accounts-mail.ru Open in urlscan Pro
85.119.149.127 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/?account=3mail@b.c
Submission: On January 18 via automatic, source openphish (January 18th 2023, 1:18:53 pm UTC) — Scanned from DE

Summary HTTP 62 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 7 countries across 9 domains to perform 62 HTTP transactions. The main IP is 85.119.149.127, located in Moscow, Russian Federation and belongs to SELECTEL-MSK, RU. The main domain is accounts-mail.ru.
TLS certificate: Issued by R3 on November 11th 2022. Valid for: 3 months.

This is the only time accounts-mail.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	85.119.149.127 85.119.149.127	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
18	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1	94.100.180.35 94.100.180.35	47764 (VK-AS) (VK-AS)
30	2a02:26f0:f70... 2a02:26f0:f700:489::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	92.123.149.198 92.123.149.198	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:f70... 2a02:26f0:f700:4::212:4f17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.67.139.82 23.67.139.82	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	40.90.128.17 40.90.128.17	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.126.32.67 40.126.32.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	51.11.192.49 51.11.192.49	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
62	12

4 85.119.149.127 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: isp1.ru.fastfox.pro

accounts-mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pnl1-word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.100.180.35 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: filin.mail.ru

filin.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a02:26f0:f700:489::1c24 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

c1h-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.149.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-149-198.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f700:4::212:4f17 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

res-1.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.67.139.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-139-82.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.90.128.17 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

storage.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.32.67 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.11.192.49 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	office.net c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 4955 res-1.cdn.office.net — Cisco Umbrella Rank: 397	2 MB
20	live.com 1 redirects view.officeapps.live.com — Cisco Umbrella Rank: 23442 pnl1-word-view.officeapps.live.com — Cisco Umbrella Rank: 114374 storage.live.com — Cisco Umbrella Rank: 147 login.live.com — Cisco Umbrella Rank: 77	431 KB
4	accounts-mail.ru accounts-mail.ru	1 MB
2	sharepointonline.com static2.sharepointonline.com — Cisco Umbrella Rank: 2340	68 KB
1	microsoft.com browser.events.data.microsoft.com — Cisco Umbrella Rank: 244	383 B
1	live.net js.live.net — Cisco Umbrella Rank: 4555	16 KB
1	mail.ru filin.mail.ru — Cisco Umbrella Rank: 72909	3 KB
1	google.com docs.google.com — Cisco Umbrella Rank: 130
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 292	30 KB
62	9

	Domain	Requested by
30	c1h-word-view-15.cdn.office.net	pnl1-word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
17	pnl1-word-view.officeapps.live.com	accounts-mail.ru pnl1-word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
4	accounts-mail.ru	accounts-mail.ru
2	static2.sharepointonline.com
1	browser.events.data.microsoft.com	c1h-word-view-15.cdn.office.net
1	login.live.com
1	storage.live.com	1 redirects
1	js.live.net	c1h-word-view-15.cdn.office.net
1	res-1.cdn.office.net	c1h-word-view-15.cdn.office.net
1	filin.mail.ru	accounts-mail.ru
1	docs.google.com	accounts-mail.ru
1	view.officeapps.live.com	accounts-mail.ru
1	ajax.googleapis.com	accounts-mail.ru
62	13

This site contains links to these domains. Also see Links.

Domain
account.mail.ru
trk.mail.ru
help.mail.ru

Subject Issuer	Validity	Valid
accounts-mail.ru R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2022-04-19` - `2023-04-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.mail.ru GlobalSign RSA OV SSL CA 2018	`2022-10-20` - `2023-11-21`	a year	crt.sh
*.cdn.office.net Microsoft Azure TLS Issuing CA 02	`2023-01-11` - `2024-01-06`	a year	crt.sh
privatecdn.sharepointonline.com DigiCert SHA2 Secure Server CA	`2022-09-19` - `2023-09-19`	a year	crt.sh
*.res.outlook.com DigiCert SHA2 Secure Server CA	`2022-11-15` - `2023-11-15`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2022-08-12` - `2023-08-12`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2022-12-07` - `2023-12-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/?account=3mail@b.c
Frame ID: 78DE42C52C1F05BA8F98E85A0F065AB0
Requests: 9 HTTP requests in this frame

Frame: https://view.officeapps.live.com/op/view.aspx?src=https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/Delo_02_2473_2022_Motivirovannoe_reshenie_dokument_obezlichennaya.docx
Frame ID: E0E512F5295AEDBE5407796F532873DD
Requests: 2 HTTP requests in this frame

Frame: https://docs.google.com/viewer?url=https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/Delo_02_2473_2022_Motivirovannoe_reshenie_dokument_obezlichennaya.docx&embedded=true
Frame ID: 1229E804654DB121CA61BBC08CED4297
Requests: 1 HTTP requests in this frame

Frame: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
Frame ID: C4E9DB656C98D7E0282234A924FD20DC
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Delo_02_2473_2022_Motivirovannoe_reshenie_dokument_obezlichennaya.docx - Почта Mail.ru

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

97 %
HTTPS

42 %
IPv6

9
Domains

13
Subdomains

12
IPs

7
Countries

4148 kB
Transfer

15086 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://account.mail.ru/recovery?back_url=https%3A%2F%2Faccount.mail.ru%2Flogin%3Fpage%3Dhttps%253A%252F%252Faccount.mail.ru%252F%253F%26&dwhsplit=s10273.b1s&success_redirect=https%3A%2F%2Faccount.mail.ru%2F%3Fauthid%3Dkltby1iv.cck%26dwhsplit%3Ds10273.b1s%26from%3Dlogin&utm_source=login
Title: Восстановить доступ

Search URL Search Domain Scan URL

URL: https://account.mail.ru/signup?back=https%3A%2F%2Faccount.mail.ru%2F%3Fauthid%3Dkltby1iv.cck%26dwhsplit%3Ds10273.b1s%26from%3Dlogin&dwhsplit=s10273.b1s&from=login
Title: Создать аккаунт

Search URL Search Domain Scan URL

URL: https://trk.mail.ru/c/fuopc3
Title: Почта Mail.ru

Search URL Search Domain Scan URL

URL: https://help.mail.ru/mail/account/login/qr#hint
Title: Подробнее

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1674047932000 HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1674047932&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

62 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
accounts-mail.ru/attach/filefolder/gTtsaf4gsf/ 1 MB
368 KB 462ms
187ms Document
text/html 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/?account=3mail@b.c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.2 / PHP/7.2.34

Resource Hash

46f352854319b07351b414c0c881f6436f85a9583afe11a6b6da2ade6e765498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 13:18:49 GMT
server: nginx/1.20.2
strict-transport-security: max-age=31536000;
x-powered-by: PHP/7.2.34

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
30 KB 175ms
52ms Script
text/javascript 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: accounts-mail.ru
URL: https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/?account=3mail@b.c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts-mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 12:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 12:20:18 GMT

GET
H2 200 qr.png
accounts-mail.ru/attach/filefolder/gTtsaf4gsf/ 3 KB
3 KB 88ms
88ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/qr.png

Requested by

Host: accounts-mail.ru
URL: https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/?account=3mail@b.c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.2 /

Resource Hash

fd7007994e9326288852a7f330970b9b98edc32e64924c71022c2569d35129f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/?account=3mail@b.c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 13:18:49 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 17 Jan 2023 13:23:13 GMT
server: nginx/1.20.2
etag: "63c6a141-b89"
content-type: image/png
accept-ranges: bytes
content-length: 2953

GET
H2 200 view.aspx Show response
view.officeapps.live.com/op/ Frame E0E5 4 KB
3 KB 203ms
89ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.officeapps.live.com/op/view.aspx?src=https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/Delo_02_2473_2022_Motivirovannoe_reshenie_dokument_obezlichennaya.docx

Requested by

Host: accounts-mail.ru
URL: https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/?account=3mail@b.c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

00615481d1a8748de65583c30f0fba5a4b03f0d914ce6a9685ce9e2d0a900c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://accounts-mail.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 18 Jan 2023 13:18:48 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: 2a72d3f0-832e-4df3-95e7-2fd3092bad87
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 0C7264CA2E91477EBCE7B8644AE44668 Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:49Z
x-officecluster: PNL1
x-officefd: AM4PEPF0001CBFE
x-officefe: AM4PEPF0001B1FD
x-officeversion: 16.0.16109.41019

GET
H2 204 viewer
docs.google.com/ Frame 1229 0
0 320ms
93ms Document
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewer?url=https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/Delo_02_2473_2022_Motivirovannoe_reshenie_dokument_obezlichennaya.docx&embedded=true

Requested by

Host: accounts-mail.ru
URL: https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/?account=3mail@b.c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z5Y45NWhM_BQNmWauw9mjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport

Request headers

Referer: https://accounts-mail.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-z5Y45NWhM_BQNmWauw9mjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
date: Wed, 18 Jan 2023 13:18:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
server: GSE

GET
H2 200 qr_big.png
accounts-mail.ru/attach/filefolder/gTtsaf4gsf/ 12 KB
12 KB 89ms
88ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/qr_big.png

Requested by

Host: accounts-mail.ru
URL: https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/?account=3mail@b.c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.2 /

Resource Hash

9de26d1f5da8e98ab08b6110aaf9f5f713ccd5b342039076a9ff42762f392059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/?account=3mail@b.c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 13:18:49 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 17 Jan 2023 13:23:13 GMT
server: nginx/1.20.2
etag: "63c6a141-2ee6"
content-type: image/png
accept-ranges: bytes
content-length: 12006

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 436016caee68b71d4aaa5d3ed729d8ec8831119a281bcb0efc030bfb3772c19a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pic
filin.mail.ru/ 3 KB
3 KB 318ms
90ms Image
image/png 94.100.180.35
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://filin.mail.ru/pic?from=ph&email=3mail@b.c

Requested by

Host: accounts-mail.ru
URL: https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/?account=3mail@b.c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.35 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

filin.mail.ru

Software

nginx/1.14.2 /

Resource Hash

e98191d47429bbd50d3974095aafb071ebfc97796de792cbae360b47f4ba9529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts-mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-icon_source: @
date: Wed, 18 Jan 2023 13:18:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 10 Dec 2020 18:36:36 GMT
server: nginx/1.14.2
x-mru-request-id: 35d94a46-9a5b-9e1e-8ee3-364361148f7b
etag: 405fd26ab4
content-type: image/png
cache-control: max-age=86400
x-envoy-upstream-service-time: 15
timing-allow-origin: *
content-length: 2872
expires: Thu, 19 Jan 2023 16:18:49 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae1a512c4dfaa16d2160fd6333ccda10d58d7cfea4e203b6c4fe665f25d40aff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 30 KB
30 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72256b3ac149b5fcab20c9b2f7cbe3d9e9fae600fa0da6b1ac9c93e6cc6f30dc

Request headers

Referer
Origin: https://accounts-mail.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H2 200 ArialRegular.ttf
accounts-mail.ru/attach/filefolder/gTtsaf4gsf/ 874 KB
875 KB 94ms
94ms Font
application/font-sfnt 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/ArialRegular.ttf

Requested by

Host: accounts-mail.ru
URL: https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/?account=3mail@b.c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.2 /

Resource Hash

103f95fb6919365c1f54b990fc1c171b623c68590e3ccf1b1508507eb8eb896d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/?account=3mail@b.c
Origin: https://accounts-mail.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 13:18:49 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 17 Jan 2023 13:23:13 GMT
server: nginx/1.20.2
etag: "da8e0-5f2759a0fb609"
content-type: application/font-sfnt
accept-ranges: bytes
content-length: 895200

GET
DATA 200
OK truncated
/ Frame E0E5 695 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 wordviewerframe.aspx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 94 KB
97 KB 128ms
94ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87

Requested by

Host: accounts-mail.ru
URL: https://accounts-mail.ru/attach/filefolder/gTtsaf4gsf/?account=3mail@b.c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7642ec3582d068973d9de21b6769c1f7973ffd1a1fd68ad391d5d15311961264

Security Headers

Name	Value
Content-Security-Policy	font-src data: 'self' c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net .azureedge.net fs.microsoft.com res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://view.officeapps.live.com
Referer: https://view.officeapps.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: 'self' c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Wed, 18 Jan 2023 13:18:49 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 4C860707F2954C60AD0FECDF91268F76 Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:49Z
x-officecluster: PNL1
x-officefd: AM4PEPF00010313
x-officefe: AM4PEPF00010313
x-officeversion: 16.0.16109.41019
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/h5001B2DC70F3F563_resources/1031/ Frame C4E9 272 KB
34 KB 326ms
60ms Stylesheet
text/css 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h5001B2DC70F3F563_resources/1031/WordViewer.css

Requested by

Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5001b2dc70f3f5632ec403d473a75cb956b4ecebfdf048597f2335b9582c838d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:50 GMT
x-officeversion: 16.0.16103.41001
x-officefe: DB5PEPF00011AD0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33924
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 06 Jan 2023 00:57:46 GMT
x-correlationid: 0f61435a-7ea9-44f7-85f9-50c57a05dfe3
x-usersessionid: 0f61435a-7ea9-44f7-85f9-50c57a05dfe3
x-msedge-ref: Ref A: 58891C7913E24ED2AC8AEC6BD7658F58 Ref B: VIEEDGE3113 Ref C: 2023-01-06T23:50:30Z
x-officecluster: PIE1
etag: "a5dc44e46921d91:0"
x-officefd: DB5PEPF00011AD0
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 0
600 B 82ms
82ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
X-UserSessionId: 3bee68de-188c-4fcb-88eb-9fce7108885b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 13:18:49 GMT
x-officeversion: 16.0.16109.41019
x-officefe: AM4PEPF00012932
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: c7f96651-6a7b-41bb-a4e2-d69f62b09202
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: AED47AAE12B24AEE81CA63879CB6D63C Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:50Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H2 200 clientManifest.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h31D1B1E33602A799_resources/de-DE/ Frame C4E9 208 KB
55 KB 377ms
116ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h31D1B1E33602A799_resources/de-DE/clientManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

31d1b1e33602a799699012f3a3ee00fc3d39a5903a63ed30ce23afab41a92968

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:50 GMT
x-officeversion: 16.0.16105.41001
x-officefe: AM4PEPF00010310
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 55901
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 01:00:15 GMT
x-correlationid: 2df66808-7f87-4508-bdbf-a507ebbfeb6d
x-usersessionid: 2df66808-7f87-4508-bdbf-a507ebbfeb6d
x-msedge-ref: Ref A: CB702CBC00D845D68DEF2852FE74F250 Ref B: VIEEDGE4407 Ref C: 2023-01-12T01:00:15Z
x-officecluster: PNL1
etag: W/"8b6f853b2126d91:0"
x-officefd: AM4PEPF00010310
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hD733136371B4BEE0_App_Scripts/ Frame C4E9 121 KB
27 KB 394ms
133ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hD733136371B4BEE0_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d733136371b4bee02783b9fe4862f54dceec824b9e94566fc7e0fd267623fed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:50 GMT
x-officeversion: 16.0.16103.41019
x-officefe: GVX0EPF00001631
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 27322
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Thu, 12 Jan 2023 00:22:31 GMT
x-correlationid: 1c09ff7a-27ea-430e-a50e-f97fa79cfd32
x-usersessionid: 1c09ff7a-27ea-430e-a50e-f97fa79cfd32
x-msedge-ref: Ref A: 42C6C94FDFBB4FEB83946A027134BEE2 Ref B: VIEEDGE2213 Ref C: 2023-01-12T00:22:31Z
x-officecluster: PSE1
etag: W/"bfb6ddf51b26d91:0"
x-officefd: GVX0EPF00001631
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hBF7CAAEC66407020_App_Scripts/1031/ Frame C4E9 171 KB
35 KB 403ms
142ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hBF7CAAEC66407020_App_Scripts/1031/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c10cf39fa93c1d998f08b187c14ccc404c855c18b7c0965fa58deee8ee60e84d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:50 GMT
x-officeversion: 16.0.16103.41019
x-officefe: GVX0EPF0000130B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 34653
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 11 Jan 2023 17:53:49 GMT
x-correlationid: 25c415f5-b7c0-4fe6-8acb-70db1fe0dd60
x-usersessionid: 25c415f5-b7c0-4fe6-8acb-70db1fe0dd60
x-msedge-ref: Ref A: 7142E61E16E34B14ACDC2DD0DA6D8C0A Ref B: VIEEDGE3706 Ref C: 2023-01-11T17:53:49Z
x-officecluster: PSE1
etag: W/"2c51fda8e525d91:0"
x-officefd: GVX0EPF0000130B
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame C4E9 6 KB
2 KB 439ms
179ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:50 GMT
x-officeversion: 16.0.16103.41019
x-officefe: GVX0EPF000012F7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1373
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 07 Jan 2023 01:53:52 GMT
x-correlationid: 5658aae6-c7bd-48e4-bc71-adbb6badbc9d
x-usersessionid: 5658aae6-c7bd-48e4-bc71-adbb6badbc9d
x-msedge-ref: Ref A: 901D3E9FAB9844DCAE9ECF97EA7EC2E9 Ref B: VIEEDGE1910 Ref C: 2023-01-09T19:36:26Z
x-officecluster: PSE1
etag: "25e4abe43a22d91:0"
x-officefd: GVX0EPF000012F7
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h916862A4B8003C5B_App_Scripts/1031/ Frame C4E9 21 KB
5 KB 450ms
190ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h916862A4B8003C5B_App_Scripts/1031/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

54016b28da521e3b7cc8e80f5666067addb10b1ade446497a132dca999558524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:50 GMT
x-officeversion: 16.0.16103.41019
x-officefe: DM3PEPF00012E6F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4354
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 06 Jan 2023 01:45:29 GMT
x-correlationid: 5c3ae78d-30c8-4642-b3d1-375f75399e3b
x-usersessionid: 5c3ae78d-30c8-4642-b3d1-375f75399e3b
x-msedge-ref: Ref A: 9A1A8C2DFA5748F1A430AE098F49612F Ref B: VIEEDGE4409 Ref C: 2023-01-06T14:37:21Z
x-officecluster: US3C
etag: "b173408e7021d91:0"
x-officefd: DM3PEPF00012E6F
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hB7D2882A8BF7FB18_App_Scripts/1031/ Frame C4E9 518 KB
80 KB 319ms
59ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hB7D2882A8BF7FB18_App_Scripts/1031/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b7d2882a8bf7fb18aa73335089f2ff4d187b2638ed4a370797fda6d2c798748c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:50 GMT
x-officeversion: 16.0.16103.41019
x-officefe: DB5PEPF00011AEE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 80768
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity,afd_powerpointslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 01:00:15 GMT
x-correlationid: 496e1a01-f2da-48f9-ac6f-aa64059098ec
x-usersessionid: 496e1a01-f2da-48f9-ac6f-aa64059098ec
x-msedge-ref: Ref A: 228465B5D1384156B5EA94C7C5ABB7AE Ref B: VIEEDGE3918 Ref C: 2023-01-12T01:00:15Z
x-officecluster: PIE1
etag: W/"fbab553b2126d91:0"
x-officefd: DB5PEPF00011AEE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hC3D3F7A12238D1D5_App_Scripts/exp/ Frame C4E9 16 KB
4 KB 322ms
62ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC3D3F7A12238D1D5_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c3d3f7a12238d1d59d335bcf30e59fc38ac5c64cc5d2d7f526dddc868d8ad4ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:50 GMT
x-officeversion: 16.0.16105.41001
x-officefe: DB5PEPF00011AA0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 3538
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Thu, 12 Jan 2023 00:22:31 GMT
x-correlationid: 20aef37e-673d-451f-9ad6-231c60062789
x-usersessionid: 20aef37e-673d-451f-9ad6-231c60062789
x-msedge-ref: Ref A: 982DBFBB797146BDAABAF276BF70B04C Ref B: VIEEDGE3621 Ref C: 2023-01-12T00:22:31Z
x-officecluster: PIE1
etag: W/"d3e4caf51b26d91:0"
x-officefd: DB5PEPF00011AA0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h5C6CC5943CEA38BB_App_Scripts/ Frame C4E9 3 MB
481 KB 139ms
139ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h5C6CC5943CEA38BB_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5c6cc5943cea38bbecc4338331c676faa17e9591d7d9f3236fac9596b4f0b63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:50 GMT
x-officeversion: 16.0.16103.41019
x-officefe: AM4PEPF0001237B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 490603
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 11 Jan 2023 23:33:59 GMT
x-correlationid: f94633e3-24da-49b1-bad7-0e65ab90bc5d
x-usersessionid: f94633e3-24da-49b1-bad7-0e65ab90bc5d
x-msedge-ref: Ref A: BCC1C9A3BAC84353B645235BCFB4E06E Ref B: VIEEDGE3710 Ref C: 2023-01-12T00:22:31Z
x-officecluster: PNL1
etag: "12d7ed2d1526d91:0"
x-officefd: AM4PEPF0001237B
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 46 KB
46 KB 83ms
83ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d&v=00000000-0000-0000-0000-000000000802&usid=3bee68de-188c-4fcb-88eb-9fce7108885b&splashscreen=1&build=16.0.16109.41019&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

362ea7a501dfd3f82cb7707979435c6ac6e09bbe8d40d090e0e1e476beaabffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 13:18:49 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF0001237E
x-officeversion: 16.0.16109.41019
x-officefe: AM4PEPF0001237E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 46695
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_excelslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 3be05865-3857-4e9a-8964-c542cbd236ae
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: 32629D469A8748509B44A7AF42152177 Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:50Z
x-officefd: AM4PEPF0001237E
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d00000000-0000-0000-0000-000000000802p1.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:18:50 GMT

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 0
178 B 47ms
47ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
X-UserSessionId: 3bee68de-188c-4fcb-88eb-9fce7108885b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":397,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/h5001B2DC70F3F563_resources/1031/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 13:18:49 GMT
x-officeversion: 16.0.16109.41019
x-officefe: AM4PEPF00012931
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: b6953131-15c0-426c-8cfb-3835a9a4c867
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: 292908889A1649629B56167C25BBBDAF Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:50Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 0
178 B 47ms
47ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
X-UserSessionId: 3bee68de-188c-4fcb-88eb-9fce7108885b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":751,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 13:18:49 GMT
x-officeversion: 16.0.16109.41019
x-officefe: AM4PEPF00012372
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 8a0d2d7d-c4e1-4880-b7f7-82a1d3c7ccaa
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: A0AA4214374F421EB4B96F6F633F5812 Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:50Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 0
174 B 59ms
59ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteTelemetry.ashx?usid=3bee68de-188c-4fcb-88eb-9fce7108885b&build=16.0.16109.41019

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h5C6CC5943CEA38BB_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 13:18:49 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.16109.41019
x-officefe: AM4PEPF00006A0F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 76d8333d-3e11-489e-8878-8c9fc81232b8
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: 537D140F2BFA4039808ED9EE6CED45D3 Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:50Z
x-download-options: noopen
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
cache-control: private
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 446 B
863 B 65ms
65ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d&type=png&o15=1&ui=de-DE

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD733136371B4BEE0_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

3f051b51fe9cd162942e1f6805fe5ae4759d937cc01de8fa7574a2da9e69279b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00010313
X-UserSessionId: 3bee68de-188c-4fcb-88eb-9fce7108885b
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.16109.41019
X-Key: 1zsk6TcIs6c8HWDC8Ju3ebTV6Q1twd9Kavxx5KoCETg=,638096447299921938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 13:18:49 GMT
x-wacfrontend: AM4PEPF00010313
x-officeversion: 16.0.16109.41019
x-powered-by: ARR/3.0
x-officefe: AM4PEPF00010313
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 418
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 5ce8ed19-8da5-45a0-b646-55b0b8923c60, 5ce8ed19-8da5-45a0-b646-55b0b8923c60
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b, 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: 04487C6B553540CAA9965B30B7672506 Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:50Z
x-officefd: AM4PEPF00011BB7
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
timing-allow-origin: *, *
expires: Thu, 18 Jan 2024 13:18:50 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hDD4039F8AFAC6FD7_App_Scripts/ Frame C4E9 41 KB
7 KB 58ms
58ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hDD4039F8AFAC6FD7_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h5C6CC5943CEA38BB_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dd4039f8afac6fd76b462c4fd4f90374b18db762719108491ac2e365196d71ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:50 GMT
x-officeversion: 16.0.16103.41019
x-officefe: DB5PEPF00011AB7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 6113
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 07 Jan 2023 01:24:10 GMT
x-correlationid: 6f14c765-5f01-40e7-9ba3-4620de4ca006
x-usersessionid: 6f14c765-5f01-40e7-9ba3-4620de4ca006
x-msedge-ref: Ref A: BE4E499E112146339047BB27701C288C Ref B: VIEEDGE2210 Ref C: 2023-01-08T14:10:08Z
x-officecluster: PIE1
etag: "bb7e7ebe3622d91:0"
x-officefd: DB5PEPF00011AB7
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
BLOB 200
OK 2f5bf63e-4c66-48ae-9676-4df326c8c434
https://pnl1-word-view.officeapps.live.com/ Frame C4E9 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pnl1-word-view.officeapps.live.com/2f5bf63e-4c66-48ae-9676-4df326c8c434
Requested by: Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 0
618 B 46ms
46ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
X-UserSessionId: 3bee68de-188c-4fcb-88eb-9fce7108885b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":987,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 13:18:50 GMT
x-officeversion: 16.0.16109.41019
x-officefe: AM4PEPF00006034
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5ea534f2-9949-408d-9d4f-68f73af398f4
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: 07833A8268EE4DFAB1923AFD3CB4D8FB Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:51Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h678D84D884DAF86A_App_Scripts/ Frame C4E9 860 KB
141 KB 59ms
58ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h678D84D884DAF86A_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h5C6CC5943CEA38BB_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

678d84d884daf86a37806b14d22ac8012a869af3adeb731e27a77b72a52a6884

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16103.41019
x-officefe: AM4PEPF00010ABC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 143453
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 00:22:35 GMT
x-correlationid: eb51043d-50d1-41c6-bca6-73ba6f4ae515
x-usersessionid: eb51043d-50d1-41c6-bca6-73ba6f4ae515
x-msedge-ref: Ref A: F66D003574784D67A37993E055B4CB62 Ref B: VIEEDGE2213 Ref C: 2023-01-12T00:22:35Z
x-officecluster: PNL1
etag: W/"b5d366f81b26d91:0"
x-officefd: AM4PEPF00010ABC
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1031/ Frame C4E9 695 B
1 KB 58ms
58ms Image
image/gif 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1031/progress.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16105.41001
x-officefe: GVX0EPF000015E8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 695
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Thu, 12 Jan 2023 00:23:51 GMT
x-correlationid: a6993d6c-9047-436c-926e-70fd8668d0dd
x-usersessionid: a6993d6c-9047-436c-926e-70fd8668d0dd
x-msedge-ref: Ref A: 3C0E100DCB024C6D86E492C438742C01 Ref B: VIEEDGE3812 Ref C: 2023-01-12T10:11:35Z
x-officecluster: PSE1
etag: "789f7b251c26d91:0"
x-officefd: GVX0EPF000015E8
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 46 KB
46 KB 77ms
76ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=3bee68de-188c-4fcb-88eb-9fce7108885b&build=16.0.16109.41019&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

362ea7a501dfd3f82cb7707979435c6ac6e09bbe8d40d090e0e1e476beaabffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 13:18:50 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF000069E3
x-officeversion: 16.0.16109.41019
x-officefe: AM4PEPF000069E3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 46695
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 96188553-a9d3-489d-a662-030aa89c4ada
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: 61ADF814982B444094F09457E2272899 Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:51Z
x-officefd: AM4PEPF000069E3
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d00000000-0000-0000-0000-000000000802p1.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:18:51 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 45 KB
46 KB 77ms
77ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=3bee68de-188c-4fcb-88eb-9fce7108885b&build=16.0.16109.41019&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89e2926fcf18f3cfcf5f475b14afd2d2820cba06b7413d1b2dc744100d01d0bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 13:18:50 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF000069FC
x-officeversion: 16.0.16109.41019
x-officefe: AM4PEPF000069FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 45861
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 90e0bc8d-5a34-4b43-a48d-67b3065327c8
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: 43EC16D111D54FFDAE63524EE02CD4A9 Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:51Z
x-officefd: AM4PEPF000069FC
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d00000000-0000-0000-0000-000000000802p2.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:18:51 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 51 KB
52 KB 48ms
48ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p3.img&v=00000000-0000-0000-0000-000000000802&usid=3bee68de-188c-4fcb-88eb-9fce7108885b&build=16.0.16109.41019&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d27e398b04d857546d0bb0e21c156dc2fbc3d510a28da9667bd8e47b0722ebb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 13:18:50 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF0001237E
x-officeversion: 16.0.16109.41019
x-officefe: AM4PEPF0001237E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 52007
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: 31af6006-67e2-4b95-8d69-daf0e3c6de03
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: C451ABB440814E679DB3B88D4F8E0CDC Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:51Z
x-officefd: AM4PEPF0001237E
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d00000000-0000-0000-0000-000000000802p3.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:18:51 GMT

GET
H2 200 sharedheaderplaceholder-icons.woff
c1h-word-view-15.cdn.office.net/wv/s/h0A8049C5627A132D_App_Scripts/fonts/ Frame C4E9 3 KB
3 KB 58ms
58ms Font
font/x-woff 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h0A8049C5627A132D_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0a8049c5627a132d4c0be08579b2a33f7e8fd285a122795cabadabf08ddb6858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16103.41001
x-officefe: GVX0EPF00001600
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2796
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 06 Jan 2023 00:55:50 GMT
x-correlationid: dcd479b9-1f85-4dda-8b35-5adc52f40d17
x-usersessionid: dcd479b9-1f85-4dda-8b35-5adc52f40d17
x-msedge-ref: Ref A: 3BBD069244164ABBA01904836E38CFA6 Ref B: VIEEDGE1718 Ref C: 2023-01-06T11:48:42Z
x-officecluster: PSE1
etag: "ff95c39e6921d91:0"
x-officefd: GVX0EPF00001600
content-type: font/x-woff
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/h5001B2DC70F3F563_resources/1031/ Frame C4E9 22 KB
23 KB 58ms
57ms Font
font/x-woff 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h5001B2DC70F3F563_resources/1031/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h5001B2DC70F3F563_resources/1031/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/h5001B2DC70F3F563_resources/1031/WordViewer.css
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16109.41000
x-officefe: GVX0EPF00001643
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 14 Jan 2023 07:48:35 GMT
x-correlationid: c2c4510d-7617-4e1f-97b3-49a7ef0b4211
x-usersessionid: c2c4510d-7617-4e1f-97b3-49a7ef0b4211
x-msedge-ref: Ref A: 2E3798D0CD214657BA332644B26B62FE Ref B: VIEEDGE4211 Ref C: 2023-01-14T07:48:34Z
x-officecluster: PSE1
etag: W/"33313d9bec27d91:0"
x-officefd: GVX0EPF00001643
content-type: font/x-woff
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1031/ Frame C4E9 695 B
1 KB 57ms
57ms Image
image/gif 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1031/progress.gif

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h5C6CC5943CEA38BB_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16105.41001
x-officefe: GVX0EPF000015E8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 695
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Thu, 12 Jan 2023 00:23:51 GMT
x-correlationid: a6993d6c-9047-436c-926e-70fd8668d0dd
x-usersessionid: a6993d6c-9047-436c-926e-70fd8668d0dd
x-msedge-ref: Ref A: 3C0E100DCB024C6D86E492C438742C01 Ref B: VIEEDGE3812 Ref C: 2023-01-12T10:11:35Z
x-officecluster: PSE1
etag: "789f7b251c26d91:0"
x-officefd: GVX0EPF000015E8
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 51 KB
52 KB 82ms
82ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p4.img&v=00000000-0000-0000-0000-000000000802&usid=3bee68de-188c-4fcb-88eb-9fce7108885b&build=16.0.16109.41019&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1bb94973e6fb1e26badeda93f1b8a0c709d33391f2e280d6b7de76e5f4df5757

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 13:18:50 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF00006A1D
x-officeversion: 16.0.16109.41019
x-officefe: AM4PEPF00006A1D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 52471
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: e26820d4-3aac-457e-8adb-c6e2742815fe
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: 8B9F3DC3C2E64421B57A130B0E61535E Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:51Z
x-officefd: AM4PEPF00006A1D
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d00000000-0000-0000-0000-000000000802p4.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:18:51 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 48 KB
49 KB 130ms
129ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p5.img&v=00000000-0000-0000-0000-000000000802&usid=3bee68de-188c-4fcb-88eb-9fce7108885b&build=16.0.16109.41019&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

069f1db62c4079becd77d7be8f1ada36cd435e5f44402e58cef4022bae522c04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 13:18:50 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF00012379
x-officeversion: 16.0.16109.41019
x-officefe: AM4PEPF00012379
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 49215
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 221e86b4-9faa-4ba8-90a3-8ddc4df88754
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: 30C85D3782F54E70A9484B9D013D0921 Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:51Z
x-officefd: AM4PEPF00012379
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d00000000-0000-0000-0000-000000000802p5.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Thu, 18 Jan 2024 13:18:51 GMT

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161610941019_App_Scripts/1031/ Frame C4E9 518 KB
80 KB 58ms
58ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161610941019_App_Scripts/1031/word-app-intl.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hC3D3F7A12238D1D5_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b7d2882a8bf7fb18aa73335089f2ff4d187b2638ed4a370797fda6d2c798748c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16103.41019
x-officefe: AM4PEPF00010314
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 80768
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 01:00:16 GMT
x-correlationid: 07fbbb11-904d-47ac-8346-21d1a0f9d3ac
x-usersessionid: 07fbbb11-904d-47ac-8346-21d1a0f9d3ac
x-msedge-ref: Ref A: 05E78F8A96A344D7A457BD3BDE52942F Ref B: VIEEDGE4313 Ref C: 2023-01-12T01:00:16Z
x-officecluster: PNL1
etag: W/"b3d6ef3b2126d91:0"
x-officefd: AM4PEPF00010314
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCA64F76A964D0113_App_Scripts/exp/ Frame C4E9 1 MB
266 KB 61ms
61ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCA64F76A964D0113_App_Scripts/exp/common.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hC3D3F7A12238D1D5_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ca64f76a964d01139018285b9c9a2c704085925b6efdff94771a70cdbc3df1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16105.41001
x-officefe: AM4PEPF000069E9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 271515
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 00:22:36 GMT
x-correlationid: 7a3ae54f-e997-484f-a435-b2981bc16ab6
x-usersessionid: 7a3ae54f-e997-484f-a435-b2981bc16ab6
x-msedge-ref: Ref A: 10E23309660B43B081CFC8116BF7AFC3 Ref B: VIEEDGE3710 Ref C: 2023-01-12T00:22:36Z
x-officecluster: PNL1
etag: W/"3af0e5f81b26d91:0"
x-officefd: AM4PEPF000069E9
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChrome.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h0502C1FA2716F5AB_App_Scripts/exp/ Frame C4E9 291 KB
53 KB 61ms
61ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h0502C1FA2716F5AB_App_Scripts/exp/appChrome.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hC3D3F7A12238D1D5_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0502c1fa2716f5abd237915af2284e61d647445c87ff35a32b55edcab4c7c3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16103.41019
x-officefe: AM4PEPF00006A10
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 53331
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 00:22:36 GMT
x-correlationid: cc25cad4-12f8-41a7-a458-52c35310a98f
x-usersessionid: cc25cad4-12f8-41a7-a458-52c35310a98f
x-msedge-ref: Ref A: 9C49D329AC214077B32FD38538C8174F Ref B: VIEEDGE3112 Ref C: 2023-01-12T00:22:36Z
x-officecluster: PNL1
etag: W/"d15fa4f81b26d91:0"
x-officefd: AM4PEPF00006A10
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161610941019_resources/1031/ Frame C4E9 34 KB
35 KB 62ms
62ms Image
image/png 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161610941019_resources/1031/wv.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16103.41019
x-officefe: GVX0EPF00001308
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 01:00:16 GMT
x-correlationid: 7788360e-3671-4770-b0f9-f35993d7a2af
x-usersessionid: 7788360e-3671-4770-b0f9-f35993d7a2af
x-msedge-ref: Ref A: 3DC8BCB0DC1748C4B5B60AC0240E986E Ref B: VIEEDGE2313 Ref C: 2023-01-12T01:00:16Z
x-officecluster: PSE1
etag: W/"c76f133c2126d91:0"
x-officefd: GVX0EPF00001308
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress16.gif
c1h-word-view-15.cdn.office.net/wv/s/h38E88B6AF6C65319_resources/1031/ Frame C4E9 668 B
1 KB 61ms
61ms Image
image/gif 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h38E88B6AF6C65319_resources/1031/progress16.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16105.41001
x-officefe: AM4PEPF000069F9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 668
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 00:26:31 GMT
x-correlationid: 8fdd1857-9873-446f-9665-b5157893e22e
x-usersessionid: 8fdd1857-9873-446f-9665-b5157893e22e
x-msedge-ref: Ref A: F1710A3BA43E47D8AE0BEAF5B49E2F90 Ref B: VIEEDGE3919 Ref C: 2023-01-15T23:10:22Z
x-officecluster: PNL1
etag: "55608851c26d91:0"
x-officefd: AM4PEPF000069F9
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 0
432 B 56ms
56ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
X-UserSessionId: 3bee68de-188c-4fcb-88eb-9fce7108885b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1137,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 13:18:50 GMT
x-officeversion: 16.0.16109.41019
x-officefe: AM4PEPF00012935
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_powerpointslice,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 708aac0d-f61c-49d8-b852-79a8d4852d0d
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: AB2BA99FEC4449DF8EA15E11BF75C518 Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:51Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 0
330 B 47ms
46ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16109.41019&waccluster=PNL1&usid=3bee68de-188c-4fcb-88eb-9fce7108885b

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD733136371B4BEE0_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: AM4PEPF00010313
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.16109.41019
X-Key: 1zsk6TcIs6c8HWDC8Ju3ebTV6Q1twd9Kavxx5KoCETg=,638096447299921938
X-bULS-SuppressionETag: B6D1C2E29E47165B5D75AF507A0E5E6EE28A19B4
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 1
X-UserSessionId: 3bee68de-188c-4fcb-88eb-9fce7108885b
X-AccessTokenTtl: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
X-UserType: WOPI
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 13:18:50 GMT
x-officeversion: 16.0.16109.41019
x-officefe: AM4PEPF00006A10
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: B6D1C2E29E47165B5D75AF507A0E5E6EE28A19B4
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 660c997e-29bd-468b-b5fc-041ec1128c26
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: 7FE165A4A1E94B6EA6A72F7366A783F1 Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:51Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H2 200 common50.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hA2A9A14F69106D6B_App_Scripts/exp/ Frame C4E9 2 MB
328 KB 58ms
58ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hA2A9A14F69106D6B_App_Scripts/exp/common50.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hC3D3F7A12238D1D5_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a2a9a14f69106d6ba12c9848bc7c9f8c0f6a891198f7795f6b40dc0b658983a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16103.41019
x-officefe: GVX0EPF000012F5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 334007
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 00:22:37 GMT
x-correlationid: ed1d4d5f-d1c3-4116-bb4e-f8e6392e2129
x-usersessionid: ed1d4d5f-d1c3-4116-bb4e-f8e6392e2129
x-msedge-ref: Ref A: 89A1D17B27934097BCB53560BC2CEA2B Ref B: VIEEDGE3710 Ref C: 2023-01-12T00:22:37Z
x-officecluster: PSE1
etag: W/"a26378f91b26d91:0"
x-officefd: GVX0EPF000012F5
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChromeLazy.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hA8FDAEE3545B212E_App_Scripts/exp/ Frame C4E9 617 KB
125 KB 71ms
71ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hA8FDAEE3545B212E_App_Scripts/exp/appChromeLazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hC3D3F7A12238D1D5_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a8fdaee3545b212e87bf31abb3932ba57948c6170ab3cbd8e3892cd7b38c99b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16103.41019
x-officefe: GVX0EPF00001622
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 126780
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 00:22:37 GMT
x-correlationid: 98870721-a0d6-456d-addd-baada1f7a199
x-usersessionid: 98870721-a0d6-456d-addd-baada1f7a199
x-msedge-ref: Ref A: 76C58B839E5A4D1280260913B664CBBA Ref B: VIEEDGE3112 Ref C: 2023-01-12T00:22:37Z
x-officecluster: PSE1
etag: W/"661f70f91b26d91:0"
x-officefd: GVX0EPF00001622
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame C4E9 31 KB
32 KB 172ms
43ms Font
application/font-woff2 92.123.149.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.149.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-149-198.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 18 Jan 2023 13:18:51 GMT
last-modified: Thu, 26 Oct 2017 19:02:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ZtEeVbekE932qE6Fhpfntg==
etag: 0x8D51CA4122953A7
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 2668542d-001e-0073-22b4-fadebe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=25959421
x-ms-version: 2009-09-19
content-length: 31824

GET
H2 200 ResReader.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 129 KB
35 KB 61ms
61ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=3bee68de-188c-4fcb-88eb-9fce7108885b&build=16.0.16109.41019&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD733136371B4BEE0_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

38103f56ebd9d172ede7d562268572e7d70b9b77c2721bf5edd3bd747d6c5702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00010313
X-UserSessionId: 3bee68de-188c-4fcb-88eb-9fce7108885b
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.16109.41019
X-Key: 1zsk6TcIs6c8HWDC8Ju3ebTV6Q1twd9Kavxx5KoCETg=,638096447299921938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 13:18:50 GMT
x-wacfrontend: AM4PEPF00010313
x-officeversion: 16.0.16109.41019
x-powered-by: ARR/3.0
x-officefe: AM4PEPF00010313
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35485
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 7d8a566c-5595-4a68-92f9-444a03ce7703, 7d8a566c-5595-4a68-92f9-444a03ce7703
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b, 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: 54447076674349968638C5D57CD7AA6D Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:51Z
x-officefd: AM4PEPF00006A1B
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d00000000-0000-0000-0000-000000000802p_1_10.xml"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
timing-allow-origin: *, *
expires: Thu, 18 Jan 2024 13:18:51 GMT

GET
H2 200 word-app-intl-lazy.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h3F2FA8D80EA6D30A_App_Scripts/1031/ Frame C4E9 725 KB
83 KB 58ms
57ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h3F2FA8D80EA6D30A_App_Scripts/1031/word-app-intl-lazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h5C6CC5943CEA38BB_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3f2fa8d80ea6d30a2dc06149fb97a0a426feced62347ec950b4cbfcf5ed19f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16103.41019
x-officefe: DB5PEPF00011AB4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 84432
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 07 Jan 2023 01:23:29 GMT
x-correlationid: 86119a67-313b-42c9-bd89-d182f454d113
x-usersessionid: 86119a67-313b-42c9-bd89-d182f454d113
x-msedge-ref: Ref A: F4B0D8987013409DB3D3714A6C1906AA Ref B: VIEEDGE4118 Ref C: 2023-01-10T02:53:07Z
x-officecluster: PIE1
etag: "2f6a2da63622d91:0"
x-officefd: DB5PEPF00011AB4
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uiSlice20.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h197CE205A13D1CE6_App_Scripts/exp/ Frame C4E9 1 MB
219 KB 58ms
58ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h197CE205A13D1CE6_App_Scripts/exp/uiSlice20.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hC3D3F7A12238D1D5_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

197ce205a13d1ce6b42084f6845ee90ef228179c3d8f94c13a52f326c60a4da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16103.41019
x-officefe: GVX0EPF0000133A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 223455
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 00:22:37 GMT
x-correlationid: e529dd60-55b5-4ac7-8bb8-eebb8a663c75
x-usersessionid: e529dd60-55b5-4ac7-8bb8-eebb8a663c75
x-msedge-ref: Ref A: BA6649B6BCC24C039F251C80ABA50F26 Ref B: VIEEDGE2213 Ref C: 2023-01-12T00:22:37Z
x-officecluster: PSE1
etag: W/"cc877f91b26d91:0"
x-officefd: GVX0EPF0000133A
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 de-de Show response
res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/ Frame C4E9 25 KB
5 KB 249ms
60ms XHR
application/json 2a02:26f0:f700:4::212:4f17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/de-de

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hA8FDAEE3545B212E_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4::212:4f17 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b53f7adc3d9ff47636e46d5c77d5975f125068193d3c23e831e00352ed9ba4ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=2592000, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 13:18:51 GMT
x-cdn-provider: Akamai
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=300
timing-allow-origin: *
x-o365suiteuxshell-correlationid: c33dcbbb-1a9c-45af-a270-6d88ffeba990
content-length: 5127

GET
H2 200 shellstrings.json Show response
c1h-word-view-15.cdn.office.net/wv/s/161610941019_App_Scripts/suiteux-shell/strings/de/ Frame C4E9 15 KB
6 KB 58ms
57ms XHR
application/json 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161610941019_App_Scripts/suiteux-shell/strings/de/shellstrings.json

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hA8FDAEE3545B212E_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

71c56b7a5ee5ce943be76538d7a0c64765f83508f6b3a0c2ef9d275a55210829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16105.41001
x-officefe: AM4PEPF000131F0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5052
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 04:37:30 GMT
x-correlationid: 3dd3a558-0b53-473d-b227-28005c178fb0
x-usersessionid: 3dd3a558-0b53-473d-b227-28005c178fb0
x-msedge-ref: Ref A: 02B45A8451E4449BACC39F28FFDB420A Ref B: VIEEDGE1415 Ref C: 2023-01-12T04:42:10Z
x-officecluster: PNL1
etag: "0a17a943f26d91:0"
x-officefd: AM4PEPF000131F0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame C4E9 35 KB
36 KB 45ms
45ms Font
application/font-woff2 92.123.149.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.149.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-149-198.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 18 Jan 2023 13:18:51 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: ced18084-001e-00a8-60b4-fa1883000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29931842
x-ms-version: 2009-09-19
content-length: 36344

GET
H2 200 suiteux.shell.core.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161610941019_App_Scripts/suiteux-shell/js/ Frame C4E9 275 KB
75 KB 58ms
57ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hA8FDAEE3545B212E_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

df7025032c982707b99ab0b182137f19160a153e2cff894939f981add49dd339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16103.41019
x-officefe: GVX0EPF0000133B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 75702
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 00:22:38 GMT
x-correlationid: f1f265fa-f615-4feb-ac2f-cd19f2ae3e3b
x-usersessionid: f1f265fa-f615-4feb-ac2f-cd19f2ae3e3b
x-msedge-ref: Ref A: DA6095DD0ABB499A9E51788BC9077B3E Ref B: VIEEDGE3710 Ref C: 2023-01-12T00:22:38Z
x-officecluster: PSE1
etag: W/"c4c636fa1b26d91:0"
x-officefd: GVX0EPF0000133B
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 suiteux.shell.consappdata.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161610941019_App_Scripts/suiteux-shell/js/ Frame C4E9 7 KB
3 KB 57ms
57ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hA8FDAEE3545B212E_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

72e1c2e809904269e8a2020c7635e5af2f788ef14128f06b2940a5e5971b4d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16103.41019
x-officefe: DB5PEPF00011AC4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2014
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 00:22:38 GMT
x-correlationid: 7610166c-8954-49f3-8390-df141d14d6c9
x-usersessionid: 7610166c-8954-49f3-8390-df141d14d6c9
x-msedge-ref: Ref A: 3CBEE136E97C4B138173768DA6E7F8A8 Ref B: VIEEDGE2213 Ref C: 2023-01-12T00:22:38Z
x-officecluster: PIE1
etag: W/"441d38fa1b26d91:0"
x-officefd: DB5PEPF00011AC4
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame C4E9 42 KB
16 KB 327ms
40ms Script
application/javascript 23.67.139.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h5C6CC5943CEA38BB_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 23.67.139.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-139-82.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Unused62: 8096267
Date: Wed, 18 Jan 2023 13:18:52 GMT
X-MSNServer: RD0003FF1D9652
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
X-ODWebServer: westeurope0-odwebp
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=71500, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16199

GET
H2 200 suiteux.shell.plus.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161610941019_App_Scripts/suiteux-shell/js/ Frame C4E9 217 KB
47 KB 58ms
58ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hA8FDAEE3545B212E_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b641c3bbcb9e42eabac9706e7ff920c0d7df991059e17d8d2b41f32f3eb8868d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16103.41019
x-officefe: AM4PEPF00010ABC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 47464
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 00:22:39 GMT
x-correlationid: ec05f8a8-8e82-41a0-8927-59b13d186263
x-usersessionid: ec05f8a8-8e82-41a0-8927-59b13d186263
x-msedge-ref: Ref A: 2DFCB2A49C1A4E1EA4D57F6B8D39F9D6 Ref B: VIEEDGE2213 Ref C: 2023-01-12T00:22:39Z
x-officecluster: PNL1
etag: W/"44356cfa1b26d91:0"
x-officefd: AM4PEPF00010ABC
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 otelFull.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h0470D55FC3440102_App_Scripts/ Frame C4E9 119 KB
35 KB 58ms
58ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h0470D55FC3440102_App_Scripts/otelFull.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h5C6CC5943CEA38BB_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0470d55fc3440102274c98c8a9e09590ac8e9be2d0ff0a812640d26ac6cc9c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:51 GMT
x-officeversion: 16.0.16103.41019
x-officefe: GVX0EPF000015E1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35428
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 07 Jan 2023 00:31:00 GMT
x-correlationid: d1c489d6-5acf-4d16-8478-a6189f7f449b
x-usersessionid: d1c489d6-5acf-4d16-8478-a6189f7f449b
x-msedge-ref: Ref A: EE8CDF0A084E47DC89A0E779C7E7BC59 Ref B: VIEEDGE3812 Ref C: 2023-01-08T14:15:40Z
x-officecluster: PSE1
etag: "304561512f22d91:0"
x-officefd: GVX0EPF000015E1
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 suiteux.shell.otellogging.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161610941019_App_Scripts/suiteux-shell/js/ Frame C4E9 96 KB
31 KB 58ms
58ms Script
application/javascript 2a02:26f0:f700:489::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161610941019_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hA8FDAEE3545B212E_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:489::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8042071a176b14fd678fd2162ace3fec4d1843878ea523cfeb936a230c478ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Wed, 18 Jan 2023 13:18:52 GMT
x-officeversion: 16.0.16103.41019
x-officefe: GVX0EPF00001609
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 30538
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 12 Jan 2023 00:22:39 GMT
x-correlationid: 672347d2-8c40-4922-b95b-252499162a58
x-usersessionid: 672347d2-8c40-4922-b95b-252499162a58
x-msedge-ref: Ref A: F0AD0CD5D9004513B4C495A5769A2523 Ref B: VIEEDGE2213 Ref C: 2023-01-12T00:22:39Z
x-officecluster: PSE1
etag: W/"9cf9a9fa1b26d91:0"
x-officefd: GVX0EPF00001609
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame C4E9 2 KB
2 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df

Request headers

Referer
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C4E9 18 KB
18 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bc4f3fa66d42fd1999cb018d3e4024325dd6a96ee9e0a942d71f37ac875153d

Request headers

Referer
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H/1.1

200
OK

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1674047932000
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1674047932&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252f...

0
0

319ms
144ms

Image
text/html

40.126.32.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1674047932&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
Protocol: HTTP/1.1
Server: 40.126.32.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: DB1PPF226372B93
x-qosstats: {"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-asmversion: UNKNOWN; 19.1058.1201.2010
date: Wed, 18 Jan 2023 13:18:51 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1674047932&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
x-throwsite: 4212.9205
x-clienterrorcode: PassportAuthFail
ms-cv: JzqdVrmJZ0aa5Q3EIk/M8Q.0
content-length: 0
x-errorcodechain: Unauthenticated

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame C4E9 4 B
383 B 221ms
47ms XHR
application/json 51.11.192.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/ping

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h0470D55FC3440102_App_Scripts/otelFull.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.11.192.49 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 18 Jan 2023 13:18:52 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://pnl1-word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 translation.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame C4E9 2 KB
2 KB 61ms
61ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token=1&access_token_ttl=0&z=75087c675cbe01cbce4c458c7d0912e869ca66034cb28c506d01dfb80f043d8d&uilang=de-DE

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD733136371B4BEE0_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

eb37bb6de598a600e2f4a86ad5c47ad6a0580e8f43bfaded9e6684a1535016bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00010313
X-UserSessionId: 3bee68de-188c-4fcb-88eb-9fce7108885b
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.16109.41019
X-Key: 1zsk6TcIs6c8HWDC8Ju3ebTV6Q1twd9Kavxx5KoCETg=,638096447299921938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Faccounts%252Dmail%252Eru%253A443%252Fattach%252Ffilefolder%252FgTtsaf4gsf%252FDelo%255F02%255F2473%255F2022%255FMotivirovannoe%255Freshenie%255Fdokument%255Fobezlichennaya%252Edocx&access_token_ttl=0&hid=2a72d3f0-832e-4df3-95e7-2fd3092bad87
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 13:18:51 GMT
x-wacfrontend: AM4PEPF00010313
x-officeversion: 16.0.16109.41019
x-powered-by: ARR/3.0
x-officefe: AM4PEPF00010313
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 1439
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: b089fe47-b621-4eae-9937-001c3e0c52d2, b089fe47-b621-4eae-9937-001c3e0c52d2
x-officecluster: PNL1
x-usersessionid: 3bee68de-188c-4fcb-88eb-9fce7108885b, 3bee68de-188c-4fcb-88eb-9fce7108885b
x-msedge-ref: Ref A: 12CC37AB6C4C43C19016D547E0697A55 Ref B: AMS231032609037 Ref C: 2023-01-18T13:18:52Z
x-officefd: AM4PEPF0001237A
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
timing-allow-origin: *, *
expires: -1

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.view.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: 0872349633df2daae6dc68c2de8a5e56d3d23fd9f8f978f48fd523e81e300f4d
.google.com/	1970-01-20 13:24:19	Name: NID Value: 511=KPc1cN9z8urjArhxBDEa_8JoLLKRLBz3OIKmX6ksIWGcVJhtxQjYKBzGFA4MeMLtt8CXaFUkwOlHyCYdLaC3j6M3v6kRBmHSNh_vho9IyRjPvDVp_zeHPNu_5k_iKrruaIL2HRbH0Ei96p7Sp_ECSfwyW-0xh89jjHxeAcjSkNU
pnl1-word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 1d9c7e36d81042a099b1066b19c9d5dd
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=63539&lt=1674047932&co=1
.login.live.com/	1970-01-20 18:22:23	Name: MSCC Value: 80.255.7.103-DE
.login.live.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.DTkI8kkpl4HMyIPUh0hAnnpFY1S!9eSvkM3EKzCvkvpymNFfeK2FD8awl5WERx014OXFXylGFGTmV3JdPT9w2rDYfLW9bayJEFYNCxRPyIEglFUGTmQV1ZkRIkoYrqRq0IroB623sCbrE7J5SIY44WdKeA9oIsKOCGGD1hDH5StfrwM3KV8jC51OqUAnyltwA6eiue4j0WqH3gxskwkFBG8qGLuXnzLfkiKpk3i9U7qI0axQb6uw62yMm7mXg6I5hx2FS!e2p58UlHzBOC7bQEwrLTcaGL9Y!wcnibopsMDMQsaAt2GqZsdq3Ya14xw7QfqE0fXwRXq2URCBD6oN8nwmi5Cc9UvDSpJpsjRCRVmjQF2JSFgcZJH1CYo24MOHkb2!mLPi5Ji2AiSH4C6OTqJdAakETH0COjP6WPe9gwVQ!BEKesp1UGvI0KYuQ4h00NCiNCiiy03avQTOhjQSB6Ii2kuL1FXX5VbAd9Sm
.login.live.com/	1969-12-31 23:59:59	Name: MSPOK Value: $uuid-1f91ad43-9b84-4376-9e49-a7eecd0beefc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts-mail.ru
ajax.googleapis.com
browser.events.data.microsoft.com
c1h-word-view-15.cdn.office.net
docs.google.com
filin.mail.ru
js.live.net
login.live.com
pnl1-word-view.officeapps.live.com
res-1.cdn.office.net
static2.sharepointonline.com
storage.live.com
view.officeapps.live.com
23.67.139.82
2620:1ec:a92::171
2a00:1450:400d:806::200e
2a00:1450:400d:80c::200a
2a02:26f0:f700:489::1c24
2a02:26f0:f700:4::212:4f17
40.126.32.67
40.90.128.17
51.11.192.49
85.119.149.127
92.123.149.198
94.100.180.35
00615481d1a8748de65583c30f0fba5a4b03f0d914ce6a9685ce9e2d0a900c8c
0470d55fc3440102274c98c8a9e09590ac8e9be2d0ff0a812640d26ac6cc9c57
0502c1fa2716f5abd237915af2284e61d647445c87ff35a32b55edcab4c7c3c4
069f1db62c4079becd77d7be8f1ada36cd435e5f44402e58cef4022bae522c04
0a8049c5627a132d4c0be08579b2a33f7e8fd285a122795cabadabf08ddb6858
103f95fb6919365c1f54b990fc1c171b623c68590e3ccf1b1508507eb8eb896d
197ce205a13d1ce6b42084f6845ee90ef228179c3d8f94c13a52f326c60a4da8
1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29
1bb94973e6fb1e26badeda93f1b8a0c709d33391f2e280d6b7de76e5f4df5757
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
31d1b1e33602a799699012f3a3ee00fc3d39a5903a63ed30ce23afab41a92968
362ea7a501dfd3f82cb7707979435c6ac6e09bbe8d40d090e0e1e476beaabffe
38103f56ebd9d172ede7d562268572e7d70b9b77c2721bf5edd3bd747d6c5702
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
3f051b51fe9cd162942e1f6805fe5ae4759d937cc01de8fa7574a2da9e69279b
3f2fa8d80ea6d30a2dc06149fb97a0a426feced62347ec950b4cbfcf5ed19f6a
436016caee68b71d4aaa5d3ed729d8ec8831119a281bcb0efc030bfb3772c19a
46f352854319b07351b414c0c881f6436f85a9583afe11a6b6da2ade6e765498
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
5001b2dc70f3f5632ec403d473a75cb956b4ecebfdf048597f2335b9582c838d
54016b28da521e3b7cc8e80f5666067addb10b1ade446497a132dca999558524
5c6cc5943cea38bbecc4338331c676faa17e9591d7d9f3236fac9596b4f0b63d
678d84d884daf86a37806b14d22ac8012a869af3adeb731e27a77b72a52a6884
71c56b7a5ee5ce943be76538d7a0c64765f83508f6b3a0c2ef9d275a55210829
72256b3ac149b5fcab20c9b2f7cbe3d9e9fae600fa0da6b1ac9c93e6cc6f30dc
72e1c2e809904269e8a2020c7635e5af2f788ef14128f06b2940a5e5971b4d3b
7642ec3582d068973d9de21b6769c1f7973ffd1a1fd68ad391d5d15311961264
7bc4f3fa66d42fd1999cb018d3e4024325dd6a96ee9e0a942d71f37ac875153d
8042071a176b14fd678fd2162ace3fec4d1843878ea523cfeb936a230c478ea3
89e2926fcf18f3cfcf5f475b14afd2d2820cba06b7413d1b2dc744100d01d0bf
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
9de26d1f5da8e98ab08b6110aaf9f5f713ccd5b342039076a9ff42762f392059
a2a9a14f69106d6ba12c9848bc7c9f8c0f6a891198f7795f6b40dc0b658983a3
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a8fdaee3545b212e87bf31abb3932ba57948c6170ab3cbd8e3892cd7b38c99b2
ae1a512c4dfaa16d2160fd6333ccda10d58d7cfea4e203b6c4fe665f25d40aff
b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df
b53f7adc3d9ff47636e46d5c77d5975f125068193d3c23e831e00352ed9ba4ac
b641c3bbcb9e42eabac9706e7ff920c0d7df991059e17d8d2b41f32f3eb8868d
b7d2882a8bf7fb18aa73335089f2ff4d187b2638ed4a370797fda6d2c798748c
c10cf39fa93c1d998f08b187c14ccc404c855c18b7c0965fa58deee8ee60e84d
c3d3f7a12238d1d59d335bcf30e59fc38ac5c64cc5d2d7f526dddc868d8ad4ce
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
ca64f76a964d01139018285b9c9a2c704085925b6efdff94771a70cdbc3df1a4
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
d27e398b04d857546d0bb0e21c156dc2fbc3d510a28da9667bd8e47b0722ebb2
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d733136371b4bee02783b9fe4862f54dceec824b9e94566fc7e0fd267623fed1
dd4039f8afac6fd76b462c4fd4f90374b18db762719108491ac2e365196d71ac
df7025032c982707b99ab0b182137f19160a153e2cff894939f981add49dd339
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98191d47429bbd50d3974095aafb071ebfc97796de792cbae360b47f4ba9529
eb37bb6de598a600e2f4a86ad5c47ad6a0580e8f43bfaded9e6684a1535016bd
fd7007994e9326288852a7f330970b9b98edc32e64924c71022c2569d35129f8

accounts-mail.ru Open in urlscan Pro 85.119.149.127 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

97 %HTTPS

42 %IPv6

9 Domains

13 Subdomains

12 IPs

7 Countries

4148 kBTransfer

15086 kBSize

8 Cookies

4 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

accounts-mail.ru Open in urlscan Pro
85.119.149.127 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

97 %
HTTPS

42 %
IPv6

9
Domains

13
Subdomains

12
IPs

7
Countries

4148 kB
Transfer

15086 kB
Size

8
Cookies

62 HTTP transactions
6 data transactions