsiuTWLX9tJASl1cn7no4eIx9KK1jeqF3gje0pTW0qojOUchBxT4Fg8B%2FeVgv0vdFXc%2BFCaunc9EbMa3UHDZSnhEPH3lkp9SPR0JdMMJxrd%2BnO1eN7l8fJEf4L%2B0gPX75%2BYs8hvdEEP6MP2Zp%2FG71feUsa63JLovNT%2B9bDTgcGBEbQK%2FZgFvIYvWdRyfoNvSgOvJGSy3Tc9LzyM22C4fxe6kgoYAcwV7sk1fmNmuKZgcyH69DXef7R%2FOhTSdIuIUJJOkKolLy3fbnUcL%2BmOMU%3D&access_token_ttl=0&z=62a245148f4b0f39589d5e58d43c9a5500000000-0000-0000-0000-000000000802p1.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Sat, 29 Jun 2024 15:05:42 GMT

OPTIONS
H2 204 preview
sf-cv.sharefile.com/service/contentviewer/eventpipeline/ Frame 0
0 121ms
120ms Preflight 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sf-cv.sharefile.com/service/contentviewer/eventpipeline/preview?r=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..j6cQMMoll80c_-YsvJBZ3w.clmvSvuq9vNOn38UvuhyrgXFCrN91kERmetRI7K1LtNvtoIKo0pgcbX9VZg99QMmh2LpTeVOUMoFOFAFZ1dXRllQ54EoPxxyVBgHZMd20IEJ01GqDgicxM0CfeXRgUmovv4YyqF5d9PTYufYum-D4DKPbVn2r_pjjsyzwWNc412ODRt-OZYfPdihiHWA-AvZ8aB7bqTIKnkWWKLMx5bNgg.0j04uOgQICacUb17AiHffQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.1.166 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: adbc6357b41625fc7.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://roberthhallpllc.sharefile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-HTTP-Method-Override,X-SF-App,Authorization,X-SF-ClientCapabilities,X-SF-LimitedAuthId,X-SF-CaptchaUserToken,X-SF-Subdomain
access-control-allow-methods: GET,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://roberthhallpllc.sharefile.com
access-control-max-age: 600
citrix-transactionid: c883a1da-876c-4383-b51b-49cce5da1f88
content-language: en
date: Fri, 30 Jun 2023 15:05:40 GMT
requestid: 0HMR848GBE4RH:00000004
x-sfapi-requestid: 0HMR848GBE4RH:00000004

POST
H2 200 preview Show response
sf-cv.sharefile.com/service/contentviewer/eventpipeline/ 0
880 B 128ms
128ms XHR
text/plain 76.223.1.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sf-cv.sharefile.com/service/contentviewer/eventpipeline/preview?r=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..j6cQMMoll80c_-YsvJBZ3w.clmvSvuq9vNOn38UvuhyrgXFCrN91kERmetRI7K1LtNvtoIKo0pgcbX9VZg99QMmh2LpTeVOUMoFOFAFZ1dXRllQ54EoPxxyVBgHZMd20IEJ01GqDgicxM0CfeXRgUmovv4YyqF5d9PTYufYum-D4DKPbVn2r_pjjsyzwWNc412ODRt-OZYfPdihiHWA-AvZ8aB7bqTIKnkWWKLMx5bNgg.0j04uOgQICacUb17AiHffQ

Requested by

Host: roberthhallpllc.sharefile.com
URL: https://roberthhallpllc.sharefile.com/d-0be101d67364405a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.1.166 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

adbc6357b41625fc7.awsglobalaccelerator.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src https:; child-src https: blob:; frame-src https: blob:; font-src 'self' data: https:; frame-ancestors 'none'; img-src https: data: blob: https://pendo-static-5352587489443840.storage.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'nonce-jV+6WDZdcpnx8oEwx46wdw==' https://www.google-analytics.com https://cdn.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' https://cdn.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com; report-uri https://sf-cv.sharefile.com/cspviolation; upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

citrix-transactionid: d7a0fc7d-ea0e-4964-ab44-ca02b64bb77c
date: Fri, 30 Jun 2023 15:05:41 GMT
content-security-policy: default-src https:; child-src https: blob:; frame-src https: blob:; font-src 'self' data: https:; frame-ancestors 'none'; img-src https: data: blob: https://pendo-static-5352587489443840.storage.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'nonce-jV+6WDZdcpnx8oEwx46wdw==' https://www.google-analytics.com https://cdn.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com; style-src 'self' 'unsafe-inline' https://cdn.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com; report-uri https://sf-cv.sharefile.com/cspviolation; upgrade-insecure-requests;
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
requestid: 0HMR7ND3MQER6:00000005
x-frame-options: DENY
content-language: en
access-control-allow-origin: https://roberthhallpllc.sharefile.com
x-sfapi-requestid: 0HMR7ND3MQER6:00000005
access-control-expose-headers: Content-Length,Accept-Ranges,Content-Type
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block

OPTIONS
H2 200 RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 0
0 277ms
133ms Preflight 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16627.41001&waccluster=PNL1&usid=598b9dd4-d205-4e28-b641-103f84db908b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-browserulsbeacon,x-usersessionid
Access-Control-Request-Method: POST
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age: 86400
cache-control: private
content-length: 0
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:05:40 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-correlationid: 92633f5b-50e2-4a85-82ae-d23460c74f91
x-officecluster: PGTEU1
x-officefd: DB5PEPF0001263C
x-officefe: DB5PEPF0001263C
x-officeversion: 16.0.16627.41001
x-usersessionid: 598b9dd4-d205-4e28-b641-103f84db908b

POST
H2 200 RemoteUls.ashx Show response
euc-word-telemetry.officeapps.live.com/wt/ Frame C536 0
381 B 49ms
48ms XHR
text/plain 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16627.41001&waccluster=PNL1&usid=598b9dd4-d205-4e28-b641-103f84db908b

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/
X-UserSessionId: 598b9dd4-d205-4e28-b641-103f84db908b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 15:05:40 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.16627.41001
x-officefe: DB5PEPF0001263C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 0
x-correlationid: c56f7cf7-bf7c-42e3-b1d1-76c479499e6d
server: Microsoft-IIS/10.0
x-usersessionid: 598b9dd4-d205-4e28-b641-103f84db908b
x-officecluster: PGTEU1
x-download-options: noopen
x-officefd: DB5PEPF0001263C
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

POST
H2 200 RemoteUls.ashx Show response
euc-word-telemetry.officeapps.live.com/wt/ Frame C536 0
70 B 49ms
48ms XHR
text/plain 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16627.41001&waccluster=PNL1&usid=598b9dd4-d205-4e28-b641-103f84db908b

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/
X-UserSessionId: 598b9dd4-d205-4e28-b641-103f84db908b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":183,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/hBEC3828C907F157E_resources/1031/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 15:05:40 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.16627.41001
x-officefe: DB5PEPF0001263C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 0
x-correlationid: 5bb16a2b-33d0-4209-9bdd-655bf48f6037
server: Microsoft-IIS/10.0
x-usersessionid: 598b9dd4-d205-4e28-b641-103f84db908b
x-officecluster: PGTEU1
x-download-options: noopen
x-officefd: DB5PEPF0001263C
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

OPTIONS
H2 200 RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 0
0 48ms
47ms Preflight 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16627.41001&waccluster=PNL1&usid=598b9dd4-d205-4e28-b641-103f84db908b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-browserulsbeacon,x-usersessionid
Access-Control-Request-Method: POST
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age: 86400
cache-control: private
content-length: 0
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:05:40 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-correlationid: 40e971c3-e014-4f85-9851-6695c89f586c
x-officecluster: PGTEU1
x-officefd: DB5PEPF0001263C
x-officefe: DB5PEPF0001263C
x-officeversion: 16.0.16627.41001
x-usersessionid: 598b9dd4-d205-4e28-b641-103f84db908b

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame C536 0
299 B 57ms
54ms XHR
text/plain 2603:1063:2000::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx?usid=598b9dd4-d205-4e28-b641-103f84db908b&build=16.0.16627.41001

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hA1365718379734D8_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sf-wopi2-sharefile-useast.sharefile.com/service/wopi2/files/fi9bc5ff-b476-7bf6-85e6-23b301206279&IsLicensedUser=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 15:05:40 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.16627.41001
x-officefe: DB5PEPF00011ADA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 9f22d7dd-9c06-4d3e-b38b-15b4d7ae843a
x-officecluster: PIE1
x-usersessionid: 598b9dd4-d205-4e28-b641-103f84db908b
x-msedge-ref: Ref A: 9D737722D4AF4C0F8CF47FAD24CBBB43 Ref B: FRA231050411047 Ref C: 2023-06-30T15:05:41Z
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
timing-allow-origin: *

GET
H2 200 sharedheaderplaceholder-icons.woff
c1h-word-view-15.cdn.office.net/wv/s/h09A1411BF361D3D6_App_Scripts/fonts/ Frame C536 3 KB
4 KB 32ms
32ms Font
font/x-woff 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h09A1411BF361D3D6_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

09a1411bf361d3d649f4ff5098e0197510232477bf099872f58f5d1ec483e9af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 15:05:41 GMT
x-officeversion: 16.0.16623.41000
x-officefe: AM4PEPF00013FD0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2944
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_onenoteslice_control,afd_pptcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 26 Jun 2023 02:37:42 GMT
x-correlationid: bd1eced2-d99e-4ce6-bacf-dcbf791077d9
x-usersessionid: bd1eced2-d99e-4ce6-bacf-dcbf791077d9
x-msedge-ref: Ref A: EAE5087DC99C42388C7191E44516515B Ref B: FRA231050415039 Ref C: 2023-06-27T10:28:38Z
x-officecluster: SNL1
etag: "571fbe2ed7a7d91:0"
x-officefd: AM4PEPF00013FD0
content-type: font/x-woff
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame C536 445 B
991 B 1112ms
1111ms XHR
text/xml 2603:1063:2000::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fsf%2Dwopi2%2Dsharefile%2Duseast%2Esharefile%2Ecom%2Fservice%2Fwopi2%2Ffiles%2Ffi9bc5ff%2Db476%2D7bf6%2D85e6%2D23b301206279&access_token=GvhAgAopDZetCQzDybBK7GINaiabJFf28I%2F2%2FpPI9objv4A5K928wGs934Cw7ZmwRbGNKkst8opb6%2Bdl7dEDgF9iVCoHvSHHSt6z4w4OGu%2FBBrfcZe6HwslH1ld0ZEs36uGb%2BmiNpkYvhardktNRRgWAhOEqRFAnQE0sqKS0ZX31WXyELCRv5AqehcABRbb%2BFw%2F0RDBuAbzrVY2e96%2BvSgcUt3h05y3nbtwSk264P99oSgUvj00iphKCLTXG%2FZyOPG1aHlxVYh7LacD%2BoOSe5g%2F6I%2FaPEOaJhBs%2Fo7BfaIACzKx%2FJPZTp%2BE79GEn5sDasJr%2Bb37mUv%2B8gQPEwmWSfbCOQvALMqLMYLemQ%2Btktz9iCS1%2Bde7eQryXonOSatL1R%2Fh1kzR2rztYon35q7FdZ%2Bq5aHejLaPK3FrwjGLP7uwLChgfBJa0IQYz021WEpEs2uzati9Ied4ptEjZlrjmnAH2KqH9KV33xN9garan9%2BYaU3lpSJvzdd0YZN9Wzz9nPhfoxr11yuP7cuRPQKxv0poIhAzK%2FgeSWXiAYCtynEhCHIKJJxdisAxGBDjnY0H0ZrcCxWBm5PaOXbY6%2FWGj7gb0ozW6SzLMsTzRY4KwB2Z2jCB1s9qdvVUNGreAgfGPZsOHQVUU3jxQG%2FFz94hgRReMVcWAKSffC2qg9y%2BA0I4zPtXGOHYuUyb3ODk%2FP%2FgbxMBWG8d68AiyrtaVsh3gT1bYKn9HiyIRM6UuHUicicsVG05mEaNq%2F2V7QZFH6CjdQXX8ir6DCMpjNUUWWyR9yoHauE2q0bqZkhiitzYd%2B2BjtAfFhprKhaF99biRbTKWBs6ZeYnjIzktZ%2B99M2VKaYKUqtd9%2B%2BehqoRnFFHzew0WZwwrb%2BaT7PUFkeXxHs6uJFRTR5LSYGraTWmnOTFPStSZ4l6zkerj94Dp17lK3ye0ZFlfeTq7tqOnatI4cheIXtDt8gu6kB3Yj6zxe2NzzFsEKoxS8h3bj7JhU15gCQZRbeoi3BN5w8%2Bw60kP7AQe2GlObZCdfhC7FG4z15PUYaK6I6swkPQ7xCHykEQUsiuTWLX9tJASl1cn7no4eIx9KK1jeqF3gje0pTW0qojOUchBxT4Fg8B%2FeVgv0vdFXc%2BFCaunc9EbMa3UHDZSnhEPH3lkp9SPR0JdMMJxrd%2BnO1eN7l8fJEf4L%2B0gPX75%2BYs8hvdEEP6MP2Zp%2FG71feUsa63JLovNT%2B9bDTgcGBEbQK%2FZgFvIYvWdRyfoNvSgOvJGSy3Tc9LzyM22C4fxe6kgoYAcwV7sk1fmNmuKZgcyH69DXef7R%2FOhTSdIuIUJJOkKolLy3fbnUcL%2BmOMU%3D&access_token_ttl=0&z=62a245148f4b0f39589d5e58d43c9a55&type=png&o15=1&ui=de-DE

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h60A82C06E357C29F_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

2947d8e97c6b46aca497a5656c33bdbc103c9de6a5b6838e5f8fae26e2e804d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF000131EE
X-UserSessionId: 598b9dd4-d205-4e28-b641-103f84db908b
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.16627.41001
X-Key: lt7KQD9U4z/AGc3gfA5yieMkolHGCse9IuqdIDad6ac=,638237343392973953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sf-wopi2-sharefile-useast.sharefile.com/service/wopi2/files/fi9bc5ff-b476-7bf6-85e6-23b301206279&IsLicensedUser=1
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 15:05:41 GMT
x-wacfrontend: AM4PEPF000131EE
x-officeversion: 16.0.16627.41001
x-powered-by: ARR/3.0
x-officefe: AM4PEPF000131EE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 416
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 14a85586-054b-435f-9ddf-9970107ccdd8, 14a85586-054b-435f-9ddf-9970107ccdd8
x-officecluster: PNL1
x-usersessionid: 598b9dd4-d205-4e28-b641-103f84db908b, 598b9dd4-d205-4e28-b641-103f84db908b
x-msedge-ref: Ref A: 5B4B2B25849B48C0947B6543B1A731E7 Ref B: FRA231050411047 Ref C: 2023-06-30T15:05:41Z
x-officefd: AM4PEPF000131F6
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
timing-allow-origin: *, *
expires: Sat, 29 Jun 2024 15:05:42 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hDD4039F8AFAC6FD7_App_Scripts/ Frame C536 41 KB
7 KB 32ms
32ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hDD4039F8AFAC6FD7_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hA1365718379734D8_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dd4039f8afac6fd76b462c4fd4f90374b18db762719108491ac2e365196d71ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:41 GMT
x-officeversion: 16.0.16616.41003
x-officefe: AM4PEPF000069E2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 6113
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_powerpointslice,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 21 Jun 2023 03:16:28 GMT
x-correlationid: b2dc5243-2ced-4e82-a143-3e7d56b0f50d
x-usersessionid: b2dc5243-2ced-4e82-a143-3e7d56b0f50d
x-msedge-ref: Ref A: D371D232F5C14E89ABE2A36B028F242D Ref B: FRA231050411049 Ref C: 2023-06-26T11:14:01Z
x-officecluster: PNL1
etag: "3e79ddc4eea3d91:0"
x-officefd: AM4PEPF000069E2
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/hBEC3828C907F157E_resources/1031/ Frame C536 22 KB
23 KB 32ms
32ms Font
font/x-woff 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hBEC3828C907F157E_resources/1031/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hBEC3828C907F157E_resources/1031/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/hBEC3828C907F157E_resources/1031/WordViewer.css
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 15:05:41 GMT
x-officeversion: 16.0.16616.41003
x-officefe: DM3PEPF00012E78
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_excelslice_control,afd_visioslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 23 Jun 2023 16:48:06 GMT
x-correlationid: f1709f44-8951-4302-bb85-dba6891e93c3
x-usersessionid: f1709f44-8951-4302-bb85-dba6891e93c3
x-msedge-ref: Ref A: A2FDF734F7E34FFFB934FF81B8F7AF75 Ref B: FRA231050414025 Ref C: 2023-06-23T16:48:05Z
x-officecluster: US3C
etag: W/"8ecdb97bf2a5d91:0"
x-officefd: DM3PEPF00012E78
content-type: font/x-woff
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 200 RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 0
0 48ms
47ms Preflight 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16627.41001&waccluster=PNL1&usid=598b9dd4-d205-4e28-b641-103f84db908b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-browserulsbeacon,x-usersessionid
Access-Control-Request-Method: POST
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age: 86400
cache-control: private
content-length: 0
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:05:41 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-correlationid: 01ed450e-35a5-4f32-a795-970c3e9dee55
x-officecluster: PGTEU1
x-officefd: DB5PEPF0001263C
x-officefe: DB5PEPF0001263C
x-officeversion: 16.0.16627.41001
x-usersessionid: 598b9dd4-d205-4e28-b641-103f84db908b

POST
H2 200 RemoteUls.ashx Show response
euc-word-telemetry.officeapps.live.com/wt/ Frame C536 0
69 B 48ms
48ms XHR
text/plain 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16627.41001&waccluster=PNL1&usid=598b9dd4-d205-4e28-b641-103f84db908b

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/
X-UserSessionId: 598b9dd4-d205-4e28-b641-103f84db908b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":517,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 15:05:41 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.16627.41001
x-officefe: DB5PEPF0001263C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 0
x-correlationid: 9c6b3386-10c4-4a9c-9039-57c8fe9d1942
server: Microsoft-IIS/10.0
x-usersessionid: 598b9dd4-d205-4e28-b641-103f84db908b
x-officecluster: PGTEU1
x-download-options: noopen
x-officefd: DB5PEPF0001263C
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

GET
BLOB 200
OK 0c2c3d4a-c71e-46c9-9a43-8a852b2bee32
https://word-view.officeapps.live.com/ Frame C536 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/0c2c3d4a-c71e-46c9-9a43-8a852b2bee32
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sf-wopi2-sharefile-useast.sharefile.com/service/wopi2/files/fi9bc5ff-b476-7bf6-85e6-23b301206279&IsLicensedUser=1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

GET
BLOB 200
OK 23885da2-8802-4f28-9659-dfb8432a0f7c
https://word-view.officeapps.live.com/ Frame C536 177 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/23885da2-8802-4f28-9659-dfb8432a0f7c
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sf-wopi2-sharefile-useast.sharefile.com/service/wopi2/files/fi9bc5ff-b476-7bf6-85e6-23b301206279&IsLicensedUser=1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62dc96e897e0d529380915d85eb0b5731f09a6b5f8ea0ea76b367d3337a86ff9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 177
Content-Type: application/javascript

POST
H2 200 RemoteUls.ashx Show response
euc-word-telemetry.officeapps.live.com/wt/ Frame C536 0
69 B 49ms
48ms XHR
text/plain 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16627.41001&waccluster=PNL1&usid=598b9dd4-d205-4e28-b641-103f84db908b

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/
X-UserSessionId: 598b9dd4-d205-4e28-b641-103f84db908b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":1695,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 15:05:42 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.16627.41001
x-officefe: DB5PEPF0001263C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
content-length: 0
x-correlationid: b8385631-5a15-48a9-ad34-22b277060335
server: Microsoft-IIS/10.0
x-usersessionid: 598b9dd4-d205-4e28-b641-103f84db908b
x-officecluster: PGTEU1
x-download-options: noopen
x-officefd: DB5PEPF0001263C
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://wordonline.nel.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PNL1&FileSource="}]}
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hDDE1266DCAEE2448_App_Scripts/ Frame C536 870 KB
144 KB 42ms
42ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hDDE1266DCAEE2448_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hA1365718379734D8_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dde1266dcaee2448508f29122003ea8d3f7ec7e8c79e134729fd501b8799217d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:42 GMT
x-officeversion: 16.0.16623.41000
x-officefe: DB5PEPF00011AD2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 146307
x-msedge-features: typeheadertest,afd_waccluster,afd_powerpointslice,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 28 Jun 2023 12:38:43 GMT
x-correlationid: a72204c8-d2a9-48c9-8d02-49bdce4376f4
x-usersessionid: a72204c8-d2a9-48c9-8d02-49bdce4376f4
x-msedge-ref: Ref A: F1F38C8EC7274688B4BEE93C8638D103 Ref B: FRA231050414047 Ref C: 2023-06-28T12:38:43Z
x-officecluster: PIE1
etag: W/"891c9079bda9d91:0"
x-officefd: DB5PEPF00011AD2
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1031/ Frame C536 695 B
1 KB 32ms
32ms Image
image/gif 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1031/progress.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 15:05:42 GMT
x-officeversion: 16.0.16616.41003
x-officefe: AM4PEPF00011BBF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 21 Jun 2023 08:11:10 GMT
x-correlationid: 289237b8-b5ae-44aa-b61c-afd54c32509e
x-usersessionid: 289237b8-b5ae-44aa-b61c-afd54c32509e
x-msedge-ref: Ref A: 294BE534B6CA46B19FA091330A604B56 Ref B: FRA231050411025 Ref C: 2023-06-22T11:19:37Z
x-officecluster: PNL1
etag: "945a67f017a4d91:0"
x-officefd: AM4PEPF00011BBF
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET ResReader.ashx
word-view.officeapps.live.com/wv/ Frame C536 0
0

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame C536 3 KB
3 KB 102ms
101ms XHR
text/xml 2603:1063:2000::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=598b9dd4-d205-4e28-b641-103f84db908b&build=16.0.16627.41001&WOPIsrc=https%3A%2F%2Fsf%2Dwopi2%2Dsharefile%2Duseast%2Esharefile%2Ecom%2Fservice%2Fwopi2%2Ffiles%2Ffi9bc5ff%2Db476%2D7bf6%2D85e6%2D23b301206279&access_token=GvhAgAopDZetCQzDybBK7GINaiabJFf28I%2F2%2FpPI9objv4A5K928wGs934Cw7ZmwRbGNKkst8opb6%2Bdl7dEDgF9iVCoHvSHHSt6z4w4OGu%2FBBrfcZe6HwslH1ld0ZEs36uGb%2BmiNpkYvhardktNRRgWAhOEqRFAnQE0sqKS0ZX31WXyELCRv5AqehcABRbb%2BFw%2F0RDBuAbzrVY2e96%2BvSgcUt3h05y3nbtwSk264P99oSgUvj00iphKCLTXG%2FZyOPG1aHlxVYh7LacD%2BoOSe5g%2F6I%2FaPEOaJhBs%2Fo7BfaIACzKx%2FJPZTp%2BE79GEn5sDasJr%2Bb37mUv%2B8gQPEwmWSfbCOQvALMqLMYLemQ%2Btktz9iCS1%2Bde7eQryXonOSatL1R%2Fh1kzR2rztYon35q7FdZ%2Bq5aHejLaPK3FrwjGLP7uwLChgfBJa0IQYz021WEpEs2uzati9Ied4ptEjZlrjmnAH2KqH9KV33xN9garan9%2BYaU3lpSJvzdd0YZN9Wzz9nPhfoxr11yuP7cuRPQKxv0poIhAzK%2FgeSWXiAYCtynEhCHIKJJxdisAxGBDjnY0H0ZrcCxWBm5PaOXbY6%2FWGj7gb0ozW6SzLMsTzRY4KwB2Z2jCB1s9qdvVUNGreAgfGPZsOHQVUU3jxQG%2FFz94hgRReMVcWAKSffC2qg9y%2BA0I4zPtXGOHYuUyb3ODk%2FP%2FgbxMBWG8d68AiyrtaVsh3gT1bYKn9HiyIRM6UuHUicicsVG05mEaNq%2F2V7QZFH6CjdQXX8ir6DCMpjNUUWWyR9yoHauE2q0bqZkhiitzYd%2B2BjtAfFhprKhaF99biRbTKWBs6ZeYnjIzktZ%2B99M2VKaYKUqtd9%2B%2BehqoRnFFHzew0WZwwrb%2BaT7PUFkeXxHs6uJFRTR5LSYGraTWmnOTFPStSZ4l6zkerj94Dp17lK3ye0ZFlfeTq7tqOnatI4cheIXtDt8gu6kB3Yj6zxe2NzzFsEKoxS8h3bj7JhU15gCQZRbeoi3BN5w8%2Bw60kP7AQe2GlObZCdfhC7FG4z15PUYaK6I6swkPQ7xCHykEQUsiuTWLX9tJASl1cn7no4eIx9KK1jeqF3gje0pTW0qojOUchBxT4Fg8B%2FeVgv0vdFXc%2BFCaunc9EbMa3UHDZSnhEPH3lkp9SPR0JdMMJxrd%2BnO1eN7l8fJEf4L%2B0gPX75%2BYs8hvdEEP6MP2Zp%2FG71feUsa63JLovNT%2B9bDTgcGBEbQK%2FZgFvIYvWdRyfoNvSgOvJGSy3Tc9LzyM22C4fxe6kgoYAcwV7sk1fmNmuKZgcyH69DXef7R%2FOhTSdIuIUJJOkKolLy3fbnUcL%2BmOMU%3D&access_token_ttl=0&z=62a245148f4b0f39589d5e58d43c9a55&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h60A82C06E357C29F_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2000::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f07a1317bc283ae466585b36108d048dd6422098dc1750370256376890cc7258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF000131EE
X-UserSessionId: 598b9dd4-d205-4e28-b641-103f84db908b
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.16627.41001
X-Key: lt7KQD9U4z/AGc3gfA5yieMkolHGCse9IuqdIDad6ac=,638237343392973953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://sf-wopi2-sharefile-useast.sharefile.com/service/wopi2/files/fi9bc5ff-b476-7bf6-85e6-23b301206279&IsLicensedUser=1
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 15:05:42 GMT
x-wacfrontend: AM4PEPF000131EE
x-officeversion: 16.0.16627.41001
x-officefe: AM4PEPF000131EE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1195
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: e1e8f817-a517-49c8-b115-fe9b744f9ae9
x-officecluster: PNL1
x-usersessionid: 598b9dd4-d205-4e28-b641-103f84db908b
x-msedge-ref: Ref A: 9EF6740793E94B369777F413E17C5514 Ref B: FRA231050411047 Ref C: 2023-06-30T15:05:42Z
x-officefd: AM4PEPF000131EE
etag: "WOPIsrc=https%3A%2F%2Fsf%2Dwopi2%2Dsharefile%2Duseast%2Esharefile%2Ecom%2Fservice%2Fwopi2%2Ffiles%2Ffi9bc5ff%2Db476%2D7bf6%2D85e6%2D23b301206279&access_token=GvhAgAopDZetCQzDybBK7GINaiabJFf28I%2F2%2FpPI9objv4A5K928wGs934Cw7ZmwRbGNKkst8opb6%2Bdl7dEDgF9iVCoHvSHHSt6z4w4OGu%2FBBrfcZe6HwslH1ld0ZEs36uGb%2BmiNpkYvhardktNRRgWAhOEqRFAnQE0sqKS0ZX31WXyELCRv5AqehcABRbb%2BFw%2F0RDBuAbzrVY2e96%2BvSgcUt3h05y3nbtwSk264P99oSgUvj00iphKCLTXG%2FZyOPG1aHlxVYh7LacD%2BoOSe5g%2F6I%2FaPEOaJhBs%2Fo7BfaIACzKx%2FJPZTp%2BE79GEn5sDasJr%2Bb37mUv%2B8gQPEwmWSfbCOQvALMqLMYLemQ%2Btktz9iCS1%2Bde7eQryXonOSatL1R%2Fh1kzR2rztYon35q7FdZ%2Bq5aHejLaPK3FrwjGLP7uwLChgfBJa0IQYz021WEpEs2uzati9Ied4ptEjZlrjmnAH2KqH9KV33xN9garan9%2BYaU3lpSJvzdd0YZN9Wzz9nPhfoxr11yuP7cuRPQKxv0poIhAzK%2FgeSWXiAYCtynEhCHIKJJxdisAxGBDjnY0H0ZrcCxWBm5PaOXbY6%2FWGj7gb0ozW6SzLMsTzRY4KwB2Z2jCB1s9qdvVUNGreAgfGPZsOHQVUU3jxQG%2FFz94hgRReMVcWAKSffC2qg9y%2BA0I4zPtXGOHYuUyb3ODk%2FP%2FgbxMBWG8d68AiyrtaVsh3gT1bYKn9HiyIRM6UuHUicicsVG05mEaNq%2F2V7QZFH6CjdQXX8ir6DCMpjNUUWWyR9yoHauE2q0bqZkhiitzYd%2B2BjtAfFhprKhaF99biRbTKWBs6ZeYnjIzktZ%2B99M2VKaYKUqtd9%2B%2BehqoRnFFHzew0WZwwrb%2BaT7PUFkeXxHs6uJFRTR5LSYGraTWmnOTFPStSZ4l6zkerj94Dp17lK3ye0ZFlfeTq7tqOnatI4cheIXtDt8gu6kB3Yj6zxe2NzzFsEKoxS8h3bj7JhU15gCQZRbeoi3BN5w8%2Bw60kP7AQe2GlObZCdfhC7FG4z15PUYaK6I6swkPQ7xCHykEQUsiuTWLX9tJASl1cn7no4eIx9KK1jeqF3gje0pTW0qojOUchBxT4Fg8B%2FeVgv0vdFXc%2BFCaunc9EbMa3UHDZSnhEPH3lkp9SPR0JdMMJxrd%2BnO1eN7l8fJEf4L%2B0gPX75%2BYs8hvdEEP6MP2Zp%2FG71feUsa63JLovNT%2B9bDTgcGBEbQK%2FZgFvIYvWdRyfoNvSgOvJGSy3Tc9LzyM22C4fxe6kgoYAcwV7sk1fmNmuKZgcyH69DXef7R%2FOhTSdIuIUJJOkKolLy3fbnUcL%2BmOMU%3D&access_token_ttl=0&z=62a245148f4b0f39589d5e58d43c9a5500000000-0000-0000-0000-000000000802p_1_10.xml"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
timing-allow-origin: *
expires: Sat, 29 Jun 2024 15:05:42 GMT

OPTIONS
H/1.1 200
OK /
eu-office.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 244ms
49ms Preflight 20.50.73.9

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-office.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.50.73.9 -, , ASN (),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Fri, 30 Jun 2023 15:05:42 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

OPTIONS
H2 200 RemoteUls.ashx
euc-word-telemetry.officeapps.live.com/wt/ Frame 0
0 48ms
48ms Preflight 2603:1063:2206:14::33
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://euc-word-telemetry.officeapps.live.com/wt/RemoteUls.ashx?build=16.0.16627.41001&waccluster=PNL1&usid=598b9dd4-d205-4e28-b641-103f84db908b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1063:2206:14::33 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-browserulsbeacon,x-usersessionid
Access-Control-Request-Method: POST
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, X-AccessToken, X-AccessTokenTtl, X-BrowserUlsBeacon, X-CorrelationId, X-IsCoauthSession, X-Key, X-OfficeVersion, X-Requested-With, X-UserSessionId, X-UserType, X-WacCluster, X-WacFrontEnd, X-WacUserAgent, X-bULS-OfficeAppMode, X-bULS-OfficeAppType, X-bULS-SuppressionETag, X-bULS-UseSourceMaps, X-xhr, haep, hascn, hascnt
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
access-control-max-age: 86400
cache-control: private
content-length: 0
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 15:05:42 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-correlationid: d13fa002-d746-4f8d-92dd-ef571281dc53
x-officecluster: PGTEU1
x-officefd: DB5PEPF0001263C
x-officefe: DB5PEPF0001263C
x-officeversion: 16.0.16627.41001
x-usersessionid: 598b9dd4-d205-4e28-b641-103f84db908b

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161662741001_App_Scripts/1031/ Frame C536 561 KB
87 KB 36ms
36ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161662741001_App_Scripts/1031/word-app-intl.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h37C2B898D6FAD1C6_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

01ae978c1848fd1ebbaa1a5ec810def93a5b2c1a7048b556630d2a25305603db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:42 GMT
x-officeversion: 16.0.16623.41000
x-officefe: AM4PEPF000131FA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 88171
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 28 Jun 2023 12:39:08 GMT
x-correlationid: a7c83584-fc55-4bb1-a801-a2354ce20423
x-usersessionid: a7c83584-fc55-4bb1-a801-a2354ce20423
x-msedge-ref: Ref A: 52F46A706926451EA445746A3841C227 Ref B: FRA231050416031 Ref C: 2023-06-28T12:39:08Z
x-officecluster: PNL1
etag: W/"f15e4288bda9d91:0"
x-officefd: AM4PEPF000131FA
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common.min.js
c1h-word-view-15.cdn.office.net/wv/s/h486D1B78C01A7275_App_Scripts/exp/ Frame C536 2 MB
326 KB 41ms
40ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h486D1B78C01A7275_App_Scripts/exp/common.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h37C2B898D6FAD1C6_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:42 GMT
x-officeversion: 16.0.16623.41000
x-officefe: AM4PEPF00012373
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 332762
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 28 Jun 2023 12:38:44 GMT
x-correlationid: edf05081-f251-4cab-be16-f23f087eecf0
x-usersessionid: edf05081-f251-4cab-be16-f23f087eecf0
x-msedge-ref: Ref A: CE1A8DF173294C23AAA2CEF916330BD1 Ref B: FRA231050414039 Ref C: 2023-06-28T12:38:44Z
x-officecluster: PNL1
etag: W/"37b3e579bda9d91:0"
x-officefd: AM4PEPF00012373
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChrome.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hF36B65AF839D2904_App_Scripts/exp/ Frame C536 329 KB
63 KB 37ms
37ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hF36B65AF839D2904_App_Scripts/exp/appChrome.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h37C2B898D6FAD1C6_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f36b65af839d29045db1ca93f5185c4191e1086fb2ad0ec0eb9b891394bcd830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:42 GMT
x-officeversion: 16.0.16623.41000
x-officefe: AM4PEPF00006032
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 63937
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity_control,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 28 Jun 2023 12:38:44 GMT
x-correlationid: a6f5623a-f02c-43f5-8849-6084a77a1e79
x-usersessionid: a6f5623a-f02c-43f5-8849-6084a77a1e79
x-msedge-ref: Ref A: CDC8F542B5D94D7D84FF8AEAEBA68AAF Ref B: FRA231050416009 Ref C: 2023-06-28T12:38:44Z
x-officecluster: PNL1
etag: W/"d7ee179bda9d91:0"
x-officefd: AM4PEPF00006032
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161662741001_resources/1031/ Frame C536 34 KB
35 KB 34ms
32ms Image
image/png 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161662741001_resources/1031/wv.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 15:05:42 GMT
x-officeversion: 16.0.16623.41000
x-officefe: DB5PEPF00011AE1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 28 Jun 2023 12:39:08 GMT
x-correlationid: bac79e1b-2ba4-467e-848a-5d12e0dd37ed
x-usersessionid: bac79e1b-2ba4-467e-848a-5d12e0dd37ed
x-msedge-ref: Ref A: 09E1B63A209B4829A131FBAE91A6700C Ref B: FRA231050414047 Ref C: 2023-06-28T12:39:08Z
x-officecluster: PIE1
etag: W/"52fc4e88bda9d91:0"
x-officefd: DB5PEPF00011AE1
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress16.gif
c1h-word-view-15.cdn.office.net/wv/s/h38E88B6AF6C65319_resources/1031/ Frame C536 668 B
1 KB 46ms
44ms Image
image/gif 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h38E88B6AF6C65319_resources/1031/progress16.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 15:05:42 GMT
x-officeversion: 16.0.16614.41005
x-officefe: AM4PEPF00006A2D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 668
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 17 Jun 2023 03:22:02 GMT
x-correlationid: ce9dbaa9-a7b2-4777-a8eb-3106eb62ba39
x-usersessionid: ce9dbaa9-a7b2-4777-a8eb-3106eb62ba39
x-msedge-ref: Ref A: AA24FD013DD947CA950FF33FBB441774 Ref B: FRA231050415025 Ref C: 2023-06-18T19:01:07Z
x-officecluster: PNL1
etag: "a97b90e2caa0d91:0"
x-officefd: AM4PEPF00006A2D
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common50.min.js
c1h-word-view-15.cdn.office.net/wv/s/hEB9E5E116B57CC53_App_Scripts/exp/ Frame C536 2 MB
0 41ms
40ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hEB9E5E116B57CC53_App_Scripts/exp/common50.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h37C2B898D6FAD1C6_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:43 GMT
x-officeversion: 16.0.16623.41000
x-officefe: DB5PEPF00011ABB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 475390
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 28 Jun 2023 12:38:46 GMT
x-correlationid: 18a41b52-73c3-414d-9c00-a416605660cd
x-usersessionid: 18a41b52-73c3-414d-9c00-a416605660cd
x-msedge-ref: Ref A: 4E9875D7F70F4D2FBEE68D097B12A5AB Ref B: FRA231050416009 Ref C: 2023-06-28T12:38:45Z
x-officecluster: PIE1
etag: W/"83f5ee7abda9d91:0"
x-officefd: DB5PEPF00011ABB
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChromeLazy.min.js
c1h-word-view-15.cdn.office.net/wv/s/h7C8A3F6432DA9677_App_Scripts/exp/ Frame C536 651 KB
131 KB 41ms
40ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7C8A3F6432DA9677_App_Scripts/exp/appChromeLazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h37C2B898D6FAD1C6_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:43 GMT
x-officeversion: 16.0.16627.41001
x-officefe: AM4PEPF00023476
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 133482
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 28 Jun 2023 08:21:57 GMT
x-correlationid: 64f8a5be-70a4-42cc-a3a0-19295ad1facc
x-usersessionid: 64f8a5be-70a4-42cc-a3a0-19295ad1facc
x-msedge-ref: Ref A: 63B0FBD930BC4428B2096F826D87C105 Ref B: FRA231050414047 Ref C: 2023-06-28T12:38:46Z
x-officecluster: SNL1
etag: "d99d19b99a9d91:0"
x-officefd: AM4PEPF00023476
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl-lazy.min.js
c1h-word-view-15.cdn.office.net/wv/s/h1E02AC2F24167223_App_Scripts/1031/ Frame C536 784 KB
101 KB 39ms
39ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h1E02AC2F24167223_App_Scripts/1031/word-app-intl-lazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hA1365718379734D8_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:43 GMT
x-officeversion: 16.0.16623.41000
x-officefe: AM4PEPF00023474
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 102657
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordslice,afd_wordcapacity,afd_excelslice,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 26 Jun 2023 01:57:48 GMT
x-correlationid: 29b4036c-6b98-4450-a0a3-00529ee845a9
x-usersessionid: 29b4036c-6b98-4450-a0a3-00529ee845a9
x-msedge-ref: Ref A: DCAE4D1E2E014362A5B06C0D2C81AF79 Ref B: FRA231050412031 Ref C: 2023-06-27T01:39:45Z
x-officecluster: SNL1
etag: "629caf9bd1a7d91:0"
x-officefd: AM4PEPF00023474
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uiSlice20.min.js
c1h-word-view-15.cdn.office.net/wv/s/h1F2000DEBF56B110_App_Scripts/exp/ Frame C536 1 MB
203 KB 35ms
35ms Script
application/javascript 2a02:26f0:3500:588::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h1F2000DEBF56B110_App_Scripts/exp/uiSlice20.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h37C2B898D6FAD1C6_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:588::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 30 Jun 2023 15:05:43 GMT
x-officeversion: 16.0.16623.41000
x-officefe: AM4PEPF000131FA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 207251
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 28 Jun 2023 12:38:45 GMT
x-correlationid: e2c4e803-b259-4fea-88b5-63e796b70227
x-usersessionid: e2c4e803-b259-4fea-88b5-63e796b70227
x-msedge-ref: Ref A: 4CCF879E2150441DA7E420E5E3B1B4D2 Ref B: FRA231050411023 Ref C: 2023-06-28T12:38:45Z
x-officecluster: PNL1
etag: W/"8a47db7abda9d91:0"
x-officefd: AM4PEPF000131FA
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=598b9dd4-d205-4e28-b641-103f84db908b&build=16.0.16627.41001&WOPIsrc=https%3A%2F%2Fsf%2Dwopi2%2Dsharefile%2Duseast%2Esharefile%2Ecom%2Fservice%2Fwopi2%2Ffiles%2Ffi9bc5ff%2Db476%2D7bf6%2D85e6%2D23b301206279&access_token=GvhAgAopDZetCQzDybBK7GINaiabJFf28I%2F2%2FpPI9objv4A5K928wGs934Cw7ZmwRbGNKkst8opb6%2Bdl7dEDgF9iVCoHvSHHSt6z4w4OGu%2FBBrfcZe6HwslH1ld0ZEs36uGb%2BmiNpkYvhardktNRRgWAhOEqRFAnQE0sqKS0ZX31WXyELCRv5AqehcABRbb%2BFw%2F0RDBuAbzrVY2e96%2BvSgcUt3h05y3nbtwSk264P99oSgUvj00iphKCLTXG%2FZyOPG1aHlxVYh7LacD%2BoOSe5g%2F6I%2FaPEOaJhBs%2Fo7BfaIACzKx%2FJPZTp%2BE79GEn5sDasJr%2Bb37mUv%2B8gQPEwmWSfbCOQvALMqLMYLemQ%2Btktz9iCS1%2Bde7eQryXonOSatL1R%2Fh1kzR2rztYon35q7FdZ%2Bq5aHejLaPK3FrwjGLP7uwLChgfBJa0IQYz021WEpEs2uzati9Ied4ptEjZlrjmnAH2KqH9KV33xN9garan9%2BYaU3lpSJvzdd0YZN9Wzz9nPhfoxr11yuP7cuRPQKxv0poIhAzK%2FgeSWXiAYCtynEhCHIKJJxdisAxGBDjnY0H0ZrcCxWBm5PaOXbY6%2FWGj7gb0ozW6SzLMsTzRY4KwB2Z2jCB1s9qdvVUNGreAgfGPZsOHQVUU3jxQG%2FFz94hgRReMVcWAKSffC2qg9y%2BA0I4zPtXGOHYuUyb3ODk%2FP%2FgbxMBWG8d68AiyrtaVsh3gT1bYKn9HiyIRM6UuHUicicsVG05mEaNq%2F2V7QZFH6CjdQXX8ir6DCMpjNUUWWyR9yoHauE2q0bqZkhiitzYd%2B2BjtAfFhprKhaF99biRbTKWBs6ZeYnjIzktZ%2B99M2VKaYKUqtd9%2B%2BehqoRnFFHzew0WZwwrb%2BaT7PUFkeXxHs6uJFRTR5LSYGraTWmnOTFPStSZ4l6zkerj94Dp17lK3ye0ZFlfeTq7tqOnatI4cheIXtDt8gu6kB3Yj6zxe2NzzFsEKoxS8h3bj7JhU15gCQZRbeoi3BN5w8%2Bw60kP7AQe2GlObZCdfhC7FG4z15PUYaK6I6swkPQ7xCHykEQUsiuTWLX9tJASl1cn7no4eIx9KK1jeqF3gje0pTW0qojOUchBxT4Fg8B%2FeVgv0vdFXc%2BFCaunc9EbMa3UHDZSnhEPH3lkp9SPR0JdMMJxrd%2BnO1eN7l8fJEf4L%2B0gPX75%2BYs8hvdEEP6MP2Zp%2FG71feUsa63JLovNT%2B9bDTgcGBEbQK%2FZgFvIYvWdRyfoNvSgOvJGSy3Tc9LzyM22C4fxe6kgoYAcwV7sk1fmNmuKZgcyH69DXef7R%2FOhTSdIuIUJJOkKolLy3fbnUcL%2BmOMU%3D&access_token_ttl=0&z=62a245148f4b0f39589d5e58d43c9a55&waccluster=PNL1

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
roberthhallpllc.sharefile.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: lx35wjy4wjyikzlsdnft5hy4
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 23279fba8cd7261e
roberthhallpllc.sharefile.com/	1970-01-20 13:05:42	Name: AWSALBTG Value: DNfo2GkRUP2bNQRcJa3X0bIwLr5MdKvpwR3CpQGfxxtsr0VZomOqN7xZ7a8W7VAAZujtYjAh1pNzUWia9brcM4YU4bGSS+n3iKO7SHGUZp2mOM7syiWHygSTV2cO5ePmbPTIySKwAgDI5jBOuEBZq77zWQ/iVW5VtLnhKVoxyxaQ
roberthhallpllc.sharefile.com/	1970-01-20 13:05:42	Name: AWSALBTGCORS Value: DNfo2GkRUP2bNQRcJa3X0bIwLr5MdKvpwR3CpQGfxxtsr0VZomOqN7xZ7a8W7VAAZujtYjAh1pNzUWia9brcM4YU4bGSS+n3iKO7SHGUZp2mOM7syiWHygSTV2cO5ePmbPTIySKwAgDI5jBOuEBZq77zWQ/iVW5VtLnhKVoxyxaQ
roberthhallpllc.sharefile.com/	1970-01-20 13:05:42	Name: AWSALB Value: 5jvUatnQOfy5GXRGs+8EJHlyQ7UpzeTCkXzZImJScF8dz2M1bZiX3kmTP1gK8E2dIXLSblprYx2Dg/rJbZ08woXz3T0647X7U15PZQvWgEJ5uS/WILXjSYbxKcgE
roberthhallpllc.sharefile.com/	1970-01-20 13:05:42	Name: AWSALBCORS Value: 5jvUatnQOfy5GXRGs+8EJHlyQ7UpzeTCkXzZImJScF8dz2M1bZiX3kmTP1gK8E2dIXLSblprYx2Dg/rJbZ08woXz3T0647X7U15PZQvWgEJ5uS/WILXjSYbxKcgE
roberthhallpllc.sf-api.com/	1970-01-20 13:05:42	Name: AWSALBTGCORS Value: ESdSI6431cygm8wDI5Yop8wtmlZAwHLGYZCkx6kUk/QuHGJoUFNM1z1HgK8ZWVINb2vrwO+yVaOLchXWSJ0gzbg+AXbD4sk0ZmAJYfqwFLwT5qKus5KGjAwcg+sZqaibtwZ1C7PR7PqLvCYxKfPp87kueoqAAUar8wkaohK//ZuI
roberthhallpllc.sf-api.com/	1970-01-20 13:05:42	Name: AWSALBCORS Value: AGvqKf1ZsLqTCEN8jLlxOGg1fSauieXE4JnJK3am4XKQEeFr9r7UmuAHSXpmo/bxBF8lp4w/65R94fRVCrhdZYTcRZ5G1SYjG/lv56LpCmNC/FWd8YEc1JpAcRVO
word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://roberthhallpllc.sharefile.com/api/app/sharefileiostatus Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com https://piletfeed-cdn.sharefile.io; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-m3fWDgTWm0BlFJ+rWZlmBg==' https://request.eprotect.vantivcnp.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
app.launchdarkly.com
auth.sharefile.io
bam.nr-data.net
c1h-word-view-15.cdn.office.net
citrix-sharefile-content.customer.pendo.io
citrix-sharefile-data.customer.pendo.io
eu-office.events.data.microsoft.com
euc-word-telemetry.officeapps.live.com
events.launchdarkly.com
js-agent.newrelic.com
piletfeed-cdn.sharefile.io
roberthhallpllc.sf-api.com
roberthhallpllc.sharefile.com
sf-cv.sharefile.com
word-view.officeapps.live.com
word-view.officeapps.live.com
107.20.191.162
13.224.189.108
151.101.130.137
151.101.66.217
162.247.241.14
20.50.73.9
2603:1063:2000::12
2603:1063:2206:14::33
2a00:1450:4001:80e::2013
2a02:26f0:3500:588::1c24
3.215.101.233
34.107.168.21
64.185.227.156
76.223.1.166
01ae978c1848fd1ebbaa1a5ec810def93a5b2c1a7048b556630d2a25305603db
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
08a331f8c8d378b32ba440547301b0f2ee6081a6e131fd74623f4ddabaf243f9
09a1411bf361d3d649f4ff5098e0197510232477bf099872f58f5d1ec483e9af
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10e6685aed14fccff700b8d3d1d0642d75319f796c691a065ecd1fa08965bc6d
13244b7553e3737818dcd5acb88c56d35c5b99b7624f69442ed79d99a3b02192
1379b7ca3331580e6034fdd9a9ba25596bc787b2b6d717d9f58fdd48c956fb5b
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29
1d1adb4d6c6787b8ed81984d66cf98a7442174f32337afea799581d81b90421d
2692ac2cd4647825128f07f1b7918ba156441c26566fc6032bcf00ea98293b08
2947d8e97c6b46aca497a5656c33bdbc103c9de6a5b6838e5f8fae26e2e804d2
29a929fcd69b401e135254b5abc87fc5dac32d1e838c71a79f5d85f5eefb6cee
2df60fde322e9015bb8ec98106199fc80e4aea25360156917b45055cdc0371c7
357d2d5cdfbd9f531fe9993cd04060d499505409a64e76e3cd5e57362469a7d7
373962670e67294b023b3def4dc7433f0b945be3c5a7e6411e5262cab7a08c0d
37c2b898d6fad1c6e56421fc7148e6f166eb6f55a532532606b287b528a8b2a8
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
3fe0e213459d3fde7d98e420f928628b1a9e532947edf7e021cf67f2c922ecfd
40e94e5ce0aeab64aa4c10bf58e5f31dde687af3ed493ade95c0dbf9824d7e23
44077e6ceb62b989c9ef0d4659d5b6a261c31fdec49e317e8833a9fb9550e02c
4b3a8a6f91f2f2b51fb6ab816435bd3e3b0c6622d005ba080333f49444083c85
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
4e8289d098badd8279b55110317d4ab9cafdbfe938e6232302bad9c137aac022
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
56c6e1953f638db88d4636b56b945e439473bb466460eabc9ea99ccf39f895f5
60a82c06e357c29f34b99def3ed8d8eaae74ca8f44892ca214f1e38c1986363b
62dc96e897e0d529380915d85eb0b5731f09a6b5f8ea0ea76b367d3337a86ff9
6aef712aada658052be6bcf9a864398b1ceb6b8eea5d0bc60cf625e8c2b0c9c7
6f58e6669581ce164b8826ab164cb989cd40b31758da173a26e9d81bc3b2d5d1
72dbdbc38cf44bb00d65c393ba261c363aaca900022e75c8e64e4401e5527dad
774f10a2102bd7c70ec8e0952ae3c5725c7d688cdfae9a0dcbb45c807b3a5207
7b916e77c15656bc7844ab428f4dcec92b50ed4148c4d16dc93a8fae1f8d17e3
89185c59d33863a2a33293c987e5d64d57d8d44bea4febeb4b5c2a1ed0ef9bae
8d169dddc2520727c80ce142f0b67b885c67a520023bef81c01509928ab2a560
8d9550dd41e38548739b235ff85f716a2d1ce46c4545c7141724aedc785fd84a
95f8f61e392e80bb58738c6b9b2c7ce2316ce5be1dae06acbd783f57994e8269
98b24c81559f2161f815dfc1a99ec21a1970945a4c906b9ec6b86018553b1e5b
a1365718379734d823ee3f247fa956d1ceb9e4bef500af19811785902acdd72a
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
aee0193d9099f1aa39256bacfeb4f0ee8e6022395b1ca5bc26ab9afa89936265
b8727271876c18f02e55f75cbd99c53af380598db1c764a09c9db40d7ae34b30
bea988eeadc7c0ddf9644c2dce7efb35f1767eac0187c0967f8a2567473cbbfe
bec3828c907f157e92740de53428d53a1bbe0a7dfbce05b52dd6c43150aa46d8
bf2cb31cad42fa08aad682a971c8fe48828b8864fb3fcf3821a73a9754ab591b
c3ed5ae7f2959d059f742c484494e0792f01d52581d3ddd9fd317c56bc360850
c9e0ba3804340669d62476019f3456e2eeb1d6e6cec548cf9bcc091680113dc4
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
cbe1f708107d44b5a5c9bc9486fcda5f7c091a261dc725a24697687f878bf150
d054497002d14c3d02b3cf82109f62cc82f78808dcddf724754713528f9fa145
dd4039f8afac6fd76b462c4fd4f90374b18db762719108491ac2e365196d71ac
dde1266dcaee2448508f29122003ea8d3f7ec7e8c79e134729fd501b8799217d
e26c6d368e2629caf91b2f591c0f2b40cb9f270d8c1836138db6cfdf489aeb73
e35c26f59dd61849e29d0201e6627624b53177114d76d83d47a80808291f433c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2423d9ac27b2c8974304b1bcdfc5031a84f3d5f22b31cb888127967c6bd906
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07a1317bc283ae466585b36108d048dd6422098dc1750370256376890cc7258
f0b1b5c733cad7a85060a7836f3086af5ce3e867873e15ac0911a1954bee507d
f20f8871aef226d39804ecc0793331f9336b3e27667058c4e7ba2a1704585e91
f36b65af839d29045db1ca93f5185c4191e1086fb2ad0ec0eb9b891394bcd830
f85a17dad6e2281eaa1be4114c0f36073d4f6f6cb614cb1ce5cb50271ce09a25
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
fa10c354017234c7b6f46173ebc5f6f7f9407a47f4984686d8b337a8c82d3a29

roberthhallpllc.sharefile.com Open in urlscan Pro 76.223.1.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

106 Requests

97 %HTTPS

29 %IPv6

11 Domains

16 Subdomains

15 IPs

3 Countries

4582 kBTransfer

21936 kBSize

9 Cookies

0 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

roberthhallpllc.sharefile.com Open in urlscan Pro
76.223.1.166 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

97 %
HTTPS

29 %
IPv6

11
Domains

16
Subdomains

15
IPs

3
Countries

4582 kB
Transfer

21936 kB
Size

9
Cookies

106 HTTP transactions
0 data transactions