prosed.ee
Open in
urlscan Pro
217.146.69.42
Public Scan
Effective URL: https://prosed.ee/
Submission Tags: phishingrod
Submission: On June 20 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 13th 2023. Valid for: 3 months.
This is the only time prosed.ee was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 217.146.67.141 217.146.67.141 | 49604 (ZONE Zone...) (ZONE Zone Media OU) | |
2 22 | 217.146.69.42 217.146.69.42 | 49604 (ZONE Zone...) (ZONE Zone Media OU) | |
3 | 2620:1ec:a92:... 2620:1ec:a92::171 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
20 | 2a02:26f0:350... 2a02:26f0:3500:598::1c24 | () () | |
4 | 184.30.17.174 184.30.17.174 | () () | |
2 | 2603:1063:220... 2603:1063:2206:14::46 | () () | |
54 | 7 |
ASN49604 (ZONE Zone Media OU, EE)
PTR: kinnas.kahtlane.info
prosed.csgo.ee |
ASN49604 (ZONE Zone Media OU, EE)
PTR: sn-69-42.tll07.zoneas.eu
prosed.ee |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
view.officeapps.live.com | |
pnl1-excel.officeapps.live.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
prosed.ee
2 redirects
prosed.ee |
256 KB |
20 |
office.net
c1h-excel-15.cdn.office.net |
2 MB |
5 |
live.com
view.officeapps.live.com — Cisco Umbrella Rank: 25269 pnl1-excel.officeapps.live.com — Cisco Umbrella Rank: 184053 euc-excel-telemetry.officeapps.live.com |
68 KB |
4 |
microsoft.com
fs.microsoft.com |
2 MB |
1 |
csgo.ee
prosed.csgo.ee |
365 B |
54 | 5 |
Domain | Requested by | |
---|---|---|
22 | prosed.ee |
2 redirects
prosed.ee
|
20 | c1h-excel-15.cdn.office.net |
pnl1-excel.officeapps.live.com
c1h-excel-15.cdn.office.net |
4 | fs.microsoft.com |
pnl1-excel.officeapps.live.com
|
2 | euc-excel-telemetry.officeapps.live.com |
c1h-excel-15.cdn.office.net
|
2 | pnl1-excel.officeapps.live.com |
c1h-excel-15.cdn.office.net
|
1 | view.officeapps.live.com |
prosed.ee
|
1 | prosed.csgo.ee | |
54 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
wordpress.org |
www.techtrot.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
prosed.csgo.ee R3 |
2023-04-20 - 2023-07-19 |
3 months | crt.sh |
prosed.ee R3 |
2023-05-13 - 2023-08-11 |
3 months | crt.sh |
officeapps.live.com Microsoft Azure TLS Issuing CA 02 |
2023-05-24 - 2024-05-18 |
a year | crt.sh |
*.cdn.office.net Microsoft Azure TLS Issuing CA 02 |
2023-01-11 - 2024-01-06 |
a year | crt.sh |
fs.microsoft.com Microsoft Azure TLS Issuing CA 02 |
2022-08-29 - 2023-08-24 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://prosed.ee/
Frame ID: 598F153E56DB266CE80172C6CADEB25D
Requests: 21 HTTP requests in this frame
Frame:
https://view.officeapps.live.com/op/embed.aspx?src=https%3A%2F%2Fprosed.ee%2Fwp-content%2Fuploads%2F2023%2F05%2Fprosed-1.xlsx
Frame ID: 7EB2DC0A0DC68073699C4B343396E104
Requests: 2 HTTP requests in this frame
Frame:
https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fprosed%252Eee%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F05%252Fprosed%252D1%252Exlsx&access_token_ttl=0&hid=ba27edd4-2472-4e0e-8393-6de8b5ace1b0
Frame ID: 479DECD65617316E4C94A9F32D1ED5A4
Requests: 32 HTTP requests in this frame
Screenshot
Page Title
ProsedPage URL History Show full URLs
- https://prosed.csgo.ee/ Page URL
-
http://prosed.ee/
HTTP 301
https://prosed.ee/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: WordPress
Search URL Search Domain Scan URL
Title: WordPress theme
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://prosed.csgo.ee/ Page URL
-
http://prosed.ee/
HTTP 301
https://prosed.ee/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://prosed.ee/wp-content/themes/primepress/rotating.php?image=4 HTTP 302
- https://prosed.ee/wp-content/themes/primepress/headers/PP-field%20of%20dreams.jpg
54 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
prosed.csgo.ee/ |
324 B 365 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
prosed.ee/ Redirect Chain
|
19 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
prosed.ee/wp-content/themes/primepress/ |
13 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
prosed.ee/wp-content/themes/primepress/ |
58 B 139 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
prosed.ee/wp-includes/css/dist/block-library/ |
95 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
prosed.ee/wp-includes/css/dist/components/ |
81 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
prosed.ee/wp-includes/css/dist/block-editor/ |
106 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
prosed.ee/wp-includes/css/dist/nux/ |
3 KB 873 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
prosed.ee/wp-includes/css/dist/reusable-blocks/ |
525 B 319 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
prosed.ee/wp-includes/css/dist/editor/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blocks.style.build.css
prosed.ee/wp-content/plugins/robo-gallery/includes/extensions/block/dist/ |
0 68 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
classic-themes.min.css
prosed.ee/wp-includes/css/ |
291 B 286 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
prosed.ee/wp-content/plugins/contact-form-7/includes/css/ |
2 KB 728 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
prosed.ee/wp-includes/js/jquery/ |
88 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
prosed.ee/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PP-field%20of%20dreams.jpg
prosed.ee/wp-content/themes/primepress/headers/ Redirect Chain
|
154 KB 155 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
comment-reply.min.js
prosed.ee/wp-includes/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
prosed.ee/wp-content/plugins/contact-form-7/includes/js/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
prosed.ee/wp-content/themes/primepress/library/ |
1015 B 624 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layout.css
prosed.ee/wp-content/themes/primepress/library/ |
1 KB 384 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
prosed.ee/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed.aspx
view.officeapps.live.com/op/ Frame 7EB2 |
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 7EB2 |
695 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
xlembed.aspx
pnl1-excel.officeapps.live.com/x/_layouts/ Frame 479D |
241 KB 56 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EwrDefault.css
c1h-excel-15.cdn.office.net/x/s/h02742133213348EE__layouts/Resources/1031/ Frame 479D |
148 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
excelframe.css
c1h-excel-15.cdn.office.net/x/s/h5B6F2A6DCFF5E4FA__layouts/Resources/1031/ Frame 479D |
62 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MicrosoftAjaxDS.js
c1h-excel-15.cdn.office.net/x/s/h16ABB4D4FBDA7915__layouts/App_Scripts/ Frame 479D |
106 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EwaDSOpt.js
c1h-excel-15.cdn.office.net/x/s/h76F4CBA8D762931D__layouts/App_Scripts/ Frame 479D |
3 MB 755 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Ewa.Strings.Wac.js
c1h-excel-15.cdn.office.net/x/s/h9142F17542CD9F0A__layouts/App_Scripts/1031/ Frame 479D |
127 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gridRenderer.min.js
c1h-excel-15.cdn.office.net/x/s/hD2C7C42AF541AC69__layouts/App_Scripts/ Frame 479D |
727 KB 204 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientManifest.js
c1h-excel-15.cdn.office.net/x/s/h98C8BFA7840D1A8D__layouts/Resources/de-DE/ Frame 479D |
187 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
richTextEditor.min.js
c1h-excel-15.cdn.office.net/x/s/h17921D9B7B99AFE2__layouts/App_Scripts/es6/ Frame 479D |
317 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EwaDSOpt.bootCommon.js
c1h-excel-15.cdn.office.net/x/s/h258B30D20837815F__layouts/App_Scripts/ Frame 479D |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ewaembed.png
c1h-excel-15.cdn.office.net/x/s/hDEF6F7343B3FA794__layouts/Resources/ Frame 479D |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
excelembed28.png
c1h-excel-15.cdn.office.net/x/s/h66C6B19E56A3A283__layouts/Resources/ Frame 479D |
458 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 479D |
376 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
44327025345
fs.microsoft.com/fs/4.7/rawguids/ Frame 479D |
1 MB 714 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
39238612322
fs.microsoft.com/fs/4.7/rawguids/ Frame 479D |
1 MB 625 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EwaDSOpt.tmcore.js
c1h-excel-15.cdn.office.net/x/s/hA416FEAB51B13695__layouts/App_Scripts/ Frame 479D |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
9bf3affe-43cf-4d06-bbf3-978bfece1a3d
https://pnl1-excel.officeapps.live.com/ Frame 479D |
193 B 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
RemoteUls.ashx
euc-excel-telemetry.officeapps.live.com/xt/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
excelOnline.min.js
c1h-excel-15.cdn.office.net/x/s/h614EAA22C5C5F763__layouts/App_Scripts/ Frame 479D |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
50941620409
fs.microsoft.com/fs/4.7/rawguids/ Frame 479D |
910 KB 495 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
44117086606
fs.microsoft.com/fs/4.7/rawguids/ Frame 479D |
1005 KB 522 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GetRangeContentJson
pnl1-excel.officeapps.live.com/x/_vti_bin/DynamicGridContent.json/ Frame 479D |
100 KB 9 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
RemoteUls.ashx
euc-excel-telemetry.officeapps.live.com/xt/ Frame 479D |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 479D |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EwaDSOpt.tm.js
c1h-excel-15.cdn.office.net/x/s/h788BEE071475743D__layouts/App_Scripts/ Frame 479D |
182 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EwaDSOpt.otherCommon.js
c1h-excel-15.cdn.office.net/x/s/h3FD6B7CB903461CF__layouts/App_Scripts/ Frame 479D |
357 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EwaDSOpt.frs.js
c1h-excel-15.cdn.office.net/x/s/h47D1DB69EECF3200__layouts/App_Scripts/ Frame 479D |
419 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EwaDSOpt.ev.js
c1h-excel-15.cdn.office.net/x/s/h52B7F8B881FDDE29__layouts/App_Scripts/ Frame 479D |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EwaDSOpt.pi.js
c1h-excel-15.cdn.office.net/x/s/hE917849DFCD51D51__layouts/App_Scripts/ Frame 479D |
498 KB 125 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EwaDSOpt.vrs.js
c1h-excel-15.cdn.office.net/x/s/hC6E334EBE6A820DD__layouts/App_Scripts/ Frame 479D |
157 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EwaDSOpt.cuixas.js
c1h-excel-15.cdn.office.net/x/s/hCE0BC20FAEA8EFFA__layouts/App_Scripts/ Frame 479D |
647 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
RemoteUls.ashx
euc-excel-telemetry.officeapps.live.com/xt/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
RemoteUls.ashx
euc-excel-telemetry.officeapps.live.com/xt/ Frame 479D |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
BeaconHandler.ashx
pnl1-excel.officeapps.live.com/x/_layouts/ Frame 479D |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- euc-excel-telemetry.officeapps.live.com
- URL
- https://euc-excel-telemetry.officeapps.live.com/xt/RemoteUls.ashx?waccluster=PNL1&officeserverversion=16.0.16611.42310&usid=f5126207-5b0c-4d58-a0d9-304e9bf50089
- Domain
- euc-excel-telemetry.officeapps.live.com
- URL
- https://euc-excel-telemetry.officeapps.live.com/xt/RemoteUls.ashx?waccluster=PNL1&officeserverversion=16.0.16611.42310&usid=f5126207-5b0c-4d58-a0d9-304e9bf50089
- Domain
- pnl1-excel.officeapps.live.com
- URL
- https://pnl1-excel.officeapps.live.com/x/_layouts/BeaconHandler.ashx?WacUserType=WOPI&usid=f5126207-5b0c-4d58-a0d9-304e9bf50089&NoAuth=1&waccluster=PNL1&WebMethod=Xlplt
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| _wpemojiSettings undefined| $ function| jQuery object| addComment object| wpcf7 object| twemoji object| wp2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.view.officeapps.live.com/ | Name: PNL1-ARRAffinity Value: 0872349633df2daae6dc68c2de8a5e56d3d23fd9f8f978f48fd523e81e300f4d |
|
.pnl1-excel.officeapps.live.com/ | Name: PNL1-Excel-ARRAffinity Value: 3ab3826a89a16327bc7ec15d0ecd27c88a706640de36b780f9c6122b77523ced |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c1h-excel-15.cdn.office.net
euc-excel-telemetry.officeapps.live.com
fs.microsoft.com
pnl1-excel.officeapps.live.com
prosed.csgo.ee
prosed.ee
view.officeapps.live.com
euc-excel-telemetry.officeapps.live.com
pnl1-excel.officeapps.live.com
184.30.17.174
217.146.67.141
217.146.69.42
2603:1063:2206:14::46
2620:1ec:a92::171
2a02:26f0:3500:598::1c24
02199a3a74aa01644afe138e531c68a97bd44616553748399d12bd25a19d3ba3
02742133213348ee1021555ca59def59676f8a7d5da6d840ae593aaa64df557c
05515f88d6473791cc2f54474a737327181ca00c0705ff3fdad4e54d752e2eda
072799c158a63f494abfbb8c4a0a7f1322029d531192c34092b88ddfdf693b2d
1238d28fce0cbeb31d0bd5bdf97e17d0c02a8827652f2d91ab6351b3a9e448f9
1522f5c0f14d035c42540d84ad4d00d92b72240e91784c15c59e12921a1f0d79
16abb4d4fbda791537009ace13309ea5ff47d731c4c11719d7aa4294d843bace
17921d9b7b99afe2c59c1f1f68ad1919d764a33ed63e802f490733a686219d95
258b30d20837815f470a25f6c609179292fea46780831434a8a10583f0de8c5a
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3f3e19b22a8e669009d5e0aea6809bdda1432e7e6abec1a8f73390650e51be22
42ba9fce886a47d0d12947516f0f091c73df4f1cc62e2cd443ff2c5a34ee9647
432c06e59533498982ee251f068e6e80030de6e4d40612ce02c476a56bab4ce6
46689198526f176cb3bb2881be2e8f1273be7293fea0625f2c3bfa2058c9b422
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5b6f2a6dcff5e4fa91361307a2d16e3fa4fdb2b137fc505a9711e727b493a080
614eaa22c5c5f763501f2d67b0ed2dca859a2693c90deb70a90c83f4c7ef704f
66c6b19e56a3a283448cfa65e8c47dbc8ac0a83050bb9029f82ed18c4409e1b2
6727d4b404f5a158670445c170e2922a588da60ce7948cb491001a9255f5fb9c
76f4cba8d762931dde5f191b6fbc41ec6a532be6d3692dc72de3064c9920ccfa
77f2fdbe0988be9b5d4aa7075d2bf038e2c50881bb3c485c826783824e1bbfd2
789d019e3e63db8671974a2d101057e7da274cb953e62f78e4890f808ac1ddd7
9142f17542cd9f0a62c280b1df9f4e88a05a0a66eeab49b863780bb044b3dc26
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98c8bfa7840d1a8dc998f64ec4a7a93bfa4a001cab6a846440e399d8d67de272
a05710074ea675d0010555a386fea162a6ea24ecaddb87cc8deccf69dae97f82
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a416feab51b13695eb3344f299d0754b19352582518a7497d903368e5eeb7cc3
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b04bdff30310eedf24a6172757e5e8329a6c5f366a22213c8865db502c14f6ab
b5ce068353ad62cf6ac85e5973b0ac5d6a7cd700f026279081a4c94118a04b73
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
c952c87aaaae1786be3071abeadc6091a1f91f6df1381881cc204861cf770686
d2c7c42af541ac69b7e99325ec9b6d79828c2f597bb8752b3e65c3c710433399
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
def6f7343b3fa79427426a51dbf484dc713fb9cc6d2813316303c73f05f29b3a
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e38e9d3ac766eaffa7f98d417558b6ddf7d2f35ef57f61802d563080405cc074
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77f429f5cde743c30216c2d5917706d09ddd938990f4f5ae98bfd4b5c7d0495
eb0ab622969875cccbaa658809cc6df6bfd73846f9c6c5e80774936cbc52845c
ed852397438aaf550af851196ec9b93418caf8b12b1acac0c6bb371265f0602c