malungon.net Open in urlscan Pro
192.185.12.229 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://malungon.net/
Effective URL:
https://malungon.net/cms/
Submission: On September 21 via manual (September 21st 2022, 4:11:14 pm UTC) from IN — Scanned from DE

Summary HTTP 94 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 94 HTTP transactions. The main IP is 192.185.12.229, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is malungon.net.
TLS certificate: Issued by R3 on September 18th 2022. Valid for: 3 months.

This is the only time malungon.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 44	192.185.12.229 192.185.12.229	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
19	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:1f18:510... 2600:1f18:510:801:8e14:7e74:339e:aa65	14618 (AMAZON-AES) (AMAZON-AES)
23	2a02:26f0:10e... 2a02:26f0:10e:294::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	92.123.11.106 92.123.11.106	() ()
2	96.16.158.214 96.16.158.214	() ()
1	2a02:26f0:10e... 2a02:26f0:10e:296::1e0f	() ()
94	9

44 192.185.12.229 (United States) 2 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-12-229.unifiedlayer.com

malungon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

cdn.popcash.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pnl1-word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:510:801:8e14:7e74:339e:aa65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dcba.popcash.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:26f0:10e:294::1c24 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

c1h-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.11.106 (None, )

ASN- ()

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.16.158.214 (None, )

ASN- ()

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10e:296::1e0f (None, )

ASN- ()

res-1.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	malungon.net 2 redirects malungon.net	3 MB
24	office.net c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 4537 res-1.cdn.office.net	4 MB
19	live.com view.officeapps.live.com — Cisco Umbrella Rank: 23534 pnl1-word-view.officeapps.live.com — Cisco Umbrella Rank: 126654	930 KB
2	sharepointonline.com static2.sharepointonline.com	68 KB
2	popcash.net cdn.popcash.net — Cisco Umbrella Rank: 152932 dcba.popcash.net — Cisco Umbrella Rank: 143841	39 KB
1	live.net js.live.net	16 KB
0	microsoft.com Failed browser.events.data.microsoft.com Failed
94	7

	Domain	Requested by
44	malungon.net	2 redirects malungon.net
23	c1h-word-view-15.cdn.office.net	pnl1-word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
18	pnl1-word-view.officeapps.live.com	pnl1-word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
2	static2.sharepointonline.com
1	res-1.cdn.office.net	c1h-word-view-15.cdn.office.net
1	js.live.net	c1h-word-view-15.cdn.office.net
1	dcba.popcash.net	cdn.popcash.net
1	view.officeapps.live.com	malungon.net
1	cdn.popcash.net	malungon.net
0	browser.events.data.microsoft.com Failed	c1h-word-view-15.cdn.office.net
94	10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
hr.malungon.net
www.concrete5.org
site5.com
mnkras.com

Subject Issuer	Validity	Valid
www.personnel.malungon.net R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
cdn.popcash.net R3	`2022-09-16` - `2022-12-15`	3 months	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2022-04-19` - `2023-04-18`	a year	crt.sh
*.popcash.net AlphaSSL CA - SHA256 - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2022-08-12` - `2023-08-12`	a year	crt.sh
privatecdn.sharepointonline.com DigiCert SHA2 Secure Server CA	`2022-09-19` - `2023-09-19`	a year	crt.sh
*.res.outlook.com Microsoft RSA TLS CA 01	`2022-06-02` - `2023-06-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://malungon.net/cms/
Frame ID: 74D45C8FBD8B98025532B83FF5B0D82F
Requests: 44 HTTP requests in this frame

Frame: https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Fmalungon.net%2Fcms%2Ffiles%2F4815%2F2766%2F5682%2FCNA-HRIS.docx
Frame ID: 99DE3190D5DC70D6F9687F7C5C9FEF45
Requests: 2 HTTP requests in this frame

Frame: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
Frame ID: 2A812AC8A98DD173F3940DCA2605E1F6
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Malungon Personnel :: Home

Page URL History Show full URLs

https://malungon.net/ HTTP 302
https://malungon.net/cms HTTP 301
https://malungon.net/cms/ Page URL

Detected technologies

Concrete5 (CMS) Expand

Overall confidence: 100%
Detected patterns

/concrete/js/

Cufon (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

cufon-yui\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

94
Requests

96 %
HTTPS

50 %
IPv6

7
Domains

10
Subdomains

9
IPs

2
Countries

7557 kB
Transfer

29537 kB
Size

3
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/media/set/?vanity=MalungonInformationOffice&set=a.473435998131366
Title: more photos

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pg/MalungonInformationOffice/photos/?tab=album&album_id=965215433830705&__xts__%5B0%5D=68.ARBJFw37zvtuBPS493CO3ZP8d_sl5Edox-CsriKw9NNIogGmRme4f24jcfv0gnNdhvdoBLfbMckbN7flrnqWjgg_v3ExiFQOu_QxHBnptLZjfDGacsZeAcaWKhuwY8Plpn1wjRDrd-hCOizqVt6V4LVDpdCuPFXkNzdyGz9RrnxTTMyiQtpdTzZc-DS7UPPBdWTwkETF2MejmEPLaDAK7_D3cD0Q8-BsqU7M7CFxRcq5DnnTchE1sFpmo4oJ5V1o_RTnlB29caRvdPZLCVj0VY_K41dGqU6R0f71Kse7VmxVQ-4b-W7rX8N3l2ROjrdBvKAboiSeOcHRisNYK83iFpFQC5JliKi6KxwxUFqILlzwqFa56tPO7rOpnKnRnNnDJNZAbJ5W1lucc0sCs1cNhhx4DPmynzxKzgSWjBiw7GSmG4w7NJvQvwMpI4Bg2lzJKVVRUN-z-0b1N-0DLg&__tn__=-UC-R
Title: more photos

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pg/MalungonInformationOffice/photos/?tab=album&album_id=965205643831684&__xts__%5B0%5D=68.ARB3Uf3kE4WxL2pkgJ1x8ZZaH1p3dbt9MrAOwvVaNXTsh7hyzVrvlItBg1iMwRIuw6Q9u6zeSBhZLuj79mKruSGAg3NQW_D3t9EVxI_1bQGOqvRCG6O2wxIrIo9L2e-CBQCPSerWHXeEpmXRTEESbaf1xLw269z5c16wApQ0-in0ojCXYl-PZVXcL49vAhUsh0Us2e7Lj3x4Otk1oPFe8U8dDXN6DY_ISw3K4E0KwLUrS1ChhZ9KEiaulrjjJEc9UFoNuc5K9uvlniJaOSXkK4ZbHzkHvcsupSz1qZ9isOseNjnCC4BIVYUPXiEVw7og81a8Brrx3NTBnz-hMloIR-9m7bN_gW125nEvyXEWg80tzdxp9aftpH_a-QWc5BP-2xE3-TJQIWUBf2BKV2tpjDOTI5sAQRfFO1fnN-6L0Si6fTQ4PChl6-rEBhphFRPuPt7N1Jtr6yco8cdCsw&__tn__=-UC-R
Title: more photos

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pg/MalungonInformationOffice/photos/?tab=album&album_id=959333224418926&__xts__%5B0%5D=68.ARDefycJkiJm95x7jZdeGZL-AEa9LVwiw59yG_bIV9yKDycB1p_eCjw9Gj0HKWWUg2L_x9wGZyGDMXjxnG6RzNBno2_olvsVza8kcKz1AsrOCROP7EUTm5YR7hjYpBSSHEBZ22WG_bA5VCaTC4-hyYscHtr2vG-aq9jmtuUHtdnTF2nodIxLAI53MkVZhcq_es8_LKBE_gAGXkXVFJewpm7OhHtRXmWmjGN6hjVp-Nwzeqxg4y87YlK4IW_xzE74PWFe5IVZp-1XyBRov_h0nF_6XLznP15Bj_fLkgKdWvmNySjzLgPMs_JP8v1Q6MBE4P2TpU_qFUFZXEwXzxWT-rJoME7G3PpEEiJ3cmkYs7r-lWWmiTxOuFnSdPskH84wc2z4kx-hsDvroTiDlzx5RrvQ33qPansDzLuyk-tD4vWAYpPQpp4XLVX7x8fQ8aS_sS-UJQWX_-n_NsLOHA&__tn__=-UC-R
Title: more photos

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pg/MalungonInformationOffice/photos/?tab=album&album_id=736669650018619&__xts__%5B0%5D=68.ARB1I0Iq6xpx9w1PMyU7lckpTeOpCMqRMw0ptYDl2TuGJ6XmaCqAJqGlqu1unyrrTUpL1L7EXbWdwjOm9mkw5wkt-OOOw3_P6eE9WBL86ytfzbSLGWT47ycWLHmwnIMBVhXr4Ud4L8_6TjaDfUY5SOH2NlnloNEb7xbGW4L2-q8TfI35Bjui&__tn__=-UC-R
Title: more photos

Search URL Search Domain Scan URL

URL: https://www.facebook.com/media/set/?set=a.709315106087407&type=1&l=da5da42d18
Title: more photos

Search URL Search Domain Scan URL

URL: http://hr.malungon.net/

Search URL Search Domain Scan URL

URL: http://www.concrete5.org/
Title: concrete5 - open source CMS

Search URL Search Domain Scan URL

URL: http://site5.com/
Title: Site5

Search URL Search Domain Scan URL

URL: http://mnkras.com/
Title: Mnkras

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://malungon.net/ HTTP 302
https://malungon.net/cms HTTP 301
https://malungon.net/cms/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

94 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
malungon.net/cms/
Redirect Chain

https://malungon.net/
https://malungon.net/cms
https://malungon.net/cms/

157 KB
59 KB

719ms
719ms

Document
text/html

192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 405c24dbcf98ae5457f3e06252b9abfe85a3489c6096ea68f0aeec0286a7ef1f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 21 Sep 2022 16:11:03 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding

Redirect headers

content-length: 233
content-type: text/html; charset=iso-8859-1
date: Wed, 21 Sep 2022 16:11:03 GMT
location: https://malungon.net/cms/
server: Apache

GET
H2 200 ccm.base.css
malungon.net/cms/concrete/css/ 2 KB
754 B 410ms
408ms Stylesheet
text/css 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://malungon.net/cms/concrete/css/ccm.base.css?v=fbb7872a04cec6d0f95e7383816d27b6
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 193b6332fd76aaeb75a95b21f344a62f0ee160cf9c0b10ee50ff25a2674cd8a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
content-encoding: gzip
last-modified: Thu, 20 Mar 2014 20:16:41 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 700

GET
H2 200 jquery.js Show response
malungon.net/cms/concrete/js/ 93 KB
41 KB 382ms
380ms Script
application/javascript 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://malungon.net/cms/concrete/js/jquery.js?v=fbb7872a04cec6d0f95e7383816d27b6
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
content-encoding: gzip
last-modified: Thu, 20 Mar 2014 20:16:42 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 ccm.base.js Show response
malungon.net/cms/concrete/js/ 2 KB
1 KB 380ms
378ms Script
application/javascript 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://malungon.net/cms/concrete/js/ccm.base.js?v=fbb7872a04cec6d0f95e7383816d27b6
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 269072a55c380b93fb4352295d768134e83930f66f5f9bad218c2922522fe1bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
content-encoding: gzip
last-modified: Thu, 20 Mar 2014 20:16:42 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1064

GET
H2 200 view.css
malungon.net/cms/concrete/blocks/slideshow/ 263 B
215 B 379ms
378ms Stylesheet
text/css 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://malungon.net/cms/concrete/blocks/slideshow/view.css?v=fbb7872a04cec6d0f95e7383816d27b6
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 182ecf364134dd0cc4d7359c4bf69a632f0e9ab34ee8c9dde2c7978d96d70c3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
content-encoding: gzip
last-modified: Thu, 20 Mar 2014 20:16:39 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 161

GET
H2 200 style.css
malungon.net/cms/packages/theme_boldy/themes/boldy/ 16 KB
5 KB 259ms
258ms Stylesheet
text/css 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 7630265b59b26859440a55c54630287707d51191a01a5a000844132621739aa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
content-encoding: gzip
last-modified: Sat, 26 Sep 2015 16:53:13 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4946

GET
H2 200 ddsmoothmenu.css
malungon.net/cms/packages/theme_boldy/themes/boldy/css/ 1 KB
687 B 261ms
259ms Stylesheet
text/css 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/css/ddsmoothmenu.css
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 4c1c89ed7b58af301e5d70e1c5bdb4548fac82d5f1ea98aa39c6dccc05ee938c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
content-encoding: gzip
last-modified: Wed, 23 Sep 2015 18:39:23 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 632

GET
H2 200 ddsmoothmenu.js Show response
malungon.net/cms/packages/theme_boldy/themes/boldy/js/ 7 KB
3 KB 263ms
261ms Script
application/javascript 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/js/ddsmoothmenu.js
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 7f0d70dd05dd9010ee81ed59fdd6e258209885eed0ee0d271903124b6e525e9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
content-encoding: gzip
last-modified: Wed, 23 Sep 2015 18:39:23 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2970

GET
H2 200 custom.js Show response
malungon.net/cms/packages/theme_boldy/themes/boldy/js/ 642 B
391 B 269ms
268ms Script
application/javascript 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/js/custom.js
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 09b1fb5c470c20e8b2799dea336743b5c81dcfd099321cdb548661b8bc1c34c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
content-encoding: gzip
last-modified: Wed, 23 Sep 2015 18:39:23 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 359

GET
H2 200 cufon-yui.js Show response
malungon.net/cms/packages/theme_boldy/themes/boldy/js/ 32 KB
13 KB 378ms
377ms Script
application/javascript 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/js/cufon-yui.js
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: c845f7c549fcd3bd2ed4e85fba688ae0813196f52914eb86eb452c2db32d60f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
content-encoding: gzip
last-modified: Wed, 23 Sep 2015 18:39:23 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 13338

GET
H2 200 Museo_Slab_500_400.font.js Show response
malungon.net/cms/packages/theme_boldy/themes/boldy/js/ 27 KB
11 KB 263ms
262ms Script
application/javascript 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/js/Museo_Slab_500_400.font.js
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 267864aa51ae052f4fb3155f46dcab63954f7cb46568c3a392907ad5f25d5613

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
content-encoding: gzip
last-modified: Wed, 23 Sep 2015 18:39:23 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 11644

GET
H2 200 /
malungon.net/cms/index.php/download_file/view_inline/18/ 33 KB
33 KB 476ms
447ms Image
image/png 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/index.php/download_file/view_inline/18/
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 2d7894b500a31770fa58be3ae5f3c4615b377faaa60a388151e75716c7608836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 16:11:04 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 403 /
malungon.net/cms/files/ 17 KB
17 KB 359ms
330ms Image
text/html 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 37680d1350f89e2205cd7c84d747e6b13bc1b6affd3e06c4d0251ac5bf5d009f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
content-encoding: gzip
last-modified: Tue, 23 Apr 2019 06:44:07 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 6083

GET
H2 200 43061961_736985103320407_5765797611227316224_n.jpg
malungon.net/cms/files/9115/3854/4280/ 112 KB
113 KB 194ms
164ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/9115/3854/4280/43061961_736985103320407_5765797611227316224_n.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 94fcedcc62ad714ea403dab8d662b9375be493a1c55a328357ff929c595cb1f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Wed, 03 Oct 2018 05:24:40 GMT
server: Apache
accept-ranges: bytes
content-length: 114628
content-type: image/jpeg

GET
H2 200 18.jpg
malungon.net/cms/files/9915/3854/3715/ 247 KB
248 KB 200ms
171ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/9915/3854/3715/18.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: de70e79d07dd41644b2d2f64bef2e8a38e2976336d221112774d60f880df6cd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Wed, 03 Oct 2018 05:15:15 GMT
server: Apache
accept-ranges: bytes
content-length: 252508
content-type: image/jpeg

GET
H2 200 8dd6f26810e27ca87fe5ac0c3f3c7dd2_f260.jpg
malungon.net/cms/files/cache/ 77 KB
77 KB 405ms
377ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/cache/8dd6f26810e27ca87fe5ac0c3f3c7dd2_f260.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: bc7a526c7f3c3c4acace8a3287302c37e1f530bdd8cdcd3535d99b64b0fe27e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Fri, 22 Feb 2019 04:39:16 GMT
server: Apache
accept-ranges: bytes
content-length: 78405
content-type: image/jpeg

GET
H2 200 17a23199e30a4869774fda8492f05f8a_f232.jpg
malungon.net/cms/files/cache/ 56 KB
56 KB 411ms
382ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/cache/17a23199e30a4869774fda8492f05f8a_f232.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 20b7a81a01d63e730ff6cd872db41d26c022b0c28dd8b06abd2996476b31532b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Fri, 22 Feb 2019 04:39:17 GMT
server: Apache
accept-ranges: bytes
content-length: 57179
content-type: image/jpeg

GET
H2 200 IMG_7241.jpg
malungon.net/cms/files/6614/8712/8260/ 90 KB
90 KB 410ms
381ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/6614/8712/8260/IMG_7241.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: c773021bf89c5cf91570d4c9bbea6f3ab090b4a947f0758821687bff434772b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Wed, 15 Feb 2017 03:11:00 GMT
server: Apache
accept-ranges: bytes
content-length: 91773
content-type: image/jpeg

GET
H2 200 cbef8f54a99e93d83066b51816f87f9e_f117.jpg
malungon.net/cms/files/cache/ 35 KB
35 KB 404ms
376ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/cache/cbef8f54a99e93d83066b51816f87f9e_f117.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 4d84f25fac4c85d6ff4d01fba2036e27f5befc78debe34a98e26150a2b9e8d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Fri, 22 Feb 2019 04:39:17 GMT
server: Apache
accept-ranges: bytes
content-length: 36170
content-type: image/jpeg

GET
H2 200 hrislogin1.jpg
malungon.net/cms/files/6814/3832/7552/ 54 KB
54 KB 397ms
376ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/6814/3832/7552/hrislogin1.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 1131089e10406d2454d67534ce9978be17b7aa528881e0c057e3104d216a64f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Fri, 31 Jul 2015 07:25:52 GMT
server: Apache
accept-ranges: bytes
content-length: 54888
content-type: image/jpeg

GET
H2 200 portlogin.png
malungon.net/cms/files/2914/3832/4088/ 24 KB
25 KB 471ms
450ms Image
image/png 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/2914/3832/4088/portlogin.png
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: f0bd9d69cd373a6c3c90f727fad3dd898b03995f029a504bcd07669be5249fd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Fri, 31 Jul 2015 06:28:08 GMT
server: Apache
accept-ranges: bytes
content-length: 24946
content-type: image/png

GET
H2 200 pop.js Show response
cdn.popcash.net/ 125 KB
39 KB 119ms
31ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popcash.net/pop.js
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae67c6aba6b2f2f0514e5e79e243eb9aee49d4f90f92442e1cc09c50532c974

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMadyGeAXt16Cy5kKT%2BTnBJFPp9mTxoH6x1YkPuxQMsklT%2BZcag50ujQvwm0W0v%2BCN9lkY058Fg9917oefAelgkqKQxj94qZpBgnkwc955%2F25wCBnFErp1jYSmMJ"}],"group":"cf-nel","max_age":604800}
content-length: 39286
last-modified: Tue, 05 Jul 2022 13:28:20 GMT
server: cloudflare
etag: W/"62c43c74-1f3e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1663776664.cds091.lo4.hn,1663776664.cds256.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 72a4832a4c4074c9-LHR

GET
H2 200 extern_blank.js Show response
malungon.net/cms/packages/extern_blank/js/ 420 B
269 B 156ms
156ms Script
application/javascript 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://malungon.net/cms/packages/extern_blank/js/extern_blank.js?v=fbb7872a04cec6d0f95e7383816d27b6
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: de245711cb6a96a0c7283da66045a736c7e0bc6c1372532cfb6888e73d420973

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
content-encoding: gzip
last-modified: Thu, 25 Oct 2018 05:43:58 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 215

GET
H2 200 bk_body.jpg
malungon.net/cms/packages/theme_boldy/themes/boldy/images/ 1 KB
1 KB 184ms
164ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/images/bk_body.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 9db58988934b95ac8ac56482813e3ed7ca9420511729c9666bb70f98238bf8bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Wed, 23 Sep 2015 18:39:23 GMT
server: Apache
accept-ranges: bytes
content-length: 1233
content-type: image/jpeg

GET
H2 200 bk_main_wrapper.png
malungon.net/cms/packages/theme_boldy/themes/boldy/images/ 343 B
373 B 176ms
157ms Image
image/png 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/images/bk_main_wrapper.png
Requested by: Host: malungon.net
URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: f943e3f1d4f1c6340535d49e638cad2b18b60a6f70910acfe6178c0e85ea34a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Wed, 23 Sep 2015 18:39:23 GMT
server: Apache
accept-ranges: bytes
content-length: 343
content-type: image/png

GET
H2 200 bk_header.png
malungon.net/cms/packages/theme_boldy/themes/boldy/images/ 14 KB
14 KB 171ms
152ms Image
image/png 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/images/bk_header.png
Requested by: Host: malungon.net
URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: ce3900f98c0eea05ce9f7472b480df522699e54799a3933777d70f845a720d15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Wed, 23 Sep 2015 18:39:23 GMT
server: Apache
accept-ranges: bytes
content-length: 14404
content-type: image/png

GET
H2 200 bk_mainmenu.png
malungon.net/cms/packages/theme_boldy/themes/boldy/images/ 372 B
402 B 175ms
157ms Image
image/png 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/images/bk_mainmenu.png
Requested by: Host: malungon.net
URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 48cd96b3d56a1072fffa8dd5f15ae70c89665eb3ebe6850bf6f9e6ef1bcf5d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Wed, 23 Sep 2015 18:39:23 GMT
server: Apache
accept-ranges: bytes
content-length: 372
content-type: image/png

GET
H2 200 bk_vertline.jpg
malungon.net/cms/packages/theme_boldy/themes/boldy/images/ 297 B
327 B 342ms
329ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/images/bk_vertline.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 40d2db476c017ea16f7f81927c76ba5fdecade902c4be8c37f2848db20649c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Wed, 23 Sep 2015 18:39:23 GMT
server: Apache
accept-ranges: bytes
content-length: 297
content-type: image/jpeg

GET
H2 200 view.aspx Show response
view.officeapps.live.com/op/ Frame 99DE 4 KB
5 KB 125ms
42ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Fmalungon.net%2Fcms%2Ffiles%2F4815%2F2766%2F5682%2FCNA-HRIS.docx

Requested by

Host: malungon.net
URL: https://malungon.net/cms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2d1572a3b6604a1f80477a72336d05e3a13418f7f80033dc5862988792a764d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malungon.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-type: text/html; charset=utf-8
date: Wed, 21 Sep 2022 16:11:04 GMT
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: cbf27e35-5764-4060-93d7-58eb807e70a3
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 97D261EB4D4E464F99F97A37EEC408C1 Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:04Z
x-officecluster: PNL1
x-officefd: AM4PEPF000068BF
x-officefe: AM4PEPF00010AD3
x-officeversion: 16.0.15708.41020

GET
H2 200 bk_horiz_line.jpg
malungon.net/cms/packages/theme_boldy/themes/boldy/images/ 296 B
326 B 361ms
360ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/images/bk_horiz_line.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: fdebb8b4a70927c275a6628666cc52f5783812cba5a016a4c104d55bee3b4ede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Wed, 23 Sep 2015 18:39:23 GMT
server: Apache
accept-ranges: bytes
content-length: 296
content-type: image/jpeg

GET
H2 200 but_show_hide.png
malungon.net/cms/packages/theme_boldy/themes/boldy/images/ 1 KB
1 KB 359ms
358ms Image
image/png 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/images/but_show_hide.png
Requested by: Host: malungon.net
URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 54b153ec51a4e29101e30da330cf264856ef56d56aeb217e94b77d2ab14d5f3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Wed, 23 Sep 2015 18:39:23 GMT
server: Apache
accept-ranges: bytes
content-length: 1372
content-type: image/png

GET
H2 200 bk_footer_widgets.png
malungon.net/cms/packages/theme_boldy/themes/boldy/images/ 696 B
726 B 355ms
355ms Image
image/png 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/images/bk_footer_widgets.png
Requested by: Host: malungon.net
URL: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: b070eefc770844b27a11818f725d67db633ca10c8a6c0623b6f017086d58ee71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/packages/theme_boldy/themes/boldy/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Wed, 23 Sep 2015 18:39:23 GMT
server: Apache
accept-ranges: bytes
content-length: 696
content-type: image/png

GET
H2 204 znWaa3gu Show response
dcba.popcash.net/ 0
118 B 364ms
103ms XHR
text/plain 2600:1f18:510:801:8e14:7e74:339e:aa65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dcba.popcash.net/znWaa3gu
Requested by: Host: cdn.popcash.net
URL: https://cdn.popcash.net/pop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:510:801:8e14:7e74:339e:aa65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 21 Sep 2022 16:11:04 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0

GET
H2 200 1.jpg
malungon.net/cms/files/9516/6331/2946/ 80 KB
81 KB 275ms
272ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/9516/6331/2946/1.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 8895edbc5fa9ac41a3555468c63210ea3241a4d74b83a65603b9a8e55036e18d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Fri, 16 Sep 2022 07:22:26 GMT
server: Apache
accept-ranges: bytes
content-length: 82303
content-type: image/jpeg

GET
H2 200 300773249_463484282459871_2476959267748636482_n.jpg
malungon.net/cms/files/4016/6193/0816/ 83 KB
83 KB 271ms
267ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/4016/6193/0816/300773249_463484282459871_2476959267748636482_n.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 7cd7ea07da8e9227e5049d4ceeef717aa8e1fd0870c76f453ea44dee8197af55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Wed, 31 Aug 2022 07:26:56 GMT
server: Apache
accept-ranges: bytes
content-length: 84513
content-type: image/jpeg

GET
H2 200 299144648_456055539869412_5318719923887591660_n.jpg
malungon.net/cms/files/8216/6140/3794/ 782 KB
782 KB 274ms
261ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/8216/6140/3794/299144648_456055539869412_5318719923887591660_n.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 7af43dab77ed10a5ff38262f170db1d092d3e21325b5e049faed65218cee28da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Thu, 25 Aug 2022 05:03:14 GMT
server: Apache
accept-ranges: bytes
content-length: 800739
content-type: image/jpeg

GET
H2 200 1.png
malungon.net/cms/files/3216/5050/4581/ 132 KB
132 KB 272ms
259ms Image
image/png 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/3216/5050/4581/1.png
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 508b4422f70cda74254233b81e996ed726185ba4d378efd66fe865f71639fe4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Thu, 21 Apr 2022 01:29:41 GMT
server: Apache
accept-ranges: bytes
content-length: 135479
content-type: image/png

GET
H2 200 6B.png
malungon.net/cms/files/8616/2866/0046/ 203 KB
203 KB 262ms
259ms Image
image/png 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/8616/2866/0046/6B.png
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: acedda39e436c03a71fab62c60e788152eaab6237b1ba37f69efd9b59ba40850

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Wed, 11 Aug 2021 05:34:06 GMT
server: Apache
accept-ranges: bytes
content-length: 208049
content-type: image/png

GET
H2 200 9.jpg
malungon.net/cms/files/2316/6331/4402/ 77 KB
77 KB 261ms
259ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/2316/6331/4402/9.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 24fcaf1078d29cd9b13c382886e83db07181dfa26357701ff7bee777b69b90d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Fri, 16 Sep 2022 07:46:42 GMT
server: Apache
accept-ranges: bytes
content-length: 78645
content-type: image/jpeg

GET
H2 200 66792526_2468818779845632_7665743254368813056_n.jpg
malungon.net/cms/files/8815/6455/1092/ 55 KB
55 KB 652ms
646ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/8815/6455/1092/66792526_2468818779845632_7665743254368813056_n.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 11f13fad11bcfc10e999a3d7191c8cef732b19dc81c04120fd7163d09c6cf559

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Wed, 31 Jul 2019 05:31:32 GMT
server: Apache
accept-ranges: bytes
content-length: 55954
content-type: image/jpeg

GET
H2 200 43016108_737369306615320_6593398381366738944_n.jpg
malungon.net/cms/files/1715/3861/2611/ 56 KB
56 KB 652ms
646ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/1715/3861/2611/43016108_737369306615320_6593398381366738944_n.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: f11f8453622a1079273522d89de30b7909b2252ac6269bfcdd18d5c5542653e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Thu, 04 Oct 2018 00:23:31 GMT
server: Apache
accept-ranges: bytes
content-length: 56844
content-type: image/jpeg

GET
H2 200 IMG_8891.jpg
malungon.net/cms/files/8715/2783/1406/ 52 KB
52 KB 649ms
645ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/8715/2783/1406/IMG_8891.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 3bf27ba7a69864ba2df83916402c574cd11efa2b20e7ab35e2d9c440d7022544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Fri, 01 Jun 2018 05:36:46 GMT
server: Apache
accept-ranges: bytes
content-length: 53538
content-type: image/jpeg

GET
H2 200 IMG_6981.jpg
malungon.net/cms/files/9514/8660/9473/ 174 KB
174 KB 509ms
505ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/9514/8660/9473/IMG_6981.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 576bb40ffb33576f002c96215c564b687f6bc2410b97e51f42568e27f434bd34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Thu, 09 Feb 2017 03:04:33 GMT
server: Apache
accept-ranges: bytes
content-length: 177887
content-type: image/jpeg

GET
H2 200 2_plaque1.jpg
malungon.net/cms/files/8614/7727/8951/ 131 KB
131 KB 507ms
505ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/8614/7727/8951/2_plaque1.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: 18304fde4ae985220c8fd65fbd98c8e4dbba93796a5bb301f57eb846ca65c401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Mon, 24 Oct 2016 03:15:51 GMT
server: Apache
accept-ranges: bytes
content-length: 133905
content-type: image/jpeg

GET
H2 200 20160419_115522.jpg
malungon.net/cms/files/5114/6104/0740/ 56 KB
56 KB 645ms
644ms Image
image/jpeg 192.185.12.229
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malungon.net/cms/files/5114/6104/0740/20160419_115522.jpg
Requested by: Host: malungon.net
URL: https://malungon.net/cms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.12.229 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-12-229.unifiedlayer.com
Software: Apache /
Resource Hash: c4b66ffa5bd6bcf504789dcb616e13c008d926c9277c8208917fbbe16b94319d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://malungon.net/cms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 16:11:04 GMT
last-modified: Tue, 19 Apr 2016 04:39:00 GMT
server: Apache
accept-ranges: bytes
content-length: 57339
content-type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 99DE 695 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 wordviewerframe.aspx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 89 KB
91 KB 240ms
62ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

472768ae2bcbfbf5ffdd2cefdea75c83da7859c3b18fb09a0f493df4c4be959a

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net .azureedge.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://view.officeapps.live.com
Referer: https://view.officeapps.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Wed, 21 Sep 2022 16:11:06 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
x-msedge-features: typeheadertest,afd_waccluster,afd_powerpointslice,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 55BB141F9F384B5B85103D765AC3B36F Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:06Z
x-officecluster: PNL1
x-officefd: AM4PEPF00012371
x-officefe: AM4PEPF00012371
x-officeversion: 16.0.15714.41002
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/hEEB3A37A7FFE8BD8_resources/1031/ Frame 2A81 272 KB
34 KB 164ms
29ms Stylesheet
text/css 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hEEB3A37A7FFE8BD8_resources/1031/WordViewer.css

Requested by

Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

eeb3a37a7ffe8bd8a5dcad1d05a237f6dc35628452655714333675845b776000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "e2a6b42b28cad81:0"
x-officecluster: PSE1
x-officeversion: 16.0.15714.41002
x-officefe: GVX0EPF0000137C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33907
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 16 Sep 2022 23:58:08 GMT
x-officefd: GVX0EPF0000137C
x-msedge-ref: Ref A: BE599C64422E404682453F8E1D3D7F53 Ref B: VIEEDGE4121 Ref C: 2022-09-20T12:00:45Z
x-usersessionid: 90877c1a-434a-44fa-b5a6-9d1631dbc51e
date: Wed, 21 Sep 2022 16:11:06 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 90877c1a-434a-44fa-b5a6-9d1631dbc51e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hBCD659260529EA73_App_Scripts/ Frame 2A81 106 KB
24 KB 216ms
81ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hBCD659260529EA73_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bcd659260529ea730ba14b8ae4455f7e8bd97ca98fc262ca89a21563d33da58c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "f0c8cea322cad81:0"
x-officecluster: PSE1
x-officeversion: 16.0.15714.41002
x-officefe: GVX0EPF00001351
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23700
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 16 Sep 2022 23:18:33 GMT
x-officefd: GVX0EPF00001351
x-msedge-ref: Ref A: 0576D3983EE8431DA4FFBFE32D1CCDD2 Ref B: VIEEDGE4220 Ref C: 2022-09-19T08:33:27Z
x-usersessionid: b9ea8c3f-ac89-4bf5-8f8c-b0fbf76e0706
date: Wed, 21 Sep 2022 16:11:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b9ea8c3f-ac89-4bf5-8f8c-b0fbf76e0706
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hAA1421F6CCD3E6DF_App_Scripts/1031/ Frame 2A81 165 KB
34 KB 222ms
91ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hAA1421F6CCD3E6DF_App_Scripts/1031/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7cfc82753e6a9e1671d6d334a3bfe4b52ced44c7fc7cb8bf9d6daefb1cc1064e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "3b4e57751fc9d81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF00006A75
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33879
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 15 Sep 2022 16:23:15 GMT
x-officefd: AM4PEPF00006A75
x-msedge-ref: Ref A: 384E5FB21C274AD98FBA472ABB69A0B4 Ref B: VIEEDGE3606 Ref C: 2022-09-17T10:37:11Z
x-usersessionid: aa38ac62-90ef-41a2-b57f-3f55c1593b0f
date: Wed, 21 Sep 2022 16:11:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: aa38ac62-90ef-41a2-b57f-3f55c1593b0f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame 2A81 6 KB
2 KB 222ms
92ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "8f193d7cd6c3d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15705.41012
x-officefe: AM4PEPF00012933
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1373
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 08 Sep 2022 22:58:18 GMT
x-officefd: AM4PEPF00012933
x-msedge-ref: Ref A: 5746ADB6DB5C408DA4FAD689C6BAAF12 Ref B: VIEEDGE4314 Ref C: 2022-09-09T13:33:02Z
x-usersessionid: 118b344c-ff7d-4dea-a74c-bd566f4ecbb4
date: Wed, 21 Sep 2022 16:11:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 118b344c-ff7d-4dea-a74c-bd566f4ecbb4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h49E1BA8B08037714_App_Scripts/1031/ Frame 2A81 21 KB
6 KB 37ms
35ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h49E1BA8B08037714_App_Scripts/1031/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

047e25de525e69cbe1a7c1c99b1b58212cbca3723b2febb2100cbd7d5129c271

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "96474cab9fc4d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15706.41024
x-officefe: DB5PEPF0000F2FA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5334
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 09 Sep 2022 22:58:26 GMT
x-officefd: DB5PEPF0000F2FA
x-msedge-ref: Ref A: CA0EBAF3DDA84A8F8BF1D868334EE669 Ref B: VIEEDGE2706 Ref C: 2022-09-14T09:43:27Z
x-usersessionid: 1bc7ed11-66b6-4359-ba3a-0217fe10ac9b
date: Wed, 21 Sep 2022 16:11:06 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 1bc7ed11-66b6-4359-ba3a-0217fe10ac9b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hBE9051BBCE9C712D_App_Scripts/1031/ Frame 2A81 495 KB
76 KB 164ms
30ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hBE9051BBCE9C712D_App_Scripts/1031/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

be9051bbce9c712d4e928f3290a34a9cca052c2e5e75de292a9b2087556fbaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "2abd2ef25cad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF000131ED
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 77126
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 16 Sep 2022 23:42:09 GMT
x-officefd: AM4PEPF000131ED
x-msedge-ref: Ref A: 642D98469CB34C349470B5C91332A56B Ref B: VIEEDGE3922 Ref C: 2022-09-17T10:37:11Z
x-usersessionid: 5f7a08d1-77e6-441f-837d-ebd112c12b96
date: Wed, 21 Sep 2022 16:11:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5f7a08d1-77e6-441f-837d-ebd112c12b96
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h4311DA79178D1FD3_App_Scripts/exp/ Frame 2A81 10 KB
4 KB 196ms
62ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h4311DA79178D1FD3_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4311da79178d1fd3e964db0a5051078d5e5438800d763a5fa8e58cd883b8252a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "c4396bc99c9d81:0"
x-officecluster: US4C
x-officeversion: 16.0.15714.41002
x-officefe: DM3PEPF000132B8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3105
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 16 Sep 2022 06:58:33 GMT
x-officefd: DM3PEPF000132B8
x-msedge-ref: Ref A: 136BE68CDF194680A79A1DF43665D359 Ref B: VIEEDGE3020 Ref C: 2022-09-17T10:37:07Z
x-usersessionid: 87bdabe3-a603-4154-ac4f-6f479199239c
date: Wed, 21 Sep 2022 16:11:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 87bdabe3-a603-4154-ac4f-6f479199239c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h99AC8079066CEDC9_App_Scripts/ Frame 2A81 3 MB
468 KB 39ms
36ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h99AC8079066CEDC9_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

99ac8079066cedc9f3782279f5eeecb39b12cc90fcf7cc4aca40a441dfe22eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "677df82d26cad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF000069E6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 477863
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 16 Sep 2022 23:43:53 GMT
x-officefd: AM4PEPF000069E6
x-msedge-ref: Ref A: 5FE079A749C14C2DBAC88BB21B4D2E1E Ref B: VIEEDGE3708 Ref C: 2022-09-17T10:37:07Z
x-usersessionid: 127ab75d-4acd-4c97-964c-99d638fc97d4
date: Wed, 21 Sep 2022 16:11:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 127ab75d-4acd-4c97-964c-99d638fc97d4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 404 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 1 KB
1 KB 90ms
83ms Image
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf848&v=00000000-0000-0000-0000-000000000802&usid=5b1d37ef-a98a-486c-9d0c-c99bd36f8e32&splashscreen=1&build=16.0.15714.41002&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00010AB8
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF00010AB8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1245
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 1e082d21-29a2-4cc6-9931-a4d46243c3a1
x-officefd: AM4PEPF00010AB8
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
date: Wed, 21 Sep 2022 16:11:06 GMT
x-download-options: noopen
content-type: text/html
cache-control: no-cache
x-msedge-ref: Ref A: FA8A1DD55F9E4B46AD5BDDB0214CC4C5 Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:06Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 0
434 B 40ms
34ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15714.41002&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
X-UserSessionId: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF00006032
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 4c2dd996-b7ee-4e22-a6ef-6fc9ea38b473
x-officecluster: PNL1
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
date: Wed, 21 Sep 2022 16:11:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: A73022070EF0455A9C0D7819E69D5796 Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:06Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 0
430 B 36ms
35ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15714.41002&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
X-UserSessionId: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":208,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/hEEB3A37A7FFE8BD8_resources/1031/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF000131EF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 810b2480-60e6-46a9-8a7a-b292c79c4cc1
x-officecluster: PNL1
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
date: Wed, 21 Sep 2022 16:11:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 25D69D59AB1C40FDA170A9718C49D42D Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:06Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 0
176 B 36ms
35ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15714.41002&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
X-UserSessionId: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":542,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF000131EE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 011a00fd-cad6-4ee3-a4a4-9da147ab2869
x-officecluster: PNL1
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
date: Wed, 21 Sep 2022 16:11:07 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 002B32C0AF7945FBB5F19C91A8E921A4 Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:07Z
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 0
159 B 67ms
63ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteTelemetry.ashx?usid=5b1d37ef-a98a-486c-9d0c-c99bd36f8e32&build=16.0.15714.41002

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h99AC8079066CEDC9_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officeversion: 16.0.15714.41002
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 093dc37e-a259-4976-894c-d515bebd1648
x-officecluster: PNL1
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
date: Wed, 21 Sep 2022 16:11:07 GMT
x-download-options: noopen
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: C10B6F4504454F5C93C64254F0C019DB Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:07Z
timing-allow-origin: *
x-officefe: AM4PEPF00006032

GET
H2 200 sharedheaderplaceholder-icons.woff
c1h-word-view-15.cdn.office.net/wv/s/h0A8049C5627A132D_App_Scripts/fonts/ Frame 2A81 3 KB
3 KB 44ms
37ms Font
font/x-woff 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h0A8049C5627A132D_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0a8049c5627a132d4c0be08579b2a33f7e8fd285a122795cabadabf08ddb6858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "78231610abc4d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15706.41024
x-officefe: DB5PEPF0000F303
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2796
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_powerpointslice_control,afd_onenoteslice,afd_pptcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 10 Sep 2022 00:19:59 GMT
x-officefd: DB5PEPF0000F303
x-msedge-ref: Ref A: FA40CBFB2CE64475B9E8EFD039CFF784 Ref B: VIEEDGE4217 Ref C: 2022-09-10T23:44:51Z
x-usersessionid: e48411cb-cc94-4e7e-b483-c17f3d0cccf6
date: Wed, 21 Sep 2022 16:11:07 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: e48411cb-cc94-4e7e-b483-c17f3d0cccf6
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 1 KB
976 B 57ms
53ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf848&type=png&o15=1&ui=de-DE

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hBCD659260529EA73_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

23fa1e93b4264801b4c072b9558301ae5ffb304a52004f9fe638286ec8861995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012371
X-UserSessionId: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15714.41002
X-Key: yw0awTa18E82wpNdbgv6WODaAWfGbdlMQuRcvM9DmpU=,637993734664867541
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012371
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF00012371
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 533
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: faf9d4f8-f116-4737-928d-834448efbfce, faf9d4f8-f116-4737-928d-834448efbfce
x-officefd: AM4PEPF00010AB8
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32, 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
x-powered-by: ARR/3.0
date: Wed, 21 Sep 2022 16:11:07 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: AE66AD288C2741238BC95E8B13DEAB44 Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:07Z
timing-allow-origin: *, *
expires: Thu, 21 Sep 2023 16:11:07 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/ Frame 2A81 40 KB
7 KB 57ms
35ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h99AC8079066CEDC9_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ce0cb5e1645f246e4ce6f2f47a8b4793d4a72c8a0b7fb811081529010c53c0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ffa6d1769c9d81:0"
x-officecluster: PSE1
x-officeversion: 16.0.15708.41020
x-officefe: GVX0EPF0000138C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 6020
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 16 Sep 2022 01:10:20 GMT
x-officefd: GVX0EPF0000138C
x-msedge-ref: Ref A: 7B09F2F09B9349EFAB8CC28DA1D03303 Ref B: VIEEDGE4018 Ref C: 2022-09-16T01:10:20Z
x-usersessionid: 4b502e3f-8327-49d1-ba21-0c8188b2a7dc
date: Wed, 21 Sep 2022 16:11:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4b502e3f-8327-49d1-ba21-0c8188b2a7dc
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/hEEB3A37A7FFE8BD8_resources/1031/ Frame 2A81 22 KB
23 KB 41ms
38ms Font
font/x-woff 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hEEB3A37A7FFE8BD8_resources/1031/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hEEB3A37A7FFE8BD8_resources/1031/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/hEEB3A37A7FFE8BD8_resources/1031/WordViewer.css
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"3cb2dafa81cad81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF00010AB6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 17 Sep 2022 10:41:01 GMT
x-officefd: AM4PEPF00010AB6
x-msedge-ref: Ref A: 02F10F833CEE4825A12CE11CD6C69C32 Ref B: VIEEDGE3916 Ref C: 2022-09-17T10:41:01Z
x-usersessionid: bbe324e9-6b8f-4623-b650-e80f4f069c25
date: Wed, 21 Sep 2022 16:11:07 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: bbe324e9-6b8f-4623-b650-e80f4f069c25
accept-ranges: bytes
timing-allow-origin: *

GET
BLOB 200
OK fd612c92-7807-4e55-90ff-95fd44dd5a03
https://pnl1-word-view.officeapps.live.com/ Frame 2A81 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pnl1-word-view.officeapps.live.com/fd612c92-7807-4e55-90ff-95fd44dd5a03
Requested by: Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 65 KB
66 KB 77ms
70ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5a08219f4ae4f10af002368bc5e63883149e468e45a7af372d3b242b8eeac0b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF000131EF
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF000131EF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 66655
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf84800000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: db41665c-e88c-4b5b-a526-bd6cd376077b
x-officefd: AM4PEPF000131EF
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
date: Wed, 21 Sep 2022 16:11:07 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 806DC8B1A3E64793A72D22F9E49A88CB Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:07Z
timing-allow-origin: *
expires: Thu, 21 Sep 2023 16:11:07 GMT

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 0
376 B 52ms
46ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15714.41002&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
X-UserSessionId: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":777,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF00012938
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: aa2ea783-5cf4-4352-a670-1e6cc0ae84af
x-officecluster: PNL1
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
date: Wed, 21 Sep 2022 16:11:07 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: A037ABFF0A81432C8E1A49C2E28E74A1 Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:07Z
timing-allow-origin: *

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h99AC8079066CEDC9_App_Scripts/ Frame 2A81 840 KB
138 KB 47ms
46ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h99AC8079066CEDC9_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h99AC8079066CEDC9_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f18d6a6ae73a575ac4d412dba8e6d907de28c31a819e6a57a4fdf7184ab7ecad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "68eceda2b1c9d81:0"
x-officecluster: US3C
x-officeversion: 16.0.15714.41002
x-officefe: DM3PEPF00012E92
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 140336
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 16 Sep 2022 09:49:38 GMT
x-officefd: DM3PEPF00012E92
x-msedge-ref: Ref A: 652B156F5A174DA39A5F5CB91346FD88 Ref B: VIEEDGE3918 Ref C: 2022-09-17T10:37:09Z
x-usersessionid: 70db7b1c-2e28-4d88-bc86-c9bd3abbff74
date: Wed, 21 Sep 2022 16:11:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 70db7b1c-2e28-4d88-bc86-c9bd3abbff74
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161571441002_resources/1031/ Frame 2A81 695 B
1 KB 81ms
45ms Image
image/gif 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161571441002_resources/1031/progress.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "9084d4f24acad81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15714.41002
x-officefe: DB5PEPF0000CE8B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 17 Sep 2022 04:07:05 GMT
x-officefd: DB5PEPF0000CE8B
x-msedge-ref: Ref A: 1D5D166F76F94A74B39DCC2E61165135 Ref B: VIEEDGE3707 Ref C: 2022-09-17T05:43:22Z
x-usersessionid: 02332270-7c84-4070-a824-c6e5b1230c85
date: Wed, 21 Sep 2022 16:11:07 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: 02332270-7c84-4070-a824-c6e5b1230c85
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 65 KB
66 KB 1334ms
1299ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=5b1d37ef-a98a-486c-9d0c-c99bd36f8e32&build=16.0.15714.41002&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf848&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5a08219f4ae4f10af002368bc5e63883149e468e45a7af372d3b242b8eeac0b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00006032
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF00006032
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 66655
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf84800000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: cd75bb37-1a52-4305-a57c-7dff2bb0013d
x-officefd: AM4PEPF00006032
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
date: Wed, 21 Sep 2022 16:11:07 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 1D98A78AE1154B2B8A2895B110CE2E9F Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:07Z
timing-allow-origin: *
expires: Thu, 21 Sep 2023 16:11:07 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 170 KB
171 KB 1156ms
1122ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=5b1d37ef-a98a-486c-9d0c-c99bd36f8e32&build=16.0.15714.41002&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf848&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

66e6752c28a87b079e3ee45d9aa904807c8077ea1d09bab86146ed3f0b390636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF000131EE
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF000131EE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 174309
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf84800000000-0000-0000-0000-000000000802p2.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: ab0e6b81-22ca-4066-930c-6a11075d0109
x-officefd: AM4PEPF000131EE
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
date: Wed, 21 Sep 2022 16:11:07 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 85D96884D16940BCB8EDB8B2BB682473 Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:07Z
timing-allow-origin: *
expires: Thu, 21 Sep 2023 16:11:07 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 168 KB
169 KB 1204ms
1173ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p3.img&v=00000000-0000-0000-0000-000000000802&usid=5b1d37ef-a98a-486c-9d0c-c99bd36f8e32&build=16.0.15714.41002&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf848&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e2d975db2f7f17001afa3f1e967ef53e73fc3be10721b7444d9ed932545a9dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF0001237C
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF0001237C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 172220
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf84800000000-0000-0000-0000-000000000802p3.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: bb40bf4d-bc6b-43c5-88b0-5dce79585e0d
x-officefd: AM4PEPF0001237C
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
date: Wed, 21 Sep 2022 16:11:07 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 4CA09244690648B49F25BA5CE6FC2A2D Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:07Z
timing-allow-origin: *
expires: Thu, 21 Sep 2023 16:11:07 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 186 KB
187 KB 1241ms
1210ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p4.img&v=00000000-0000-0000-0000-000000000802&usid=5b1d37ef-a98a-486c-9d0c-c99bd36f8e32&build=16.0.15714.41002&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf848&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4aa7681a9b8912e179565cd1d65e318d6bb4c645cde8d61ba5860230ba0e5a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00006033
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF00006033
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 190509
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf84800000000-0000-0000-0000-000000000802p4.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7212b5c7-ab90-4614-ab06-8c7de520f1d9
x-officefd: AM4PEPF00006033
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
date: Wed, 21 Sep 2022 16:11:07 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 0A49E22C356C4DFDB378C90E735C904D Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:07Z
timing-allow-origin: *
expires: Thu, 21 Sep 2023 16:11:07 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 167 KB
167 KB 480ms
451ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p5.img&v=00000000-0000-0000-0000-000000000802&usid=5b1d37ef-a98a-486c-9d0c-c99bd36f8e32&build=16.0.15714.41002&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf848&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1fd40fd37c87c24e082e5b7408f329830876c6410eb7f7313c5e5444186eec38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00010AB8
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF00010AB8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 170794
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf84800000000-0000-0000-0000-000000000802p5.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 0fea6e3e-06e8-4302-8637-b7e8484a6d81
x-officefd: AM4PEPF00010AB8
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
date: Wed, 21 Sep 2022 16:11:07 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 874FF4E61F66434FBDB08EB3EB1D687E Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:07Z
timing-allow-origin: *
expires: Thu, 21 Sep 2023 16:11:07 GMT

GET
H2 200 ResReader.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 2 KB
1 KB 77ms
49ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=5b1d37ef-a98a-486c-9d0c-c99bd36f8e32&build=16.0.15714.41002&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf848&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hBCD659260529EA73_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1ca39373c4a0dd7fe3da571c4e34ca44283b9603fb9d50e2e99b8ccdc953fb10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012371
X-UserSessionId: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15714.41002
X-Key: yw0awTa18E82wpNdbgv6WODaAWfGbdlMQuRcvM9DmpU=,637993734664867541
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012371
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF00012371
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 541
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf84800000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: a17b963c-fe1a-4f05-8422-ba168df1e314
x-officefd: AM4PEPF00012371
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
date: Wed, 21 Sep 2022 16:11:07 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 3D747247DD2349C5BD4A128508227FED Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:07Z
timing-allow-origin: *
expires: Thu, 21 Sep 2023 16:11:07 GMT

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/1031/ Frame 2A81 495 KB
76 KB 51ms
20ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/1031/word-app-intl.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4311DA79178D1FD3_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

be9051bbce9c712d4e928f3290a34a9cca052c2e5e75de292a9b2087556fbaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"c2835e946dc9d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15706.41024
x-officefe: AM4PEPF00012371
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 77126
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 16 Sep 2022 01:42:28 GMT
x-officefd: AM4PEPF00012371
x-msedge-ref: Ref A: 2D0E772772DD4022B4D7221C5182A5F5 Ref B: VIEEDGE2821 Ref C: 2022-09-16T01:42:28Z
x-usersessionid: 73683a6e-912b-4ada-a2b8-60df62725b69
date: Wed, 21 Sep 2022 16:11:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 73683a6e-912b-4ada-a2b8-60df62725b69
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/exp/ Frame 2A81 2 MB
296 KB 60ms
30ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/exp/common.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4311DA79178D1FD3_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

75bc4cc81acdad502946f0fa6fdc0e336c66cfa8357771e7407af6cf54136376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "8c816df219c9d81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF00006A73
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 302037
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordslice,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 15 Sep 2022 15:43:48 GMT
x-officefd: AM4PEPF00006A73
x-msedge-ref: Ref A: 71B1E4068A3245EC9ACAEF56777B5288 Ref B: VIEEDGE4417 Ref C: 2022-09-16T01:10:21Z
x-usersessionid: e50907fa-49b0-4955-8e97-74329f8548ef
date: Wed, 21 Sep 2022 16:11:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e50907fa-49b0-4955-8e97-74329f8548ef
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChrome.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/exp/ Frame 2A81 275 KB
61 KB 125ms
95ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/exp/appChrome.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4311DA79178D1FD3_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b89ed96b7345f60452dc61d9a4333d8b42d8ae7172d9d61503ebdc5f791a80e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "02df97614c9d81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF0000F27C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 61445
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 15 Sep 2022 15:04:34 GMT
x-officefd: AM4PEPF0000F27C
x-msedge-ref: Ref A: BC7411F980DA4141B067DE4FF0840611 Ref B: VIEEDGE3917 Ref C: 2022-09-16T01:15:25Z
x-usersessionid: 71444efd-19bc-4fa4-a490-54a368ee9838
date: Wed, 21 Sep 2022 16:11:07 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 71444efd-19bc-4fa4-a490-54a368ee9838
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161571441002_resources/1031/ Frame 2A81 34 KB
35 KB 49ms
39ms Image
image/png 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161571441002_resources/1031/wv.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"a5229b946dc9d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15706.41024
x-officefe: AM4PEPF000069FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 16 Sep 2022 01:42:28 GMT
x-officefd: AM4PEPF000069FB
x-msedge-ref: Ref A: D448837A5DE74373B91537B489B6D6F0 Ref B: VIEEDGE4113 Ref C: 2022-09-16T01:42:28Z
x-usersessionid: 8e0bad86-6362-4c2a-9d81-76819e83e087
date: Wed, 21 Sep 2022 16:11:07 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 8e0bad86-6362-4c2a-9d81-76819e83e087
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress16.gif
c1h-word-view-15.cdn.office.net/wv/s/161571441002_resources/1031/ Frame 2A81 668 B
1 KB 50ms
40ms Image
image/gif 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161571441002_resources/1031/progress16.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"8c8deff7cc9d81:0"
x-officecluster: US4C
x-officeversion: 16.0.15708.41020
x-officefe: DM3PEPF000132CA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 668
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 16 Sep 2022 03:32:51 GMT
x-officefd: DM3PEPF000132CA
x-msedge-ref: Ref A: 523EEDAAA6664DDFB516C8A25214DB83 Ref B: VIEEDGE4106 Ref C: 2022-09-16T03:32:50Z
x-usersessionid: e7fc23e0-f7f9-4eb3-a274-27e159de001c
date: Wed, 21 Sep 2022 16:11:07 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: e7fc23e0-f7f9-4eb3-a274-27e159de001c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common50.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/exp/ Frame 2A81 15 MB
2 MB 55ms
42ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/exp/common50.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4311DA79178D1FD3_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4984b894514cee457e3e97fcd9338b50381d618549bbed417dd0f9da1a6036ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "9f908f7d24c9d81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF0001226F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1994986
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 15 Sep 2022 16:59:16 GMT
x-officefd: AM4PEPF0001226F
x-msedge-ref: Ref A: C944A08CA65B45B2893810873726A46D Ref B: VIEEDGE4212 Ref C: 2022-09-16T01:10:22Z
x-usersessionid: b39533b1-279a-4eed-8c98-32159ca9e4a2
date: Wed, 21 Sep 2022 16:11:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b39533b1-279a-4eed-8c98-32159ca9e4a2
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChromeLazy.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/exp/ Frame 2A81 581 KB
121 KB 130ms
117ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/exp/appChromeLazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4311DA79178D1FD3_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f275a74d7cebcf52e9a1505b4130ded7fdb68b6063257e467f68008b02c12e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7cb0561869c9d81:0"
x-officecluster: PSE1
x-officeversion: 16.0.15706.41024
x-officefe: GVX0EPF0000162B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 123307
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 16 Sep 2022 01:10:22 GMT
x-officefd: GVX0EPF0000162B
x-msedge-ref: Ref A: 03A8E6CABE124721A4F3A5AB46266C3D Ref B: VIEEDGE3716 Ref C: 2022-09-16T01:10:22Z
x-usersessionid: 10fcae89-4a40-444c-ac26-d782c6065be7
date: Wed, 21 Sep 2022 16:11:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 10fcae89-4a40-444c-ac26-d782c6065be7
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl-lazy.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/1031/ Frame 2A81 735 KB
83 KB 126ms
118ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/1031/word-app-intl-lazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h99AC8079066CEDC9_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7349922d31ed921b99e2ff14f848baf6456fcfc998f3829e2230cd9edc9c7691

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"342b5bee72c9d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15708.41020
x-officefe: DB5PEPF0000F2FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 83852
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 16 Sep 2022 02:20:46 GMT
x-officefd: DB5PEPF0000F2FC
x-msedge-ref: Ref A: 5241DBF3AD914550B7E9E95F5B3401FD Ref B: VIEEDGE4415 Ref C: 2022-09-16T02:20:46Z
x-usersessionid: 098012ab-0a18-4e06-b34f-17db86d4f091
date: Wed, 21 Sep 2022 16:11:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 098012ab-0a18-4e06-b34f-17db86d4f091
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uiSlice20.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/exp/ Frame 2A81 1 MB
214 KB 126ms
119ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/exp/uiSlice20.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h4311DA79178D1FD3_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

20a4621bc122315dccf52e99c53dcc8451b317d0e0db7d8a1cf051cac9e54e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "ccb1ce99c9d81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF0000F27D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 217497
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 15 Sep 2022 13:49:01 GMT
x-officefd: AM4PEPF0000F27D
x-msedge-ref: Ref A: 29B00E27DCBD481EBA354AEA8445350C Ref B: VIEEDGE1915 Ref C: 2022-09-16T01:10:22Z
x-usersessionid: 8271eb63-d81a-4cc8-b62c-ce9578e761ae
date: Wed, 21 Sep 2022 16:11:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8271eb63-d81a-4cc8-b62c-ce9578e761ae
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 2A81 42 KB
16 KB 476ms
65ms Script
application/javascript 92.123.11.106

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h99AC8079066CEDC9_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 92.123.11.106 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 21 Sep 2022 16:11:08 GMT
X-MSNServer: RD0003FF241B64
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=16895, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H2 200 translation.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 2 KB
2 KB 524ms
501ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf848&uilang=de-DE

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hBCD659260529EA73_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

eb37bb6de598a600e2f4a86ad5c47ad6a0580e8f43bfaded9e6684a1535016bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012371
X-UserSessionId: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15714.41002
X-Key: yw0awTa18E82wpNdbgv6WODaAWfGbdlMQuRcvM9DmpU=,637993734664867541
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012371
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF00012371
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1439
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 3a208cc4-092a-4ec7-9b3f-0cd27db68848, 3a208cc4-092a-4ec7-9b3f-0cd27db68848
x-officefd: AM4PEPF00012938
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32, 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
x-powered-by: ARR/3.0
date: Wed, 21 Sep 2022 16:11:08 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: ACBD701F6489483F9015A010CAD65FA9 Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:08Z
timing-allow-origin: *, *
expires: -1

GET
H2 200 segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 2A81 31 KB
32 KB 338ms
82ms Font
application/font-woff2 96.16.158.214

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.158.214 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 21 Sep 2022 16:11:09 GMT
last-modified: Thu, 26 Oct 2017 19:02:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ZtEeVbekE932qE6Fhpfntg==
etag: 0x8D51CA4122953A7
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 8ac97894-201e-0064-4c79-4377b5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29077140
x-ms-version: 2009-09-19
content-length: 31824

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 0
529 B 94ms
94ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15714.41002&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
X-UserSessionId: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":2219,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF00012371
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 1b3d0149-fcab-4aad-9e6a-69e5d20191af
x-officecluster: PNL1
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
date: Wed, 21 Sep 2022 16:11:08 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: BA2776FC189E4E178ACA35AEE436E2B8 Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:08Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame 2A81 0
464 B 94ms
93ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15714.41002&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hBCD659260529EA73_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: AM4PEPF00012371
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15714.41002
X-Key: yw0awTa18E82wpNdbgv6WODaAWfGbdlMQuRcvM9DmpU=,637993734664867541
X-bULS-SuppressionETag: 94733102D208DD51B4DF33A0D491DBE21C2C1168
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 1
X-UserSessionId: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token_ttl=0&hid=cbf27e35-5764-4060-93d7-58eb807e70a3
X-UserType: WOPI
X-AccessTokenTtl: 0
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officeversion: 16.0.15714.41002
x-officefe: AM4PEPF00011BC1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 94733102D208DD51B4DF33A0D491DBE21C2C1168
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: b74dab93-b7e5-41a3-9bba-bb706c935ad6
x-officecluster: PNL1
x-usersessionid: 5b1d37ef-a98a-486c-9d0c-c99bd36f8e32
date: Wed, 21 Sep 2022 16:11:08 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: BD8DD34DB56A4931A6416D16DD3800BD Ref B: AMS04EDGE2605 Ref C: 2022-09-21T16:11:08Z
timing-allow-origin: *

GET
H2 200 de-de
res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/ Frame 2A81 25 KB
25 KB 249ms
42ms XHR
application/json 2a02:26f0:10e:296::1e0f

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/de-de

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:296::1e0f -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=2592000, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-o365suiteuxshell-correlationid: 6932c4fe-3a6f-42c2-a829-37523b630582
date: Wed, 21 Sep 2022 16:11:10 GMT
x-cdn-provider: Akamai
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=300
timing-allow-origin: *
content-length: 25305

GET
H2 200 otelFull.min.js
c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/ Frame 2A81 99 KB
33 KB 54ms
53ms Script
application/javascript 2a02:26f0:10e:294::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/otelFull.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h99AC8079066CEDC9_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e:294::1c24 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"08b44cd69c9d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15708.41020
x-officefe: DB5PEPF0000E7FA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 32740
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 16 Sep 2022 01:15:26 GMT
x-officefd: DB5PEPF0000E7FA
x-msedge-ref: Ref A: 7C221EE2AF974498B7B539D5116B7B4D Ref B: VIEEDGE4305 Ref C: 2022-09-16T01:15:26Z
x-usersessionid: 3b749453-3741-417a-9b5a-dbbd944c62f4
date: Wed, 21 Sep 2022 16:11:10 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 3b749453-3741-417a-9b5a-dbbd944c62f4
accept-ranges: bytes
timing-allow-origin: *

GET ping
browser.events.data.microsoft.com/ Frame 2A81 0
0

GET shellstrings.json
c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/suiteux-shell/strings/de/ Frame 2A81 0
0

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 2A81 35 KB
36 KB 55ms
54ms Font
application/font-woff2 96.16.158.214

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.158.214 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 21 Sep 2022 16:11:10 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 6314dbd6-e01e-0044-7879-430c12000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=28988892
x-ms-version: 2009-09-19
content-length: 36344
unused62: 8096267

GET suiteux.shell.core.js
c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/suiteux-shell/js/ Frame 2A81 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: browser.events.data.microsoft.com
URL: https://browser.events.data.microsoft.com/ping

Domain: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/suiteux-shell/strings/de/shellstrings.json

Domain: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161571441002_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
malungon.net/cms/	1969-12-31 23:59:59	Name: CONCRETE5 Value: qq2b9k8mi77mkqc7shkn5f76k3
.view.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: f29db90a0f916dd407efdef0b149519197ab2fa4d47d5c43cfe11c2b7b2864d3
pnl1-word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://malungon.net/cms/files/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fmalungon%252Enet%253A80%252Fcms%252Ffiles%252F4815%252F2766%252F5682%252FCNA%252DHRIS%252Edocx&access_token=1&access_token_ttl=0&z=522e014a62098b5d470782df5178dfe3b0983660758565332fabc9df2a0cf848&v=00000000-0000-0000-0000-000000000802&usid=5b1d37ef-a98a-486c-9d0c-c99bd36f8e32&splashscreen=1&build=16.0.15714.41002&waccluster=PNL1 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c1h-word-view-15.cdn.office.net
cdn.popcash.net
dcba.popcash.net
js.live.net
malungon.net
pnl1-word-view.officeapps.live.com
res-1.cdn.office.net
static2.sharepointonline.com
view.officeapps.live.com
browser.events.data.microsoft.com
c1h-word-view-15.cdn.office.net
151.139.128.11
192.185.12.229
2600:1f18:510:801:8e14:7e74:339e:aa65
2620:1ec:a92::171
2a02:26f0:10e:294::1c24
2a02:26f0:10e:296::1e0f
92.123.11.106
96.16.158.214
047e25de525e69cbe1a7c1c99b1b58212cbca3723b2febb2100cbd7d5129c271
09b1fb5c470c20e8b2799dea336743b5c81dcfd099321cdb548661b8bc1c34c4
0a8049c5627a132d4c0be08579b2a33f7e8fd285a122795cabadabf08ddb6858
1131089e10406d2454d67534ce9978be17b7aa528881e0c057e3104d216a64f7
11f13fad11bcfc10e999a3d7191c8cef732b19dc81c04120fd7163d09c6cf559
182ecf364134dd0cc4d7359c4bf69a632f0e9ab34ee8c9dde2c7978d96d70c3c
18304fde4ae985220c8fd65fbd98c8e4dbba93796a5bb301f57eb846ca65c401
193b6332fd76aaeb75a95b21f344a62f0ee160cf9c0b10ee50ff25a2674cd8a7
1ae67c6aba6b2f2f0514e5e79e243eb9aee49d4f90f92442e1cc09c50532c974
1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29
1ca39373c4a0dd7fe3da571c4e34ca44283b9603fb9d50e2e99b8ccdc953fb10
1fd40fd37c87c24e082e5b7408f329830876c6410eb7f7313c5e5444186eec38
20a4621bc122315dccf52e99c53dcc8451b317d0e0db7d8a1cf051cac9e54e1c
20b7a81a01d63e730ff6cd872db41d26c022b0c28dd8b06abd2996476b31532b
23fa1e93b4264801b4c072b9558301ae5ffb304a52004f9fe638286ec8861995
24fcaf1078d29cd9b13c382886e83db07181dfa26357701ff7bee777b69b90d1
267864aa51ae052f4fb3155f46dcab63954f7cb46568c3a392907ad5f25d5613
269072a55c380b93fb4352295d768134e83930f66f5f9bad218c2922522fe1bc
2d1572a3b6604a1f80477a72336d05e3a13418f7f80033dc5862988792a764d5
2d7894b500a31770fa58be3ae5f3c4615b377faaa60a388151e75716c7608836
37680d1350f89e2205cd7c84d747e6b13bc1b6affd3e06c4d0251ac5bf5d009f
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7
3bf27ba7a69864ba2df83916402c574cd11efa2b20e7ab35e2d9c440d7022544
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
405c24dbcf98ae5457f3e06252b9abfe85a3489c6096ea68f0aeec0286a7ef1f
40d2db476c017ea16f7f81927c76ba5fdecade902c4be8c37f2848db20649c40
4311da79178d1fd3e964db0a5051078d5e5438800d763a5fa8e58cd883b8252a
472768ae2bcbfbf5ffdd2cefdea75c83da7859c3b18fb09a0f493df4c4be959a
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
48cd96b3d56a1072fffa8dd5f15ae70c89665eb3ebe6850bf6f9e6ef1bcf5d73
4984b894514cee457e3e97fcd9338b50381d618549bbed417dd0f9da1a6036ba
4aa7681a9b8912e179565cd1d65e318d6bb4c645cde8d61ba5860230ba0e5a63
4c1c89ed7b58af301e5d70e1c5bdb4548fac82d5f1ea98aa39c6dccc05ee938c
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
4d84f25fac4c85d6ff4d01fba2036e27f5befc78debe34a98e26150a2b9e8d73
508b4422f70cda74254233b81e996ed726185ba4d378efd66fe865f71639fe4f
54b153ec51a4e29101e30da330cf264856ef56d56aeb217e94b77d2ab14d5f3b
576bb40ffb33576f002c96215c564b687f6bc2410b97e51f42568e27f434bd34
5a08219f4ae4f10af002368bc5e63883149e468e45a7af372d3b242b8eeac0b7
5e2d975db2f7f17001afa3f1e967ef53e73fc3be10721b7444d9ed932545a9dd
66e6752c28a87b079e3ee45d9aa904807c8077ea1d09bab86146ed3f0b390636
7349922d31ed921b99e2ff14f848baf6456fcfc998f3829e2230cd9edc9c7691
75bc4cc81acdad502946f0fa6fdc0e336c66cfa8357771e7407af6cf54136376
7630265b59b26859440a55c54630287707d51191a01a5a000844132621739aa3
7af43dab77ed10a5ff38262f170db1d092d3e21325b5e049faed65218cee28da
7cd7ea07da8e9227e5049d4ceeef717aa8e1fd0870c76f453ea44dee8197af55
7cfc82753e6a9e1671d6d334a3bfe4b52ced44c7fc7cb8bf9d6daefb1cc1064e
7f0d70dd05dd9010ee81ed59fdd6e258209885eed0ee0d271903124b6e525e9c
8895edbc5fa9ac41a3555468c63210ea3241a4d74b83a65603b9a8e55036e18d
94fcedcc62ad714ea403dab8d662b9375be493a1c55a328357ff929c595cb1f7
99ac8079066cedc9f3782279f5eeecb39b12cc90fcf7cc4aca40a441dfe22eff
9db58988934b95ac8ac56482813e3ed7ca9420511729c9666bb70f98238bf8bf
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
acedda39e436c03a71fab62c60e788152eaab6237b1ba37f69efd9b59ba40850
b070eefc770844b27a11818f725d67db633ca10c8a6c0623b6f017086d58ee71
b89ed96b7345f60452dc61d9a4333d8b42d8ae7172d9d61503ebdc5f791a80e6
bc7a526c7f3c3c4acace8a3287302c37e1f530bdd8cdcd3535d99b64b0fe27e3
bcd659260529ea730ba14b8ae4455f7e8bd97ca98fc262ca89a21563d33da58c
be9051bbce9c712d4e928f3290a34a9cca052c2e5e75de292a9b2087556fbaed
c4b66ffa5bd6bcf504789dcb616e13c008d926c9277c8208917fbbe16b94319d
c773021bf89c5cf91570d4c9bbea6f3ab090b4a947f0758821687bff434772b5
c845f7c549fcd3bd2ed4e85fba688ae0813196f52914eb86eb452c2db32d60f4
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
ce0cb5e1645f246e4ce6f2f47a8b4793d4a72c8a0b7fb811081529010c53c0d2
ce3900f98c0eea05ce9f7472b480df522699e54799a3933777d70f845a720d15
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
de245711cb6a96a0c7283da66045a736c7e0bc6c1372532cfb6888e73d420973
de70e79d07dd41644b2d2f64bef2e8a38e2976336d221112774d60f880df6cd4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb37bb6de598a600e2f4a86ad5c47ad6a0580e8f43bfaded9e6684a1535016bd
eeb3a37a7ffe8bd8a5dcad1d05a237f6dc35628452655714333675845b776000
f0bd9d69cd373a6c3c90f727fad3dd898b03995f029a504bcd07669be5249fd2
f11f8453622a1079273522d89de30b7909b2252ac6269bfcdd18d5c5542653e3
f18d6a6ae73a575ac4d412dba8e6d907de28c31a819e6a57a4fdf7184ab7ecad
f275a74d7cebcf52e9a1505b4130ded7fdb68b6063257e467f68008b02c12e6b
f943e3f1d4f1c6340535d49e638cad2b18b60a6f70910acfe6178c0e85ea34a3
fdebb8b4a70927c275a6628666cc52f5783812cba5a016a4c104d55bee3b4ede

malungon.net Open in urlscan Pro 192.185.12.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

96 %HTTPS

50 %IPv6

7 Domains

10 Subdomains

9 IPs

2 Countries

7557 kBTransfer

29537 kBSize

3 Cookies

10 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

malungon.net Open in urlscan Pro
192.185.12.229 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

96 %
HTTPS

50 %
IPv6

7
Domains

10
Subdomains

9
IPs

2
Countries

7557 kB
Transfer

29537 kB
Size

3
Cookies

94 HTTP transactions
1 data transactions