vk.com Open in urlscan Pro
93.186.225.208 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clck.ru/WbdMs
Effective URL:
https://vk.com/doc365425136_612065974
Submission: On August 03 via manual (August 3rd 2021, 4:30:39 pm UTC) from RU

Summary HTTP 68 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 6 countries across 12 domains to perform 68 HTTP transactions. The main IP is 93.186.225.208, located in Russian Federation and belongs to VKONTAKTE-SPB-AS vk.com, RU. The main domain is vk.com.
TLS certificate: Issued by GlobalSign Organization Validation CA... on June 9th 2020. Valid for: 2 years.

This is the only time vk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:6b8::221 2a02:6b8::221	13238 (YANDEX) (YANDEX)
1 1	2a02:6b8::232 2a02:6b8::232	13238 (YANDEX) (YANDEX)
11	93.186.225.208 93.186.225.208	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	95.213.31.169 95.213.31.169	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1	217.69.139.102 217.69.139.102	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
4	185.5.137.180 185.5.137.180	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
14	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
28	2a02:26f0:e8:... 2a02:26f0:e8:484::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.17.180.171 2.17.180.171	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:1ec:27::... 2620:1ec:27::cafe:1368	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	40.90.142.224 40.90.142.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.190.160.69 20.190.160.69	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.114.76.34 52.114.76.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.114.75.149 52.114.75.149	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
68	13

1 2a02:6b8::221 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

clck.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::232 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

sba.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 93.186.225.208 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st.vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.213.31.169 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv169-31-213-95.vk.com

ms.vkuserdocs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.69.139.102 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: img.imgsmail.ru

img1.imgsmail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.5.137.180 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: is-radar38.common.radar.imgsmail.ru

xray.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a02:26f0:e8:484::4b36 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)

c1-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.17.180.171 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-180-171.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1368 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

amcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.90.142.224 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: i-am3p-cor003.api.p001.1drv.com

storage.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.160.69 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.114.76.34 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.114.75.149 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	office.net c1-word-view-15.cdn.office.net	2 MB
16	live.com 1 redirects word-view.officeapps.live.com storage.live.com login.live.com	182 KB
11	vk.com vk.com st.vk.com	769 KB
4	mail.ru xray.mail.ru	1 KB
3	microsoft.com browser.events.data.microsoft.com browser.pipe.aria.microsoft.com	1 KB
2	sharepointonline.com static2.sharepointonline.com	68 KB
2	tns-counter.ru 1 redirects www.tns-counter.ru	710 B
1	msftauth.net amcdn.msftauth.net	9 KB
1	imgsmail.ru img1.imgsmail.ru	284 B
1	vkuserdocs.net ms.vkuserdocs.net	45 KB
1	yandex.net 1 redirects sba.yandex.net	295 B
1	clck.ru 1 redirects clck.ru	365 B
68	12

	Domain	Requested by
28	c1-word-view-15.cdn.office.net	word-view.officeapps.live.com c1-word-view-15.cdn.office.net
14	word-view.officeapps.live.com	ms.vkuserdocs.net word-view.officeapps.live.com c1-word-view-15.cdn.office.net
6	vk.com	vk.com
5	st.vk.com	vk.com
4	xray.mail.ru	ms.vkuserdocs.net
2	browser.events.data.microsoft.com	c1-word-view-15.cdn.office.net
2	static2.sharepointonline.com	word-view.officeapps.live.com
2	www.tns-counter.ru	1 redirects vk.com
1	browser.pipe.aria.microsoft.com	c1-word-view-15.cdn.office.net
1	login.live.com
1	storage.live.com	1 redirects
1	amcdn.msftauth.net	c1-word-view-15.cdn.office.net
1	img1.imgsmail.ru	ms.vkuserdocs.net
1	ms.vkuserdocs.net	vk.com
1	sba.yandex.net	1 redirects
1	clck.ru	1 redirects
68	16

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com

Subject Issuer	Validity	Valid
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
vkuserdocs.net R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2020-11-10` - `2021-12-12`	a year	crt.sh
*.imgsmail.ru GeoTrust RSA CA 2018	`2021-07-12` - `2022-08-12`	a year	crt.sh
*.mail.ru GeoTrust RSA CA 2018	`2020-02-19` - `2022-03-26`	2 years	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2021-01-26` - `2022-01-26`	a year	crt.sh
*.sharepointonline.com Microsoft RSA TLS CA 01	`2021-07-08` - `2022-07-08`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 06	`2021-06-05` - `2022-05-31`	a year	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2021-07-28` - `2022-07-28`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2020-09-14` - `2021-09-09`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://vk.com/doc365425136_612065974
Frame ID: AA3DAAF2E1F2A91BD8EDD60C91C67ED2
Requests: 14 HTTP requests in this frame

Frame: https://ms.vkuserdocs.net/vk_gettoken?file_name=%D0%9B%D0%B8%D1%81%D1%82%D0%BE%D0%B2%D0%BA%D0%B0-%D0%B0%D0%BA%D1%86%D0%B8%D0%B8-%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D1%8F-%D0%B2%D0%B5%D1%82%D0%B5%D1%80%D0%B0%D0%BD%D0%B0%D0%BC..docx&file_url=https%3A%2F%2Fvk.com%2Fdocs%3Fact%3Ddoc_preview_link%26user_id%3D0%26time%3D1628008219%26oid%3D365425136%26did%3D612065974%26hash%3D440ed79bec3b98c9e8&sig_client=vk_view&sig_timestamp=1628008219&ttl=3600&user_id=0&signature=918aa754af6d14d7b12a3e08b584fd79
Frame ID: 7BDDA76D8712B565432E5FB4538AD52A
Requests: 6 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
Frame ID: 4437B96AB575DD708D1624A39671F06E
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://clck.ru/WbdMs HTTP 302
https://sba.yandex.net/redirect?url=https%3A%2F%2Fvk.com%2Fdoc365425136_612065974&client=clck&sign=... HTTP 302
https://vk.com/doc365425136_612065974 Page URL

Page Statistics

68
Requests

99 %
HTTPS

40 %
IPv6

12
Domains

16
Subdomains

13
IPs

6
Countries

3455 kB
Transfer

13167 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/ru-ru/store/d/product/CFQ7TTC0K5DM/007R?WT.mc_id=VK_Office_Online_Integration
Title: Office 365 products

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clck.ru/WbdMs HTTP 302
https://sba.yandex.net/redirect?url=https%3A%2F%2Fvk.com%2Fdoc365425136_612065974&client=clck&sign=9aad0db6f895b647973bc4416f954077 HTTP 302
https://vk.com/doc365425136_612065974 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://www.tns-counter.ru/V13a**clid:undefined**vk_com/ru/UTF-8/tmsec=vksite_total/246439184 HTTP 302
https://www.tns-counter.ru/V13b**clid:undefined**vk_com/ru/UTF-8/tmsec=vksite_total/246439184

Request Chain 63

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1628008222169 HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1628008222&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

68 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request doc365425136_612065974 Show response
vk.com/
Redirect Chain

https://clck.ru/WbdMs
https://sba.yandex.net/redirect?url=https%3A%2F%2Fvk.com%2Fdoc365425136_612065974&client=clck&sign=9aad0db6f895b647973bc4416f954077
https://vk.com/doc365425136_612065974

26 KB
10 KB

535ms
87ms

Document
text/html

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/doc365425136_612065974

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.108075

Resource Hash

2290d86ccea6989a60b9dec9a51e4d9776ec61ccb79e4b27a5ff9d1eb028fb14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: vk.com
:scheme: https
:path: /doc365425136_612065974
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: kittenx
date: Tue, 03 Aug 2021 16:30:19 GMT
content-type: text/html; charset=windows-1251
content-length: 9250
x-powered-by: KPHP/7.4.108075
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly; SameSite=None remixlang=3; expires=Fri, 29 Jul 2022 03:42:44 GMT; path=/; domain=.vk.com; secure; SameSite=None remixstid=190216577_1zCupRZxvWHEboRvu3Xbfx124KLnZLhFZ4iti3hVpRz; expires=Sun, 07 Aug 2022 03:55:38 GMT; path=/; domain=.vk.com; secure; SameSite=None
cache-control: no-store
x-robots-tag: noindex,nofollow
content-encoding: gzip
x-frontend: front512004
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend

Redirect headers

Content-Length: 281
Content-Type: text/html; charset=utf-8
Date: Tue, 03 Aug 2021 16:30:19 GMT
Location: https://vk.com/doc365425136_612065974
Strict-Transport-Security: max-age=3600; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 loader_nav21567764488_3.js Show response
vk.com/js/ 140 KB
36 KB 144ms
143ms Script
text/javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/js/loader_nav21567764488_3.js

Requested by

Host: vk.com
URL: https://vk.com/doc365425136_612065974

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.108075

Resource Hash

de8cf3c100e4dce0dbf02bb23b20abbf9f5fce9a3ead13d805fbaff296715dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:path: /js/loader_nav21567764488_3.js
pragma: no-cache
cookie: remixlang=3; remixstid=190216577_1zCupRZxvWHEboRvu3Xbfx124KLnZLhFZ4iti3hVpRz
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: vk.com
referer: https://vk.com/doc365425136_612065974
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vk.com/doc365425136_612065974
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:30:19 GMT
content-encoding: gzip
x-frontend: front512004
server: kittenx
x-powered-by: KPHP/7.4.108075
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly; SameSite=None
content-length: 36727

GET
H2 200 lite.js Show response
st.vk.com/js/al/ 266 KB
61 KB 143ms
141ms Script
application/x-javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/js/al/lite.js?101

Requested by

Host: vk.com
URL: https://vk.com/doc365425136_612065974

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx /

Resource Hash

a93426ee67ff3671a86acc9002fae39dd362f5e7b4e2cd252095c28f2dda5071

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:30:19 GMT
content-encoding: br
x-frontend: front512004
last-modified: Tue, 13 Jul 2021 12:12:37 GMT
server: kittenx
etag: "60ed8335-f3e2"
strict-transport-security: max-age=15768000
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 62434
expires: Sat, 07 Aug 2021 16:30:19 GMT

GET
H2 200 evbus.db620810d528de983a46.js Show response
st.vk.com/dist/bundles/ 7 KB
3 KB 143ms
141ms Script
application/x-javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/bundles/evbus.db620810d528de983a46.js?ee27312926fddca49e6a

Requested by

Host: vk.com
URL: https://vk.com/doc365425136_612065974

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx /

Resource Hash

4b56d1ba7a967b54cf08dc83fae2346a245e8202532138a86ccd716b61e38b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:30:19 GMT
content-encoding: br
x-frontend: front512004
last-modified: Tue, 15 Jun 2021 22:50:53 GMT
server: kittenx
etag: "60c92ecd-9a4"
strict-transport-security: max-age=15768000
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 2468
expires: Sat, 07 Aug 2021 16:30:19 GMT

GET
H2 200 common.ee289df424b5a9cb69d9.js Show response
st.vk.com/dist/bundles/ 831 KB
213 KB 67ms
66ms Script
application/x-javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/bundles/common.ee289df424b5a9cb69d9.js?4558ca699a794bdeb402

Requested by

Host: vk.com
URL: https://vk.com/doc365425136_612065974

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx /

Resource Hash

47020f316f6c4927dcbf647f6e5430284ac3b15965cee4544a15ef935692973d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:30:19 GMT
content-encoding: br
x-frontend: front512004
last-modified: Tue, 03 Aug 2021 13:20:31 GMT
server: kittenx
etag: "6109429f-35359"
strict-transport-security: max-age=15768000
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 217945
expires: Sat, 07 Aug 2021 16:30:19 GMT

GET
H2 200 8c7cb80fc750b3d5a6ad025449fb24a3.15927f43a2f4b5ef3866.js Show response
st.vk.com/dist/bundles/ 17 KB
4 KB 142ms
141ms Script
application/x-javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/bundles/8c7cb80fc750b3d5a6ad025449fb24a3.15927f43a2f4b5ef3866.js?545294ecc1ad391da548

Requested by

Host: vk.com
URL: https://vk.com/doc365425136_612065974

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx /

Resource Hash

ad0bdf47f254afa53079e6ed91da8cc2ab41885258aa002f2b2cbf80e7dbb4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:30:19 GMT
content-encoding: br
x-frontend: front512004
last-modified: Wed, 21 Jul 2021 12:49:14 GMT
server: kittenx
etag: "60f817ca-1016"
strict-transport-security: max-age=15768000
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 4118
expires: Sat, 07 Aug 2021 16:30:19 GMT

GET
H2 200 docs.c9ccae4077056d7703d9.js Show response
st.vk.com/dist/web/ 38 KB
10 KB 142ms
141ms Script
application/x-javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://st.vk.com/dist/web/docs.c9ccae4077056d7703d9.js?845507749037641790c8ffe4e6aa7b88

Requested by

Host: vk.com
URL: https://vk.com/doc365425136_612065974

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx /

Resource Hash

116ba1b8722c8b2c8a4c44e9b70eea28574cca08435b0b800209d91c676183eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:30:19 GMT
content-encoding: br
x-frontend: front512004
last-modified: Wed, 28 Jul 2021 15:50:38 GMT
server: kittenx
etag: "61017cce-2531"
strict-transport-security: max-age=15768000
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 9521
expires: Sat, 07 Aug 2021 16:30:19 GMT

GET
H2 200 common.21e88dbb125a0a4c1c28.css
vk.com/css/al/ 457 KB
62 KB 141ms
141ms Stylesheet
text/css 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/css/al/common.21e88dbb125a0a4c1c28.css
Requested by: Host: vk.com
URL: https://vk.com/doc365425136_612065974
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 1ff94b825645220a8b090be8ce0dbaa03a50a128d02243c659892310d034a0be

Request headers

:path: /css/al/common.21e88dbb125a0a4c1c28.css
pragma: no-cache
cookie: remixlang=3; remixstid=190216577_1zCupRZxvWHEboRvu3Xbfx124KLnZLhFZ4iti3hVpRz
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: vk.com
referer: https://vk.com/doc365425136_612065974
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vk.com/doc365425136_612065974
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:30:19 GMT
content-encoding: br
x-frontend: front512004
last-modified: Tue, 03 Aug 2021 13:17:34 GMT
server: kittenx
etag: "610941ee-f67a"
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 63098
expires: Sat, 07 Aug 2021 16:30:19 GMT

GET
H2 200 base.0d4569037635ee5dd02c.css
vk.com/css/al/ 109 KB
18 KB 140ms
140ms Stylesheet
text/css 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/css/al/base.0d4569037635ee5dd02c.css
Requested by: Host: vk.com
URL: https://vk.com/doc365425136_612065974
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 5bf6bb81c28fcf4163c713d1937a89cf74595b723603ea6a5ab3b36b9ac46314

Request headers

:path: /css/al/base.0d4569037635ee5dd02c.css
pragma: no-cache
cookie: remixlang=3; remixstid=190216577_1zCupRZxvWHEboRvu3Xbfx124KLnZLhFZ4iti3hVpRz
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: vk.com
referer: https://vk.com/doc365425136_612065974
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vk.com/doc365425136_612065974
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:30:19 GMT
content-encoding: br
x-frontend: front512004
last-modified: Mon, 26 Jul 2021 10:47:55 GMT
server: kittenx
etag: "60fe92db-4523"
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 17699
expires: Sat, 07 Aug 2021 16:30:19 GMT

GET
H2 200 fonts_utf.28c78210ed2708e599a9.css
vk.com/css/al/ 4 KB
1 KB 140ms
140ms Stylesheet
text/css 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/css/al/fonts_utf.28c78210ed2708e599a9.css
Requested by: Host: vk.com
URL: https://vk.com/doc365425136_612065974
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 078bd2419fc53061c298020cfea6de96b055dd57030d8e2c8b71e63fedaa9938

Request headers

:path: /css/al/fonts_utf.28c78210ed2708e599a9.css
pragma: no-cache
cookie: remixlang=3; remixstid=190216577_1zCupRZxvWHEboRvu3Xbfx124KLnZLhFZ4iti3hVpRz
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: vk.com
referer: https://vk.com/doc365425136_612065974
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vk.com/doc365425136_612065974
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:30:19 GMT
content-encoding: br
x-frontend: front512004
last-modified: Tue, 13 Jul 2021 12:17:48 GMT
server: kittenx
etag: "60ed846c-408"
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 1032
expires: Sat, 07 Aug 2021 16:30:19 GMT

GET
H2 200 fonts_cnt.844006a53604399a986b.css
vk.com/css/al/ 470 KB
352 KB 140ms
140ms Stylesheet
text/css 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/css/al/fonts_cnt.844006a53604399a986b.css
Requested by: Host: vk.com
URL: https://vk.com/doc365425136_612065974
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 2b86791b4bc5469817735d814f73f5b52cdc6078c60befd4c6cbe27c68b40027

Request headers

:path: /css/al/fonts_cnt.844006a53604399a986b.css
pragma: no-cache
cookie: remixlang=3; remixstid=190216577_1zCupRZxvWHEboRvu3Xbfx124KLnZLhFZ4iti3hVpRz
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: vk.com
referer: https://vk.com/doc365425136_612065974
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vk.com/doc365425136_612065974
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:30:19 GMT
content-encoding: br
x-frontend: front512004
last-modified: Tue, 13 Jul 2021 12:17:48 GMT
server: kittenx
etag: "60ed846c-57c35"
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 359477
expires: Sat, 07 Aug 2021 16:30:19 GMT

GET
DATA 200
OK truncated
/ 62 KB
62 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e

Request headers

Origin: https://vk.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H/1.1 200
OK vk_gettoken Show response
ms.vkuserdocs.net/ Frame 7BDD 44 KB
45 KB 408ms
143ms Document
text/html 95.213.31.169
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ms.vkuserdocs.net/vk_gettoken?file_name=%D0%9B%D0%B8%D1%81%D1%82%D0%BE%D0%B2%D0%BA%D0%B0-%D0%B0%D0%BA%D1%86%D0%B8%D0%B8-%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D1%8F-%D0%B2%D0%B5%D1%82%D0%B5%D1%80%D0%B0%D0%BD%D0%B0%D0%BC..docx&file_url=https%3A%2F%2Fvk.com%2Fdocs%3Fact%3Ddoc_preview_link%26user_id%3D0%26time%3D1628008219%26oid%3D365425136%26did%3D612065974%26hash%3D440ed79bec3b98c9e8&sig_client=vk_view&sig_timestamp=1628008219&ttl=3600&user_id=0&signature=918aa754af6d14d7b12a3e08b584fd79
Requested by: Host: vk.com
URL: https://vk.com/doc365425136_612065974
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.213.31.169 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv169-31-213-95.vk.com
Software: nginx/1.14.2 /
Resource Hash: 5d353de695c97243cbde207ebff8d638d27fa70536530cb100fb6632afdc966c

Request headers

Host: ms.vkuserdocs.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vk.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vk.com/

Response headers

Server: nginx/1.14.2
Date: Tue, 03 Aug 2021 16:29:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 45438
Connection: keep-alive
X-req-id: P2jPhAds27
X-server: blizzard
X-page-id
X-timing: 0.0377819538116455
X-timestamp: 1628008220
X-Host: adm808123
X-UA-Compatible: IE=Edge
X-Upstream-Time: 3039660.441

GET
DATA 200
OK truncated
/ 62 KB
62 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 761c95dd192a81733d024d9f644d9b531c358f0f0ea83e9fd6211b6bd424873d

Request headers

Origin: https://vk.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2

200

246439184
www.tns-counter.ru/V13b**clid:undefined**vk_com/ru/UTF-8/tmsec=vksite_total/
Redirect Chain

https://www.tns-counter.ru/V13a**clid:undefined**vk_com/ru/UTF-8/tmsec=vksite_total/246439184
https://www.tns-counter.ru/V13b**clid:undefined**vk_com/ru/UTF-8/tmsec=vksite_total/246439184

43 B
297 B

45ms
45ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b**clid:undefined**vk_com/ru/UTF-8/tmsec=vksite_total/246439184
Requested by: Host: vk.com
URL: https://vk.com/doc365425136_612065974
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: tns-counter-3.1.0/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 16:30:20 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Aug 2021 16:30:20 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b**clid:undefined**vk_com/ru/UTF-8/tmsec=vksite_total/246439184
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 0.gif
img1.imgsmail.ru/ Frame 7BDD 103 B
284 B 296ms
63ms Image
image/gif 217.69.139.102
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img1.imgsmail.ru/0.gif?rnd=0.8257373685580047

Requested by

Host: ms.vkuserdocs.net
URL: https://ms.vkuserdocs.net/vk_gettoken?file_name=%D0%9B%D0%B8%D1%81%D1%82%D0%BE%D0%B2%D0%BA%D0%B0-%D0%B0%D0%BA%D1%86%D0%B8%D0%B8-%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D1%8F-%D0%B2%D0%B5%D1%82%D0%B5%D1%80%D0%B0%D0%BD%D0%B0%D0%BC..docx&file_url=https%3A%2F%2Fvk.com%2Fdocs%3Fact%3Ddoc_preview_link%26user_id%3D0%26time%3D1628008219%26oid%3D365425136%26did%3D612065974%26hash%3D440ed79bec3b98c9e8&sig_client=vk_view&sig_timestamp=1628008219&ttl=3600&user_id=0&signature=918aa754af6d14d7b12a3e08b584fd79

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.69.139.102 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

img.imgsmail.ru

Software

nginx /

Resource Hash

f9abbefa16a5b210042dee6fa01c638e09a012e4eda22f879a391404a6a26777

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ms.vkuserdocs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:30:20 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2017 20:41:26 GMT
server: nginx
etag: "58a8b176-67"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 103

POST
H2 200 update
xray.mail.ru/ Frame 7BDD 43 B
286 B 259ms
62ms Ping
image/gif 185.5.137.180
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://xray.mail.ru/update

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.5.137.180 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

is-radar38.common.radar.imgsmail.ru

Software

nginx/1.19.4 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ms.vkuserdocs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryZ5P6s32XhNAVQ8XC

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 16:30:20 GMT
x-content-type-options: nosniff
server: nginx/1.19.4
content-type: image/gif
cache-control: private, no-cache, no-store, max-age=0
x-host: is-radar38.i (189)
timing-allow-origin: *
content-length: 43
x-request-id: 8626:86b3155b00000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 update
xray.mail.ru/ Frame 7BDD 43 B
285 B 259ms
63ms Ping
image/gif 185.5.137.180
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://xray.mail.ru/update

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.5.137.180 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

is-radar38.common.radar.imgsmail.ru

Software

nginx/1.19.4 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ms.vkuserdocs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryWuQ31UtbRfU5VeCk

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 16:30:20 GMT
x-content-type-options: nosniff
server: nginx/1.19.4
content-type: image/gif
cache-control: private, no-cache, no-store, max-age=0
x-host: is-radar38.i (127)
timing-allow-origin: *
content-length: 43
x-request-id: 8626:86b3155d00000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 update
xray.mail.ru/ Frame 7BDD 43 B
285 B 290ms
103ms Ping
image/gif 185.5.137.180
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://xray.mail.ru/update

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.5.137.180 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

is-radar38.common.radar.imgsmail.ru

Software

nginx/1.19.4 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ms.vkuserdocs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarybI5woqWiXXvMNYNp

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 16:30:20 GMT
x-content-type-options: nosniff
server: nginx/1.19.4
content-type: image/gif
cache-control: private, no-cache, no-store, max-age=0
x-host: is-radar38.i (174)
timing-allow-origin: *
content-length: 43
x-request-id: 8626:86b3164c00000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 update
xray.mail.ru/ Frame 7BDD 43 B
285 B 290ms
103ms Ping
image/gif 185.5.137.180
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://xray.mail.ru/update

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.5.137.180 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

is-radar38.common.radar.imgsmail.ru

Software

nginx/1.19.4 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ms.vkuserdocs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarytF9D55AaU58PYCFE

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 16:30:20 GMT
x-content-type-options: nosniff
server: nginx/1.19.4
content-type: image/gif
cache-control: private, no-cache, no-store, max-age=0
x-host: is-radar38.i (136)
timing-allow-origin: *
content-length: 43
x-request-id: 8626:86b3165000000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame 4437 75 KB
77 KB 214ms
29ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b3f65569e418b836e84c9a653227aad7617f84453820b34b84bf072322f0fded

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: POST
:authority: word-view.officeapps.live.com
:scheme: https
:path: /wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
content-length: 99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://ms.vkuserdocs.net
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ms.vkuserdocs.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://ms.vkuserdocs.net
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ms.vkuserdocs.net/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Wed, 03-Nov-2021 16:30:20 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure; httponly GEU2C-ARRAffinity=769e28ec8ded2268d97867daa6c55b009fc4a8368aae50e286d884f775e777e4;Path=/;Domain=word-view.officeapps.live.com; samesite=none; secure; httponly
x-correlationid: ade649a1-7c1a-4d58-a3c2-1736d253deb7
x-usersessionid: ade649a1-7c1a-4d58-a3c2-1736d253deb7
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF0000D41F
x-officeversion: 16.0.14328.41001
x-officecluster: GEU2C
x-content-type-options: nosniff
content-security-policy: font-src data: c1-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-word-view-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
document-policy: js-profiling
x-officefd: AM4PEPF0000D7D2
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-msedge-ref: Ref A: 50576BB5AFFB4AC89602D1D6E6CF4769 Ref B: AM3EDGE1021 Ref C: 2021-08-03T16:30:20Z
date: Tue, 03 Aug 2021 16:30:20 GMT

GET
H/1.1 200
OK WordViewer.css
c1-word-view-15.cdn.office.net/wv/s/h29B581DDF5C2F0A4_resources/1033/ Frame 4437 223 KB
40 KB 112ms
26ms Stylesheet
text/css 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h29B581DDF5C2F0A4_resources/1033/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

29b581ddf5c2f0a40912df826b883fb775a1ecd134be56b7fc23be129dc7a187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"37edc9cd6385d71:0"
X-OfficeCluster: US3C
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: DM3PEPF00012E70
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 40298
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 16:56:13 GMT
X-OFFICEFD: DM3PEPF000132E0
X-MSEdge-Ref: Ref A: DCE868800CEA4957AE4FE4F07108F1CD Ref B: LON21EDGE0615 Ref C: 2021-07-30T16:56:12Z
X-UserSessionId: 90ee159e-83ee-4f05-b0ba-ea4b3b512407
Date: Tue, 03 Aug 2021 16:30:20 GMT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 90ee159e-83ee-4f05-b0ba-ea4b3b512407
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjaxDS.js Show response
c1-word-view-15.cdn.office.net/wv/s/hAA0D73C592F0566F_App_Scripts/ Frame 4437 106 KB
24 KB 112ms
26ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/hAA0D73C592F0566F_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

aa0d73c592f0566f1bd1d582001452e2414986d42526bc06689303e6599a4e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "7cbcaaa03083d71:0"
X-OfficeCluster: US4C
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: DM3PEPF000132B6
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 23630
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 27 Jul 2021 21:44:50 GMT
X-OFFICEFD: DM3PEPF000132AF
X-MSEdge-Ref: Ref A: 0D0541B053B14BA59E64C52384AF07FD Ref B: LON21EDGE1408 Ref C: 2021-07-28T07:17:18Z
X-UserSessionId: 2117835f-6979-4b67-b3bf-04f47c59a865
Date: Tue, 03 Aug 2021 16:30:20 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 2117835f-6979-4b67-b3bf-04f47c59a865
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK CommonIntl.js Show response
c1-word-view-15.cdn.office.net/wv/s/h7DF7208684486B41_App_Scripts/1033/ Frame 4437 109 KB
32 KB 109ms
25ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h7DF7208684486B41_App_Scripts/1033/CommonIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7df7208684486b41599fd59cb6f0714a760dfb866c5606edb0ac8ae6338fceb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"86812cce6385d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: DB5PEPF000083D6
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 31483
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 16:56:13 GMT
X-OFFICEFD: DB5PEPF000082A3
X-MSEdge-Ref: Ref A: 002346644081449785EADC929CF53A14 Ref B: LON21EDGE0310 Ref C: 2021-07-30T16:56:13Z
X-UserSessionId: 90ee159e-83ee-4f05-b0ba-ea4b3b512407
Date: Tue, 03 Aug 2021 16:30:20 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 90ee159e-83ee-4f05-b0ba-ea4b3b512407
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Compat.js Show response
c1-word-view-15.cdn.office.net/wv/s/h06FE78141D1F3A43_App_Scripts/ Frame 4437 6 KB
2 KB 108ms
24ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h06FE78141D1F3A43_App_Scripts/Compat.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "7e8ff08c587fd71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14320.41016
X-OfficeFE: DB5PEPF000083EC
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1365
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 23 Jul 2021 00:20:32 GMT
X-OFFICEFD: DB5PEPF000082C6
X-MSEdge-Ref: Ref A: 0DD0E15D11C74CE8946ABE112ADD508D Ref B: LON21EDGE0714 Ref C: 2021-07-26T09:56:17Z
X-UserSessionId: 28b57e96-d854-4a97-9058-86ec899ccc1f
Date: Tue, 03 Aug 2021 16:30:20 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 28b57e96-d854-4a97-9058-86ec899ccc1f
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WordViewerIntl.js Show response
c1-word-view-15.cdn.office.net/wv/s/h49AFD3FB5E69B631_App_Scripts/1033/ Frame 4437 19 KB
4 KB 108ms
25ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h49AFD3FB5E69B631_App_Scripts/1033/WordViewerIntl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

49afd3fb5e69b631b949d25dfaf224c6532309563ca55d3aa9f59e4ee821dcd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "8c8f70b3187dd71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14315.41014
X-OfficeFE: DB5PEPF000083EC
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3318
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Tue, 20 Jul 2021 03:38:27 GMT
X-OFFICEFD: DB5PEPF000082B9
X-UserSessionId: a72f4633-1b86-4239-a688-554d36352a93
Date: Tue, 03 Aug 2021 16:30:20 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: a72f4633-1b86-4239-a688-554d36352a93
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK word-app-intl.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/hE0BC82A9B3273C1C_App_Scripts/1033/ Frame 4437 406 KB
94 KB 109ms
25ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/hE0BC82A9B3273C1C_App_Scripts/1033/word-app-intl.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e0bc82a9b3273c1cebb9e6886bd57fbaac87a872580704c3510ccc7701a8aa56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"6ee86acd6385d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: DB5PEPF0000840E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 95181
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 16:56:12 GMT
X-OFFICEFD: DB5PEPF000082A9
X-MSEdge-Ref: Ref A: 86319C9803DF4CE69F39018701E1B0C9 Ref B: LON21EDGE0709 Ref C: 2021-07-30T16:56:12Z
X-UserSessionId: 90ee159e-83ee-4f05-b0ba-ea4b3b512407
Date: Tue, 03 Aug 2021 16:30:20 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 90ee159e-83ee-4f05-b0ba-ea4b3b512407
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK WordViewerDS.js Show response
c1-word-view-15.cdn.office.net/wv/s/h24192D814A848677_App_Scripts/ Frame 4437 3 MB
713 KB 48ms
47ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h24192D814A848677_App_Scripts/WordViewerDS.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

24192d814a8486770b6203005c3fc2036f5dab2d7ac7adabd7a6b561fb30f51a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"5b1b266485d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: DB5PEPF0000840F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 728955
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 16:57:48 GMT
X-OFFICEFD: DB5PEPF000082C6
X-MSEdge-Ref: Ref A: 2C11AB25AD2B4DBC84B3B9D7259DFD58 Ref B: LON21EDGE0507 Ref C: 2021-07-30T16:57:48Z
X-UserSessionId: 68f39774-8f7d-47d5-9863-81133883dcf8
Date: Tue, 03 Aug 2021 16:30:20 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 68f39774-8f7d-47d5-9863-81133883dcf8
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 4437 0
551 B 25ms
24ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14328.41001&waccluster=GEU2C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
X-UserSessionId: ade649a1-7c1a-4d58-a3c2-1736d253deb7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: GEU2C
x-officeversion: 16.0.14328.41001
x-officefe: AM4PEPF0000D41F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-officefdproxy: AM4PEPF000068B0
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: b7c6dac9-5b16-41de-8242-b20de892b960
x-officefd: AM4PEPF000068B0
x-usersessionid: ade649a1-7c1a-4d58-a3c2-1736d253deb7
x-powered-by: ARR/3.0
date: Tue, 03 Aug 2021 16:30:20 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://GEU2Cdso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 8BE3CC0E7ADB44678FB31CEAD591D5D9 Ref B: AM3EDGE1021 Ref C: 2021-08-03T16:30:20Z
timing-allow-origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 4437 43 KB
43 KB 169ms
168ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fmsedit%2Evkuserdocs%2Enet%2Fwopi%2Dview%2Ffiles%2F7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG&access_token=mkQBNiTvmWyKNhhoy3MY4KPi3jUVwn5aK6QmX5fvKvArq5rVz9n4cdU&access_token_ttl=1628010010000&z=UHoA23fAcZJpBYRInAjvSXg3EVZP9w%2BSFtKLAGb1fjI%3D&v=00000000-0000-0000-0000-000000000802&usid=ade649a1-7c1a-4d58-a3c2-1736d253deb7&splashscreen=1&build=16.0.14328.41001&waccluster=GEU2C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

395cc2c36f424450d8fd0e8e058c211fe0152ea6dd1964181b2800f9680aab0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: GEU2C
x-officeversion: 16.0.14328.41001
x-officefe: AM4PEPF0000D41F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-officefdproxy: AM4PEPF000068C0
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 43747
etag: "WOPIsrc=https%3A%2F%2Fmsedit%2Evkuserdocs%2Enet%2Fwopi%2Dview%2Ffiles%2F7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG&access_token=mkQBNiTvmWyKNhhoy3MY4KPi3jUVwn5aK6QmX5fvKvArq5rVz9n4cdU&access_token_ttl=1628010010000&z=UHoA23fAcZJpBYRInAjvSXg3EVZP9w%2BSFtKLAGb1fjI%3D00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: a46821c0-9a6d-4cd7-9695-a16412d6abd5
x-officefd: AM4PEPF000068C0
x-usersessionid: ade649a1-7c1a-4d58-a3c2-1736d253deb7
x-powered-by: ARR/3.0
date: Tue, 03 Aug 2021 16:30:20 GMT
x-download-options: noopen
content-type: image/png
x-officefd-wac-fwd: https://GEU2Cdso-word-view.officeapps.live.com/wv/ResReader.ashx
cache-control: private
x-msedge-ref: Ref A: 0E991D5B358C4DF7B0665AF7ED110700 Ref B: AM3EDGE1021 Ref C: 2021-08-03T16:30:20Z
timing-allow-origin: *
expires: Wed, 03 Aug 2022 16:30:20 GMT

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 4437 0
367 B 24ms
23ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14328.41001&waccluster=GEU2C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
X-UserSessionId: ade649a1-7c1a-4d58-a3c2-1736d253deb7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":158,"Value":"https://c1-word-view-15.cdn.office.net:443/wv/s/h29B581DDF5C2F0A4_resources/1033/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: GEU2C
x-officeversion: 16.0.14328.41001
x-officefe: AM4PEPF0000D41F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-officefdproxy: AM4PEPF0000689F
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: cbc92c97-40c3-4a50-9b55-d18c8895f2c6
x-officefd: AM4PEPF0000689F
x-usersessionid: ade649a1-7c1a-4d58-a3c2-1736d253deb7
x-powered-by: ARR/3.0
date: Tue, 03 Aug 2021 16:30:20 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://GEU2Cdso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 27509A0948B04C72B3CEB77A3DFF80DE Ref B: AM3EDGE1021 Ref C: 2021-08-03T16:30:20Z
timing-allow-origin: *

GET
H/1.1 200
OK sharedheaderplaceholder-icons.woff
c1-word-view-15.cdn.office.net/wv/s/h89EDB66D2A189EF4_App_Scripts/fonts/ Frame 4437 2 KB
3 KB 31ms
30ms Font
font/x-woff 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h89EDB66D2A189EF4_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

89edb66d2a189ef4ba42857076ec94080a7e07196bd730bd152d20511f62925c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "a2e9ca73a385d71:0"
X-OfficeCluster: US1C
X-OfficeVersion: 16.0.14328.41001
X-OfficeFE: DM3PEPF0001395E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 2472
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Sat, 31 Jul 2021 00:31:49 GMT
X-OFFICEFD: DM3PEPF00008A20
X-MSEdge-Ref: Ref A: 5F9F1D6CEBD4462EAE48D4C493C295F3 Ref B: LON21EDGE0812 Ref C: 2021-08-02T03:53:55Z
X-UserSessionId: c171a4c6-4136-42fc-aba0-a26643bb32dc
Date: Tue, 03 Aug 2021 16:30:20 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: c171a4c6-4136-42fc-aba0-a26643bb32dc
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 4437 0
333 B 28ms
28ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14328.41001&waccluster=GEU2C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
X-UserSessionId: ade649a1-7c1a-4d58-a3c2-1736d253deb7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":393,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: GEU2C
x-officeversion: 16.0.14328.41001
x-officefe: AM4PEPF0000D41F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-officefdproxy: AM4PEPF0000601A
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: 087f083a-fe6e-4522-855e-82469388fbeb
x-officefd: AM4PEPF0000601A
x-usersessionid: ade649a1-7c1a-4d58-a3c2-1736d253deb7
x-powered-by: ARR/3.0
date: Tue, 03 Aug 2021 16:30:20 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://GEU2Cdso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 4FFF90B1EAA24178A7CBC866C29F68C5 Ref B: AM3EDGE1021 Ref C: 2021-08-03T16:30:21Z
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
word-view.officeapps.live.com/wv/ Frame 4437 0
429 B 32ms
32ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteTelemetry.ashx

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h24192D814A848677_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF000068A5
x-officeversion: 16.0.14328.41001
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 17e85979-739c-400c-8248-42829ea38cf5
x-officecluster: PNL1
x-usersessionid: 17e85979-739c-400c-8248-42829ea38cf5
date: Tue, 03 Aug 2021 16:30:20 GMT
x-download-options: noopen
access-control-allow-origin: https://word-view.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 7268FA5675954EC1B437D74DF2FCF93F Ref B: AM3EDGE1021 Ref C: 2021-08-03T16:30:21Z
timing-allow-origin: *
x-officefe: AM4PEPF000069E6

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame 4437 445 B
817 B 26ms
25ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fmsedit%2Evkuserdocs%2Enet%2Fwopi%2Dview%2Ffiles%2F7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG&access_token=mkQBNiTvmWyKNhhoy3MY4KPi3jUVwn5aK6QmX5fvKvArq5rVz9n4cdU&access_token_ttl=1628010010000&z=UHoA23fAcZJpBYRInAjvSXg3EVZP9w%2BSFtKLAGb1fjI%3D&type=png&o15=1&ui=en-US

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hAA0D73C592F0566F_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4bd89c3c000cac90684d0df15cefbe1006170c82c8cfa7e71cfba25320bcaac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF0000D41F
X-UserSessionId: ade649a1-7c1a-4d58-a3c2-1736d253deb7
X-OfficeVersion: 16.0.14328.41001
X-Key: t2K6QsFsHR5XB6FNcajvWc13ftdVLGuKNysYxA6aDjA=,637636050207450958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: GEU2C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: GEU2C
x-officeversion: 16.0.14328.41001
x-officefe: AM4PEPF0000D41F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 414
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: cac1c22a-254f-40a8-964f-24674003320d
x-officefd: AM4PEPF0000D7D0
x-usersessionid: ade649a1-7c1a-4d58-a3c2-1736d253deb7
date: Tue, 03 Aug 2021 16:30:20 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 0BEC9A53020F4DADBFE88AA0237ADD7D Ref B: AM3EDGE1021 Ref C: 2021-08-03T16:30:21Z
timing-allow-origin: *
expires: Wed, 03 Aug 2022 16:30:21 GMT

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/ Frame 4437 40 KB
7 KB 25ms
25ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h24192D814A848677_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"bbcccf96385d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: AM4PEPF000069E5
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5997
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 16:57:26 GMT
X-OFFICEFD: AM4PEPF000068B2
X-MSEdge-Ref: Ref A: 4D6E878CDBD24A0495E0202B9AD07285 Ref B: LON21EDGE0616 Ref C: 2021-07-30T16:57:26Z
X-UserSessionId: 46431167-eb47-45eb-a2e6-523da071f96e
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 46431167-eb47-45eb-a2e6-523da071f96e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK segoeui.woff
c1-word-view-15.cdn.office.net/wv/s/h29B581DDF5C2F0A4_resources/1033/ Frame 4437 22 KB
23 KB 26ms
25ms Font
font/x-woff 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h29B581DDF5C2F0A4_resources/1033/segoeui.woff

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h29B581DDF5C2F0A4_resources/1033/WordViewer.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://c1-word-view-15.cdn.office.net/wv/s/h29B581DDF5C2F0A4_resources/1033/WordViewer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"d5a8366d6585d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: DB5PEPF000083EE
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 22720
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 17:07:50 GMT
X-OFFICEFD: DB5PEPF000082E4
X-MSEdge-Ref: Ref A: B20964003FF84F3DAE1C405A02C77973 Ref B: LON21EDGE0910 Ref C: 2021-07-30T17:07:49Z
X-UserSessionId: 79488c8c-d6a2-4b5f-9443-3542d9ab091c
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: 79488c8c-d6a2-4b5f-9443-3542d9ab091c
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
BLOB 200
OK dd1b3e4d-b810-4285-a3b2-eb7850686b10
https://word-view.officeapps.live.com/ Frame 4437 224 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/dd1b3e4d-b810-4285-a3b2-eb7850686b10
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf394c5b419639e1ba6d31509887addf54526117869c7ed912fc054c4effcc5b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 224
Content-Type: application/javascript

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 4437 0
460 B 24ms
24ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14328.41001&waccluster=GEU2C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
X-UserSessionId: ade649a1-7c1a-4d58-a3c2-1736d253deb7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":630,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: GEU2C
x-officeversion: 16.0.14328.41001
x-officefe: AM4PEPF0000D41F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-officefdproxy: AM4PEPF0000689F
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 230a7e78-eefb-44a7-a317-7d93c6d802fd
x-officefd: AM4PEPF0000689F
x-usersessionid: ade649a1-7c1a-4d58-a3c2-1736d253deb7
x-powered-by: ARR/3.0
date: Tue, 03 Aug 2021 16:30:20 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://GEU2Cdso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 605BE57C03614E6C9BB50957ABD8611D Ref B: AM3EDGE1021 Ref C: 2021-08-03T16:30:21Z
timing-allow-origin: *

GET
H/1.1 200
OK WordViewerDS.dll1.js Show response
c1-word-view-15.cdn.office.net/wv/s/h24192D814A848677_App_Scripts/ Frame 4437 792 KB
132 KB 29ms
29ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/h24192D814A848677_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h24192D814A848677_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

07995b1f4cc5fc44acb070d1992662d2efc9537c120317ecfacfa2255b644349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"cdd4e4446485d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: AM4PEPF00006A0C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 134218
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 16:59:32 GMT
X-OFFICEFD: AM4PEPF000068AF
X-MSEdge-Ref: Ref A: 69707187728F44868ACE85FC71ADA49D Ref B: LON21EDGE1019 Ref C: 2021-07-30T16:59:32Z
X-UserSessionId: 5ce8a7bc-271a-42af-ba71-e9b2a460b269
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 5ce8a7bc-271a-42af-ba71-e9b2a460b269
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-word-view-15.cdn.office.net/wv/s/161432841001_resources/1033/ Frame 4437 695 B
2 KB 25ms
24ms Image
image/gif 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_resources/1033/progress.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"288641816485d71:0"
X-OfficeCluster: GEU1C
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: AM4PEPF0000D3EC
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
Last-Modified: Fri, 30 Jul 2021 17:01:14 GMT
X-OFFICEFD: AM4PEPF0000D7CE
X-MSEdge-Ref: Ref A: E473386FCA464A8ABE32B3DC377C7756 Ref B: LON21EDGE0311 Ref C: 2021-07-30T17:01:14Z
X-UserSessionId: 39d0a111-bf2e-4468-b49e-25631fee2327
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 39d0a111-bf2e-4468-b49e-25631fee2327
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 4437 43 KB
43 KB 177ms
175ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=ade649a1-7c1a-4d58-a3c2-1736d253deb7&build=16.0.14328.41001&WOPIsrc=https%3A%2F%2Fmsedit%2Evkuserdocs%2Enet%2Fwopi%2Dview%2Ffiles%2F7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG&access_token=mkQBNiTvmWyKNhhoy3MY4KPi3jUVwn5aK6QmX5fvKvArq5rVz9n4cdU&access_token_ttl=1628010010349&z=UHoA23fAcZJpBYRInAjvSXg3EVZP9w%2BSFtKLAGb1fjI%3D&waccluster=GEU2C

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

395cc2c36f424450d8fd0e8e058c211fe0152ea6dd1964181b2800f9680aab0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: GEU2C
x-officeversion: 16.0.14328.41001
x-officefe: AM4PEPF0000D41F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-officefdproxy: AM4PEPF000068A7
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 43747
etag: "WOPIsrc=https%3A%2F%2Fmsedit%2Evkuserdocs%2Enet%2Fwopi%2Dview%2Ffiles%2F7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG&access_token=mkQBNiTvmWyKNhhoy3MY4KPi3jUVwn5aK6QmX5fvKvArq5rVz9n4cdU&access_token_ttl=1628010010349&z=UHoA23fAcZJpBYRInAjvSXg3EVZP9w%2BSFtKLAGb1fjI%3D00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: afa22d97-d483-4518-b1e8-4bdd43ccd6f4
x-officefd: AM4PEPF000068A7
x-usersessionid: ade649a1-7c1a-4d58-a3c2-1736d253deb7
x-powered-by: ARR/3.0
date: Tue, 03 Aug 2021 16:30:20 GMT
x-download-options: noopen
content-type: image/png
x-officefd-wac-fwd: https://GEU2Cdso-word-view.officeapps.live.com/wv/ResReader.ashx
cache-control: private
x-msedge-ref: Ref A: 91AC627A03414417ABE7C7D24348D1DC Ref B: AM3EDGE1021 Ref C: 2021-08-03T16:30:21Z
timing-allow-origin: *
expires: Wed, 03 Aug 2022 16:30:21 GMT

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 4437 7 KB
8 KB 69ms
68ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=ade649a1-7c1a-4d58-a3c2-1736d253deb7&build=16.0.14328.41001&WOPIsrc=https%3A%2F%2Fmsedit%2Evkuserdocs%2Enet%2Fwopi%2Dview%2Ffiles%2F7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG&access_token=mkQBNiTvmWyKNhhoy3MY4KPi3jUVwn5aK6QmX5fvKvArq5rVz9n4cdU&access_token_ttl=1628010010349&z=UHoA23fAcZJpBYRInAjvSXg3EVZP9w%2BSFtKLAGb1fjI%3D&waccluster=GEU2C

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c361ab5ec0b36ca0d21c4b55bd2638d3ed747867c0ae104f4c615183478cf276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: GEU2C
x-officeversion: 16.0.14328.41001
x-officefe: AM4PEPF0000D41F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 7208
etag: "WOPIsrc=https%3A%2F%2Fmsedit%2Evkuserdocs%2Enet%2Fwopi%2Dview%2Ffiles%2F7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG&access_token=mkQBNiTvmWyKNhhoy3MY4KPi3jUVwn5aK6QmX5fvKvArq5rVz9n4cdU&access_token_ttl=1628010010349&z=UHoA23fAcZJpBYRInAjvSXg3EVZP9w%2BSFtKLAGb1fjI%3D00000000-0000-0000-0000-000000000802p2.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: a75a319e-0aa8-49fe-a884-3418af531c81
x-officefd: AM4PEPF0000D7D3
x-usersessionid: ade649a1-7c1a-4d58-a3c2-1736d253deb7
date: Tue, 03 Aug 2021 16:30:20 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 9E095612486F40DCB11E6DDE8D183C94 Ref B: AM3EDGE1021 Ref C: 2021-08-03T16:30:21Z
timing-allow-origin: *
expires: Wed, 03 Aug 2022 16:30:21 GMT

GET
H/1.1 200
OK appResourceLoader.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/ Frame 4437 6 KB
3 KB 25ms
25ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/appResourceLoader.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h24192D814A848677_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6cdc9757cf1ad2a06f9333e6dfac7dac2463090c9e069fa66c1aeb83070708ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"99471afb6385d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: DB5PEPF000064AB
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1996
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 16:57:29 GMT
X-OFFICEFD: DB5PEPF00006494
X-MSEdge-Ref: Ref A: 4041D9B40FAD4F328607C39C3A60C1AA Ref B: LON21EDGE0517 Ref C: 2021-07-30T16:57:29Z
X-UserSessionId: 86eb4aee-ede7-43f7-8da3-e782cbd9c84a
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 86eb4aee-ede7-43f7-8da3-e782cbd9c84a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-word-view-15.cdn.office.net/wv/s/161432841001_resources/1033/ Frame 4437 695 B
2 KB 33ms
32ms Image
image/gif 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_resources/1033/progress.gif

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h24192D814A848677_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"288641816485d71:0"
X-OfficeCluster: GEU1C
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: AM4PEPF0000D3EC
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
Last-Modified: Fri, 30 Jul 2021 17:01:14 GMT
X-OFFICEFD: AM4PEPF0000D7CE
X-MSEdge-Ref: Ref A: E473386FCA464A8ABE32B3DC377C7756 Ref B: LON21EDGE0311 Ref C: 2021-07-30T17:01:14Z
X-UserSessionId: 39d0a111-bf2e-4468-b49e-25631fee2327
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 39d0a111-bf2e-4468-b49e-25631fee2327
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wv.png
c1-word-view-15.cdn.office.net/wv/s/161432841001_resources/1033/ Frame 4437 34 KB
35 KB 50ms
29ms Image
image/png 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_resources/1033/wv.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "8e63d63e6485d71:0"
X-OfficeCluster: US3C
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: DM3PEPF000137AE
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 35196
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 16:59:22 GMT
X-OFFICEFD: DM3PEPF000132E7
X-MSEdge-Ref: Ref A: 420BA36F5D9645EC83DDFEC1B619701B Ref B: LON21EDGE0506 Ref C: 2021-07-30T17:10:42Z
X-UserSessionId: 28bff9b3-21a7-4826-a4ff-4d3162063519
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 28bff9b3-21a7-4826-a4ff-4d3162063519
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress16.gif
c1-word-view-15.cdn.office.net/wv/s/161432841001_resources/1033/ Frame 4437 668 B
2 KB 75ms
26ms Image
image/gif 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_resources/1033/progress16.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"eba66f2f6585d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: DB5PEPF000083FF
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 668
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 17:06:06 GMT
X-OFFICEFD: DB5PEPF00006495
X-MSEdge-Ref: Ref A: 807E82E98B5A44B2958CFE7A18ACE615 Ref B: LON21EDGE1008 Ref C: 2021-07-30T17:06:06Z
X-UserSessionId: 15f98482-f4cc-46d9-b043-b8abeaa37e6c
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 15f98482-f4cc-46d9-b043-b8abeaa37e6c
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK word-app-intl.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/1033/ Frame 4437 406 KB
64 KB 66ms
26ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/1033/word-app-intl.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/appResourceLoader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e0bc82a9b3273c1cebb9e6886bd57fbaac87a872580704c3510ccc7701a8aa56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"0ad7e2f6585d71:0"
X-OfficeCluster: US1C
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: DM3PEPF00013957
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 64813
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 17:06:06 GMT
X-OFFICEFD: DM3PEPF00001D49
X-MSEdge-Ref: Ref A: 3947A5B33FEB4DA685561D78A956440C Ref B: LON21EDGE1312 Ref C: 2021-07-30T17:06:06Z
X-UserSessionId: 9d9630fd-88e6-436d-958d-32b738b70cf0
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 9d9630fd-88e6-436d-958d-32b738b70cf0
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK common.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/ Frame 4437 968 KB
195 KB 25ms
24ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/common.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h24192D814A848677_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

93d65c41e6b00f23267274c903794b1ba60e179027ccedff5802b6d79f72d324

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"c8a4b7296485d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: AM4PEPF00006033
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
Content-Length: 198610
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
Last-Modified: Fri, 30 Jul 2021 16:58:47 GMT
X-OFFICEFD: AM4PEPF000068B9
X-MSEdge-Ref: Ref A: 8371B77E492E4FF392F47A8EF43211AE Ref B: LON21EDGE0517 Ref C: 2021-07-30T16:58:47Z
X-UserSessionId: 90a5b0d8-b3ae-40fd-8a3d-59cacf6cde25
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 90a5b0d8-b3ae-40fd-8a3d-59cacf6cde25
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK appChrome.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/ Frame 4437 247 KB
45 KB 31ms
31ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/appChrome.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h24192D814A848677_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

aa84111cd4aebd78638596ccf0ac0961602b061d8869515aa25427f5fe0021f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"4aa1bb296485d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: DB5PEPF000083D3
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 45063
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 16:58:47 GMT
X-OFFICEFD: DB5PEPF000082A5
X-MSEdge-Ref: Ref A: 1CEE0A2164CE41C5A7AA9E616BB5AB9D Ref B: LON21EDGE1417 Ref C: 2021-07-30T16:58:47Z
X-UserSessionId: b4783f8e-633b-4f9c-b7cd-362999643cfc
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: b4783f8e-633b-4f9c-b7cd-362999643cfc
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 4437 0
391 B 25ms
23ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14328.41001&waccluster=GEU2C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
X-UserSessionId: ade649a1-7c1a-4d58-a3c2-1736d253deb7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":829,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: GEU2C
x-officeversion: 16.0.14328.41001
x-officefe: AM4PEPF0000D41F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-officefdproxy: AM4PEPF000068BF
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: 44d08efb-e365-4565-9c4b-877420dbe791
x-officefd: AM4PEPF000068BF
x-usersessionid: ade649a1-7c1a-4d58-a3c2-1736d253deb7
x-powered-by: ARR/3.0
date: Tue, 03 Aug 2021 16:30:21 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://GEU2Cdso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: F41EEE8EC0D84097826D21EFFB9C89A9 Ref B: AM3EDGE1021 Ref C: 2021-08-03T16:30:21Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 4437 0
527 B 25ms
24ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.14328.41001&waccluster=GEU2C

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hAA0D73C592F0566F_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: mkQBNiTvmWyKNhhoy3MY4KPi3jUVwn5aK6QmX5fvKvArq5rVz9n4cdU
X-WacFrontEnd: AM4PEPF0000D41F
X-UserSessionId: ade649a1-7c1a-4d58-a3c2-1736d253deb7
X-OfficeVersion: 16.0.14328.41001
X-Key: t2K6QsFsHR5XB6FNcajvWc13ftdVLGuKNysYxA6aDjA=,637636050207450958
X-bULS-SuppressionETag: 043C5EF5AFD3DAD667728D3933935C6C925443C8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1628010010000
X-WacCluster: GEU2C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: GEU2C
x-officeversion: 16.0.14328.41001
x-officefe: AM4PEPF0000D41F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 043C5EF5AFD3DAD667728D3933935C6C925443C8
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-officefdproxy: AM4PEPF000068A7
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_onenoteslice_control,afd_visioslice,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 50cfeee5-648d-4760-9438-c42fa40e8513
x-officefd: AM4PEPF000068A7
x-usersessionid: ade649a1-7c1a-4d58-a3c2-1736d253deb7
x-powered-by: ARR/3.0
date: Tue, 03 Aug 2021 16:30:21 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
x-officefd-wac-fwd: https://GEU2Cdso-word-view.officeapps.live.com/wv/remoteuls.ashx
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: ACF52F4AB2E04E85A7B6F462C67D256C Ref B: AM3EDGE1021 Ref C: 2021-08-03T16:30:21Z
timing-allow-origin: *

GET
H/1.1 200
OK common50.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/ Frame 4437 2 MB
338 KB 25ms
24ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/common50.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/appResourceLoader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cd7d34a8cb104494579c3d6af239908fcb0e66ba73387476c889df9900f6a046

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"8e6912a6485d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: AM4PEPF00006A1D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
Content-Length: 344552
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
Last-Modified: Fri, 30 Jul 2021 16:58:47 GMT
X-OFFICEFD: AM4PEPF000068C0
X-MSEdge-Ref: Ref A: 7339638061414B55975F702025F3BED1 Ref B: LON21EDGE1015 Ref C: 2021-07-30T16:58:47Z
X-UserSessionId: 8d1eb3a7-faa7-4b17-8894-921e443ef232
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 8d1eb3a7-faa7-4b17-8894-921e443ef232
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK appChromeLazy.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/ Frame 4437 510 KB
109 KB 27ms
26ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/appChromeLazy.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/appResourceLoader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

72ce7b1f643f14a128d4a8ad2dcf35144615cec0bd3a73ba02c877a56161a477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"51e272a6485d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: DB5PEPF0000840F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 110310
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 16:58:48 GMT
X-OFFICEFD: DB5PEPF000082B6
X-MSEdge-Ref: Ref A: F724B3F650EB41B6BA6B8ED709E40DAF Ref B: LON21EDGE0615 Ref C: 2021-07-30T16:58:48Z
X-UserSessionId: 6b568fcf-fafb-4a13-a33e-479db85d71cb
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 6b568fcf-fafb-4a13-a33e-479db85d71cb
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 4437 31 KB
32 KB 95ms
29ms Font
application/font-woff2 2.17.180.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.180.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-180-171.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 03 Aug 2021 16:30:21 GMT
last-modified: Thu, 26 Oct 2017 19:02:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ZtEeVbekE932qE6Fhpfntg==
etag: 0x8D51CA4122953A7
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 4d22773e-901e-0133-2244-c902aa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=10268703
x-ms-version: 2009-09-19
content-length: 31824

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 4437 13 KB
5 KB 28ms
27ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=ade649a1-7c1a-4d58-a3c2-1736d253deb7&build=16.0.14328.41001&WOPIsrc=https%3A%2F%2Fmsedit%2Evkuserdocs%2Enet%2Fwopi%2Dview%2Ffiles%2F7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG&access_token=mkQBNiTvmWyKNhhoy3MY4KPi3jUVwn5aK6QmX5fvKvArq5rVz9n4cdU&access_token_ttl=1628010010000&z=UHoA23fAcZJpBYRInAjvSXg3EVZP9w%2BSFtKLAGb1fjI%3D&waccluster=GEU2C

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hAA0D73C592F0566F_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

05174048ebda07e864c7acb91e2a6531936ffbc025e02ffc731bc258a419b274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF0000D41F
X-UserSessionId: ade649a1-7c1a-4d58-a3c2-1736d253deb7
X-OfficeVersion: 16.0.14328.41001
X-Key: t2K6QsFsHR5XB6FNcajvWc13ftdVLGuKNysYxA6aDjA=,637636050207450958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: GEU2C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: GEU2C
x-officeversion: 16.0.14328.41001
x-officefe: AM4PEPF0000D41F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-officefdproxy: AM4PEPF000068A5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4531
etag: "WOPIsrc=https%3A%2F%2Fmsedit%2Evkuserdocs%2Enet%2Fwopi%2Dview%2Ffiles%2F7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG&access_token=mkQBNiTvmWyKNhhoy3MY4KPi3jUVwn5aK6QmX5fvKvArq5rVz9n4cdU&access_token_ttl=1628010010000&z=UHoA23fAcZJpBYRInAjvSXg3EVZP9w%2BSFtKLAGb1fjI%3D00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: c68d8f24-d706-4e8e-ada0-e5558da81014
x-officefd: AM4PEPF000068A5
x-usersessionid: ade649a1-7c1a-4d58-a3c2-1736d253deb7
x-powered-by: ARR/3.0
date: Tue, 03 Aug 2021 16:30:21 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
x-officefd-wac-fwd: https://GEU2Cdso-word-view.officeapps.live.com/wv/ResReader.ashx
cache-control: private
x-msedge-ref: Ref A: BA5CBB22CCF14F8B8F1CA7060ACEDD57 Ref B: AM3EDGE1021 Ref C: 2021-08-03T16:30:21Z
timing-allow-origin: *
expires: Wed, 03 Aug 2022 16:30:21 GMT

GET
H/1.1 200
OK word-app-intl-lazy.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/1033/ Frame 4437 615 KB
72 KB 32ms
31ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/1033/word-app-intl-lazy.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h24192D814A848677_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

92e5a50f4dc07cab94ea3dc523d3a4ea9911537739e3ca84b3115510ade9301d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"3a8ab62f6585d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: AM4PEPF000069E8
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
Content-Length: 72314
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
Last-Modified: Fri, 30 Jul 2021 17:06:06 GMT
X-OFFICEFD: AM4PEPF000068A5
X-MSEdge-Ref: Ref A: A779903791744219A1B7E5CCC9CF1BD6 Ref B: LON21EDGE0613 Ref C: 2021-07-30T17:06:06Z
X-UserSessionId: b5f44bd0-51bb-4531-91ca-ac2054443a2f
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: b5f44bd0-51bb-4531-91ca-ac2054443a2f
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK uiSlice20.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/ Frame 4437 807 KB
148 KB 31ms
31ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/uiSlice20.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/appResourceLoader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a4147aabb11497344ee69d364305fd6aa6134f94e0858cdd51c8ec2a81b8f8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"1a22272a6485d71:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: BL6PEPF000075BD
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 150681
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 16:58:48 GMT
X-OFFICEFD: BL6PEPF00007A79
X-MSEdge-Ref: Ref A: 6027CE97F5134779836955ABC472D317 Ref B: LON21EDGE0517 Ref C: 2021-07-30T16:58:47Z
X-UserSessionId: 9bbeea08-022a-4e05-a51e-8216e848ff4d
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 9bbeea08-022a-4e05-a51e-8216e848ff4d
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK shellstrings.json Show response
c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/suiteux-shell/strings/en/ Frame 4437 13 KB
5 KB 24ms
24ms XHR
application/json 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/suiteux-shell/strings/en/shellstrings.json

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/appChromeLazy.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5bbcdd1950c8ea5dcc245f8db9c7da4c6b323ff5d790140ce198d2ae63da225d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"80a08b6c6585d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: AM4PEPF00006A2F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 4314
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 17:07:49 GMT
X-OFFICEFD: AM4PEPF0000601A
X-MSEdge-Ref: Ref A: F62A9FB902D545548F4AF16C8B618BC6 Ref B: LON21EDGE1410 Ref C: 2021-07-30T17:07:49Z
X-UserSessionId: 82f5775d-7dff-43fa-9bf8-f3c3d911b99b
Date: Tue, 03 Aug 2021 16:30:21 GMT
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
X-CorrelationId: 82f5775d-7dff-43fa-9bf8-f3c3d911b99b
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK suiteux.shell.core.js Show response
c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/suiteux-shell/js/ Frame 4437 259 KB
71 KB 25ms
25ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/appChromeLazy.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

452d9dc3dfeeaf098e4c42f2563fbc94cf890ee2f4033195616a1df16a84e734

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"feadd6d6585d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: DB5PEPF000083DA
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 71343
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 17:07:49 GMT
X-OFFICEFD: DB5PEPF000082A5
X-MSEdge-Ref: Ref A: B3C30632A0864651B444895445D85A05 Ref B: LON21EDGE0613 Ref C: 2021-07-30T17:07:49Z
X-UserSessionId: f32eca8a-f3ae-4a5d-97c0-6a0adcfb8480
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: f32eca8a-f3ae-4a5d-97c0-6a0adcfb8480
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 4437 35 KB
36 KB 45ms
45ms Font
application/font-woff2 2.17.180.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.180.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-180-171.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 03 Aug 2021 16:30:21 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 698d2ff2-501e-004c-33f6-c4dacd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=9795438
x-ms-version: 2009-09-19
content-length: 36344

GET
H/1.1 200
OK suiteux.shell.consappdata.js Show response
c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/suiteux-shell/js/ Frame 4437 7 KB
3 KB 25ms
24ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/appChromeLazy.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d82e1db19fd86cbfd17b1c731c23d08d5565992f1746bda7964b9628736f1867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"f156c8b16685d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: DB5PEPF0000841F
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1944
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 17:16:54 GMT
X-OFFICEFD: DB5PEPF000082E6
X-MSEdge-Ref: Ref A: 37F9B68D9EB04F509ED703453AFC8793 Ref B: LON21EDGE1108 Ref C: 2021-07-30T17:16:54Z
X-UserSessionId: d4d85d90-0de1-4902-b040-fab5473170de
Date: Tue, 03 Aug 2021 16:30:21 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d4d85d90-0de1-4902-b040-fab5473170de
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 me Show response
amcdn.msftauth.net/ Frame 4437 27 KB
9 KB 60ms
18ms Script
application/javascript 2620:1ec:27::cafe:1368
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://amcdn.msftauth.net/me?partner=WordOnline&version=10.21153.1&market=EN-US&wrapperId=suiteshell

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:27::cafe:1368 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d9bfc453dcfcee49384faf75e7f6e80b9d7a44c6f6513aeeffe32d9c5efbded7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0fkkJYQAAAACA07nDXvIWT6XNIFRmPAM7TE9OMjFFREdFMDIxMQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
date: Tue, 03 Aug 2021 16:30:21 GMT
x-azure-ref: 0Hm8JYQAAAABZqNWbOYEoQLhlPzirxx20VklFRURHRTA4MTcAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43200
x-ua-compatible: IE=edge
expires: Tue, 03 Aug 2021 21:03:40 GMT

GET
H/1.1 200
OK suiteux.shell.plus.js Show response
c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/suiteux-shell/js/ Frame 4437 274 KB
60 KB 25ms
25ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/appChromeLazy.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f35da08a94c2b28db8bcd645a04cb82fa60fa9f0cafe2f10c5f0a68b8f35818b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"e42a2e6d6585d71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: DB5PEPF000064AB
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 60364
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 17:07:50 GMT
X-OFFICEFD: DB5PEPF000082D4
X-MSEdge-Ref: Ref A: 6D48891701C54DC28309573B401B9CCF Ref B: LON21EDGE1217 Ref C: 2021-07-30T17:07:50Z
X-UserSessionId: 192e8f21-e02d-48ce-99c1-8caa67afe24e
Date: Tue, 03 Aug 2021 16:30:22 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 192e8f21-e02d-48ce-99c1-8caa67afe24e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1

200
OK

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1628008222169
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1628008222&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252f...

0
0

204ms
124ms

Image
text/html

20.190.160.69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1628008222&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.190.160.69 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: AM3PPF55D2178D6
x-qosstats: {"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-asmversion: UNKNOWN; 19.725.719.2003
date: Tue, 03 Aug 2021 16:30:22 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1628008222&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
x-throwsite: 4212.9205
x-clienterrorcode: PassportAuthFail
ms-cv: neYu0ldbg0SrjHjlpXVUHA.0
content-length: 0
x-errorcodechain: Unauthenticated

GET
H/1.1 200
OK otelFull.min.js Show response
c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/ Frame 4437 107 KB
29 KB 25ms
25ms Script
application/javascript 2a02:26f0:e8:484::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/otelFull.min.js

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/h24192D814A848677_App_Scripts/WordViewerDS.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e8:484::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a18f56858f8c28fc75b0b6936c81d63be71013b3cc6f0362aa3aa1fbd2b01df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://word-view.officeapps.live.com
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"aa3a5516c85d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14321.41022
X-OfficeFE: AM4PEPF00006A10
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 28176
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 30 Jul 2021 17:54:55 GMT
X-OFFICEFD: AM4PEPF0000601C
X-MSEdge-Ref: Ref A: 7C593908C6814C48A9AD495465E1C130 Ref B: LON21EDGE1320 Ref C: 2021-07-30T17:54:55Z
X-UserSessionId: 8bc10821-ee90-4270-980d-4a45ca48590d
Date: Tue, 03 Aug 2021 16:30:22 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 8bc10821-ee90-4270-980d-4a45ca48590d
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 4437 4 B
333 B 175ms
40ms XHR
application/json 52.114.76.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.76.34 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 16:30:22 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 translation.ashx Show response
word-view.officeapps.live.com/wv/ Frame 4437 1 KB
1 KB 23ms
23ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fmsedit%2Evkuserdocs%2Enet%2Fwopi%2Dview%2Ffiles%2F7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG&access_token=mkQBNiTvmWyKNhhoy3MY4KPi3jUVwn5aK6QmX5fvKvArq5rVz9n4cdU&access_token_ttl=1628010010000&z=UHoA23fAcZJpBYRInAjvSXg3EVZP9w%2BSFtKLAGb1fjI%3D&uilang=en-US

Requested by

Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/hAA0D73C592F0566F_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

94546d903436760759d09836a513876a3a7cf969442159c2db2aad83d7db7e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF0000D41F
X-UserSessionId: ade649a1-7c1a-4d58-a3c2-1736d253deb7
X-OfficeVersion: 16.0.14328.41001
X-Key: t2K6QsFsHR5XB6FNcajvWc13ftdVLGuKNysYxA6aDjA=,637636050207450958
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?WOPISrc=https://msedit.vkuserdocs.net/wopi-view/files/7NfqUCLgsZwMivghomcLqMgEDiqSJ7fiXMj37j1ziWUG
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: GEU2C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: GEU2C
x-officeversion: 16.0.14328.41001
x-officefe: AM4PEPF0000D41F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-officefdproxy: AM4PEPF000068BF
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1188
pragma: no-cache
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_onenoteslice,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 97f06c97-b67c-42b1-85f0-0cd4c56b4086
x-officefd: AM4PEPF000068BF
x-usersessionid: ade649a1-7c1a-4d58-a3c2-1736d253deb7
x-powered-by: ARR/3.0
date: Tue, 03 Aug 2021 16:30:21 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
x-officefd-wac-fwd: https://GEU2Cdso-word-view.officeapps.live.com/wv/translation.ashx
cache-control: no-cache, no-store
x-msedge-ref: Ref A: AD3C85E4E04C413EBBD2BDB2DCAB6B8D Ref B: AM3EDGE1021 Ref C: 2021-08-03T16:30:22Z
timing-allow-origin: *
expires: -1

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 4437 0
397 B 688ms
533ms XHR
application/json 52.114.75.149
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.6&x-apikey=c6c190a1b73c4a63bba89835d546cf28-f2a0482f-a00d-48d9-822e-e89cc89eb64d-7688&client-time-epoch-millis=1628008224168&time-delta-to-apply-millis=use-collector-delta
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.75.149 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 16:30:24 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 673
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 4437 24 B
380 B 163ms
40ms XHR
application/json 52.114.76.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.4.6&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1628008224223&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1-word-view-15.cdn.office.net
URL: https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.76.34 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 4a43245106e0874b95dc5edec8fc630a06f82bf5ce87f245b1b9cd286313ca59

Request headers

Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 03 Aug 2021 16:30:23 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 129
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

371 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: f9cd6cfed57483a1fe1c981e0c956c7ea50144ba1feedbd8a4bc02b0feb667c4
.word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: GEU2C-ARRAffinity Value: 769e28ec8ded2268d97867daa6c55b009fc4a8368aae50e286d884f775e777e4
word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
word-view.officeapps.live.com/	1970-01-19 22:25:57	Name: DcLcid Value: ui=1033&data=1033
.vk.com/	1970-01-19 20:13:29	Name: remixsts Value: %7B%22data%22%3A%5B%5B1628008220%2C%22counters_check%22%2C1%5D%5D%2C%22uniqueId%22%3A994994810%7D
.vk.com/	1970-01-20 05:04:04	Name: remixstid Value: 190216577_1zCupRZxvWHEboRvu3Xbfx124KLnZLhFZ4iti3hVpRz
.vk.com/	1970-01-20 04:51:06	Name: remixlang Value: 3

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://c1-word-view-15.cdn.office.net/wv/s/161432841001_App_Scripts/common.min.js(Line 16) Message: Some icons were re-registered. Applications should only call registerIcons for any given icon once. Redefining what an icon is may have unintended consequences. Duplicates include: ChangeCase_20, UpgradeProductGlyphColorless_16, PeopleSharedIcon_16, Drawing_20, ReuseSlide_20, InsertFromHost_20, InsertPicture_20, SourceIcon_Bing_20, ImageSearch_20, FPHtmlToggleBookmark_20 (+ 14 more)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amcdn.msftauth.net
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c1-word-view-15.cdn.office.net
clck.ru
img1.imgsmail.ru
login.live.com
ms.vkuserdocs.net
sba.yandex.net
st.vk.com
static2.sharepointonline.com
storage.live.com
vk.com
word-view.officeapps.live.com
www.tns-counter.ru
xray.mail.ru
185.5.137.180
2.17.180.171
20.190.160.69
2001:6d0:4001::226
217.69.139.102
2620:1ec:27::cafe:1368
2620:1ec:a92::171
2a02:26f0:e8:484::4b36
2a02:6b8::221
2a02:6b8::232
40.90.142.224
52.114.75.149
52.114.76.34
93.186.225.208
95.213.31.169
05174048ebda07e864c7acb91e2a6531936ffbc025e02ffc731bc258a419b274
06fe78141d1f3a435441a17ec8f9f46af7000af35aa0133c699c537d663607d0
078bd2419fc53061c298020cfea6de96b055dd57030d8e2c8b71e63fedaa9938
07995b1f4cc5fc44acb070d1992662d2efc9537c120317ecfacfa2255b644349
116ba1b8722c8b2c8a4c44e9b70eea28574cca08435b0b800209d91c676183eb
1ff94b825645220a8b090be8ce0dbaa03a50a128d02243c659892310d034a0be
2290d86ccea6989a60b9dec9a51e4d9776ec61ccb79e4b27a5ff9d1eb028fb14
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
24192d814a8486770b6203005c3fc2036f5dab2d7ac7adabd7a6b561fb30f51a
29b581ddf5c2f0a40912df826b883fb775a1ecd134be56b7fc23be129dc7a187
2b86791b4bc5469817735d814f73f5b52cdc6078c60befd4c6cbe27c68b40027
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7
395cc2c36f424450d8fd0e8e058c211fe0152ea6dd1964181b2800f9680aab0a
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
452d9dc3dfeeaf098e4c42f2563fbc94cf890ee2f4033195616a1df16a84e734
47020f316f6c4927dcbf647f6e5430284ac3b15965cee4544a15ef935692973d
49afd3fb5e69b631b949d25dfaf224c6532309563ca55d3aa9f59e4ee821dcd2
4a43245106e0874b95dc5edec8fc630a06f82bf5ce87f245b1b9cd286313ca59
4b56d1ba7a967b54cf08dc83fae2346a245e8202532138a86ccd716b61e38b9e
4bd89c3c000cac90684d0df15cefbe1006170c82c8cfa7e71cfba25320bcaac2
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
5bbcdd1950c8ea5dcc245f8db9c7da4c6b323ff5d790140ce198d2ae63da225d
5bf6bb81c28fcf4163c713d1937a89cf74595b723603ea6a5ab3b36b9ac46314
5d353de695c97243cbde207ebff8d638d27fa70536530cb100fb6632afdc966c
6cdc9757cf1ad2a06f9333e6dfac7dac2463090c9e069fa66c1aeb83070708ae
72ce7b1f643f14a128d4a8ad2dcf35144615cec0bd3a73ba02c877a56161a477
761c95dd192a81733d024d9f644d9b531c358f0f0ea83e9fd6211b6bd424873d
7df7208684486b41599fd59cb6f0714a760dfb866c5606edb0ac8ae6338fceb8
89edb66d2a189ef4ba42857076ec94080a7e07196bd730bd152d20511f62925c
92e5a50f4dc07cab94ea3dc523d3a4ea9911537739e3ca84b3115510ade9301d
93d65c41e6b00f23267274c903794b1ba60e179027ccedff5802b6d79f72d324
94546d903436760759d09836a513876a3a7cf969442159c2db2aad83d7db7e3c
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
a18f56858f8c28fc75b0b6936c81d63be71013b3cc6f0362aa3aa1fbd2b01df1
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a4147aabb11497344ee69d364305fd6aa6134f94e0858cdd51c8ec2a81b8f8a1
a93426ee67ff3671a86acc9002fae39dd362f5e7b4e2cd252095c28f2dda5071
aa0d73c592f0566f1bd1d582001452e2414986d42526bc06689303e6599a4e8e
aa84111cd4aebd78638596ccf0ac0961602b061d8869515aa25427f5fe0021f3
ad0bdf47f254afa53079e6ed91da8cc2ab41885258aa002f2b2cbf80e7dbb4e5
b3f65569e418b836e84c9a653227aad7617f84453820b34b84bf072322f0fded
c361ab5ec0b36ca0d21c4b55bd2638d3ed747867c0ae104f4c615183478cf276
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e
cd7d34a8cb104494579c3d6af239908fcb0e66ba73387476c889df9900f6a046
cf394c5b419639e1ba6d31509887addf54526117869c7ed912fc054c4effcc5b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d82e1db19fd86cbfd17b1c731c23d08d5565992f1746bda7964b9628736f1867
d9bfc453dcfcee49384faf75e7f6e80b9d7a44c6f6513aeeffe32d9c5efbded7
de8cf3c100e4dce0dbf02bb23b20abbf9f5fce9a3ead13d805fbaff296715dac
e0bc82a9b3273c1cebb9e6886bd57fbaac87a872580704c3510ccc7701a8aa56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f35da08a94c2b28db8bcd645a04cb82fa60fa9f0cafe2f10c5f0a68b8f35818b
f9abbefa16a5b210042dee6fa01c638e09a012e4eda22f879a391404a6a26777

vk.com Open in urlscan Pro 93.186.225.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

68 Requests

99 %HTTPS

40 %IPv6

12 Domains

16 Subdomains

13 IPs

6 Countries

3455 kBTransfer

13167 kBSize

7 Cookies

1 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vk.com Open in urlscan Pro
93.186.225.208 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

99 %
HTTPS

40 %
IPv6

12
Domains

16
Subdomains

13
IPs

6
Countries

3455 kB
Transfer

13167 kB
Size

7
Cookies

68 HTTP transactions
2 data transactions