us.docworkspace.com Open in urlscan Pro
44.241.194.230  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request sAGEcUfeEgOxPm5enkqmnFA&umid=c10757cf-d52b-464b-bc92-f95c47eaa8ad&auth=2e1b1c721d44101085fca6affa5063d710a155bd-8a8215b1f8df5cffd7e4b35e1a15c71cbba71a2d Show response us.docworkspace.com/d/	10 KB 4 KB	1101ms 224ms	Document text/html	44.241.194.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://us.docworkspace.com/d/sAGEcUfeEgOxPm5enkqmnFA&umid=c10757cf-d52b-464b-bc92-f95c47eaa8ad&auth=2e1b1c721d44101085fca6affa5063d710a155bd-8a8215b1f8df5cffd7e4b35e1a15c71cbba71a2d Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.194.230 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-194-230.us-west-2.compute.amazonaws.com Software / Resource Hash e76c1a319f429285dff4811bfa337429b332ce07db2bd18f95ebe355f8ddd629 Request headers :method GET :authority us.docworkspace.com :scheme https :path /d/sAGEcUfeEgOxPm5enkqmnFA&umid=c10757cf-d52b-464b-bc92-f95c47eaa8ad&auth=2e1b1c721d44101085fca6affa5063d710a155bd-8a8215b1f8df5cffd7e4b35e1a15c71cbba71a2d pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 25 Jul 2021 21:23:18 GMT content-type text/html; charset=utf-8 vary Accept-Encoding cache-control no-store, no-cache, must-revalidate pragma no-cache expires 0 content-encoding gzip
GET H2	200	6ff5148470dadbe4af94.js Show response cloud.cache.wpscdn.com/ovs/share/js/	247 KB 74 KB	53ms 11ms	Script application/javascript	2600:9000:2156:3a00:12:96ab:6dc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cloud.cache.wpscdn.com/ovs/share/js/6ff5148470dadbe4af94.js Requested by Host: us.docworkspace.com URL: https://us.docworkspace.com/d/sAGEcUfeEgOxPm5enkqmnFA&umid=c10757cf-d52b-464b-bc92-f95c47eaa8ad&auth=2e1b1c721d44101085fca6affa5063d710a155bd-8a8215b1f8df5cffd7e4b35e1a15c71cbba71a2d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:3a00:12:96ab:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Tengine / Resource Hash 45ffb5a375ddd15327d85eb200715943e9c814611db414c37c43811764ef99b1 Request headers Referer https://us.docworkspace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-encoding gzip content-md5 7ewOrwPRp1ECGzbGdbKGcA== age 819388 x-swift-cachetime 86397 content-disposition inline; filename="6ff5148470dadbe4af94.js"; filename*=utf-8''6ff5148470dadbe4af94.js x-swift-savetime Fri, 16 Jul 2021 09:46:50 GMT x-m-reqid YiUAANI42tlhPJIW x-m-log QNM:lac62;SRCPROXY:lac67;SRC:889;SRCPROXY:889;QNM3:1084 etag "Fn_uVqe0R5Yw4BW66mnrlAFf-yZq.gz" vary Accept-Encoding content-type application/javascript access-control-allow-origin * access-control-expose-headers X-Log, X-Reqid cache-control public, max-age=31536000 x-qnm-cache Miss eagleid 2ff62b9e16264288104276736e x-reqid GUcAAADkuvphPJIW x-log X-Log date Fri, 16 Jul 2021 09:46:47 GMT via cache54.l2ot7[0,0,200-0,H], cache9.l2ot7[1,0], cache2.de2[305,304,200-0,M], cache10.de2[307,0], 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-bill Tbl:cdn-cache;FileType:0 x-cache Hit from cloudfront content-transfer-encoding binary content-length 74888 last-modified Fri, 16 Jul 2021 09:20:53 GMT server Tengine access-control-max-age 2592000 ali-swift-global-savetime 1626428807 accept-ranges bytes timing-allow-origin * x-amz-cf-id AfWMrYrRgcNbF6j5Dp1FYFraEgJhCgDInjQhEiv1n1s6G0_81IMJrQ==
GET H2	200	6ff5148470dadbe4af94.css cloud.cache.wpscdn.com/ovs/share/css/	279 KB 126 KB	53ms 10ms	Stylesheet text/css	2600:9000:2156:3a00:12:96ab:6dc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cloud.cache.wpscdn.com/ovs/share/css/6ff5148470dadbe4af94.css Requested by Host: us.docworkspace.com URL: https://us.docworkspace.com/d/sAGEcUfeEgOxPm5enkqmnFA&umid=c10757cf-d52b-464b-bc92-f95c47eaa8ad&auth=2e1b1c721d44101085fca6affa5063d710a155bd-8a8215b1f8df5cffd7e4b35e1a15c71cbba71a2d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:3a00:12:96ab:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Tengine / Resource Hash 83451a7c7487008602891f458aaec585a06c232de036a85eaad2293b030c527f Request headers Referer https://us.docworkspace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-encoding gzip content-md5 ZCxkrdMoh0D3g2k2RiYfvw== age 819389 x-swift-cachetime 86398 content-disposition inline; filename="6ff5148470dadbe4af94.css"; filename*=utf-8''6ff5148470dadbe4af94.css x-swift-savetime Fri, 16 Jul 2021 09:46:49 GMT x-m-reqid YiUAAMO1Gd1hPJIW x-m-log QNM:lac62;SRCPROXY:lac65;SRC:636;SRCPROXY:636;QNM3:793 etag "FqWsUMWLJudW8W7n4uXUgWIuEcgn.gz" vary Accept-Encoding content-type text/css access-control-allow-origin * access-control-expose-headers X-Log, X-Reqid cache-control public, max-age=31536000 x-qnm-cache Miss eagleid 2ff62b9a16264288092613792e x-reqid j6kAAAArIv1hPJIW x-log X-Log date Fri, 16 Jul 2021 09:46:47 GMT via cache10.l2ot7[0,0,200-0,H], cache34.l2ot7[0,0], cache3.de2[300,300,200-0,M], cache6.de2[302,0], 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-bill Tbl:cdn-cache;FileType:0 x-cache Hit from cloudfront content-transfer-encoding binary content-length 127639 last-modified Fri, 16 Jul 2021 09:20:54 GMT server Tengine access-control-max-age 2592000 ali-swift-global-savetime 1626428807 accept-ranges bytes timing-allow-origin * x-amz-cf-id G-jB_c4_2PpQ2UrKsb2BZXd6TyUK8eNQUlW8u4w7COGxcGP9JkiiuA==
GET H2	200	firebase-app.js Show response www.gstatic.com/firebasejs/8.1.1/	20 KB 7 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.1.1/firebase-app.js Requested by Host: us.docworkspace.com URL: https://us.docworkspace.com/d/sAGEcUfeEgOxPm5enkqmnFA&umid=c10757cf-d52b-464b-bc92-f95c47eaa8ad&auth=2e1b1c721d44101085fca6affa5063d710a155bd-8a8215b1f8df5cffd7e4b35e1a15c71cbba71a2d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 75e44068da4d508132edf26d1ff802128910a826b8fe6460146a0af0ce64d18c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://us.docworkspace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 22 Jul 2021 06:50:25 GMT content-encoding gzip x-content-type-options nosniff age 311573 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6546 x-xss-protection 0 last-modified Fri, 20 Nov 2020 01:53:23 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 22 Jul 2022 06:50:25 GMT
GET H2	200	firebase-analytics.js Show response www.gstatic.com/firebasejs/8.1.1/	35 KB 11 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.1.1/firebase-analytics.js Requested by Host: us.docworkspace.com URL: https://us.docworkspace.com/d/sAGEcUfeEgOxPm5enkqmnFA&umid=c10757cf-d52b-464b-bc92-f95c47eaa8ad&auth=2e1b1c721d44101085fca6affa5063d710a155bd-8a8215b1f8df5cffd7e4b35e1a15c71cbba71a2d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2148022def76b9fb894dda29d0fe31651e0492d59a87b3de6fad4ec69ae0a9be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://us.docworkspace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 19 Jul 2021 19:51:08 GMT content-encoding gzip x-content-type-options nosniff age 523930 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10765 x-xss-protection 0 last-modified Fri, 20 Nov 2020 01:53:23 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 19 Jul 2022 19:51:08 GMT
GET H2	200	11ad5220ed692e0a951c.js cloud.cache.wpscdn.com/ovs/share/js/	0 55 KB	51ms 11ms	Other application/javascript	2600:9000:2156:3a00:12:96ab:6dc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cloud.cache.wpscdn.com/ovs/share/js/11ad5220ed692e0a951c.js Requested by Host: us.docworkspace.com URL: https://us.docworkspace.com/d/sAGEcUfeEgOxPm5enkqmnFA&umid=c10757cf-d52b-464b-bc92-f95c47eaa8ad&auth=2e1b1c721d44101085fca6affa5063d710a155bd-8a8215b1f8df5cffd7e4b35e1a15c71cbba71a2d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:3a00:12:96ab:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Tengine / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://us.docworkspace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-encoding gzip content-md5 lVLhPHoHA9VGDuKIFZ7UJQ== age 819389 x-swift-cachetime 86398 content-disposition inline; filename="11ad5220ed692e0a951c.js"; filename*=utf-8''11ad5220ed692e0a951c.js x-swift-savetime Fri, 16 Jul 2021 09:46:49 GMT x-m-reqid hQECAEr7OdxhPJIW x-m-log QNM:lac61;SRCPROXY:lac67;SRC:665;SRCPROXY:665;QNM3:824 etag "FoSMkD9wkWTZWrLD-Zvv4r4rYBWm.gz" vary Accept-Encoding content-type application/javascript access-control-allow-origin * access-control-expose-headers X-Log, X-Reqid cache-control public, max-age=31536000 x-qnm-cache Miss eagleid 2ff62b9616264288092736931e x-reqid -IMAAAAXhP1hPJIW x-log X-Log date Fri, 16 Jul 2021 09:46:47 GMT via cache12.l2ot7[0,0,200-0,H], cache43.l2ot7[1,0], cache4.de2[164,164,200-0,M], cache2.de2[166,0], 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-bill Tbl:cdn-cache;FileType:0 x-cache Hit from cloudfront content-transfer-encoding binary content-length 55013 last-modified Fri, 16 Jul 2021 09:17:31 GMT server Tengine access-control-max-age 2592000 ali-swift-global-savetime 1626428807 accept-ranges bytes timing-allow-origin * x-amz-cf-id bducs5cIYwlbvUVWrFt-S015EbNI9mq_SpqWnuqOja2anhbwX9-37w==
GET H2	200	08e04eb5ea79ad213f5d.js cloud.cache.wpscdn.com/ovs/share/js/	0 29 KB	52ms 11ms	Other application/javascript	2600:9000:2156:3a00:12:96ab:6dc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cloud.cache.wpscdn.com/ovs/share/js/08e04eb5ea79ad213f5d.js Requested by Host: us.docworkspace.com URL: https://us.docworkspace.com/d/sAGEcUfeEgOxPm5enkqmnFA&umid=c10757cf-d52b-464b-bc92-f95c47eaa8ad&auth=2e1b1c721d44101085fca6affa5063d710a155bd-8a8215b1f8df5cffd7e4b35e1a15c71cbba71a2d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:3a00:12:96ab:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Tengine / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://us.docworkspace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-encoding gzip content-md5 ekFrsUZMIWXC/dFSEUVHYw== age 819388 x-swift-cachetime 86397 content-disposition inline; filename="08e04eb5ea79ad213f5d.js"; filename*=utf-8''08e04eb5ea79ad213f5d.js x-swift-savetime Fri, 16 Jul 2021 09:46:50 GMT x-m-reqid hQECAJzyEO9hPJIW x-m-log QNM:lac61;SRCPROXY:lac65;SRC:724;SRCPROXY:724;QNM3:907 etag "Fk5QGkHR-Vm2Rz7CQ6IsuUkwIKbg.gz" vary Accept-Encoding content-type application/javascript access-control-allow-origin * access-control-expose-headers X-Log, X-Reqid cache-control public, max-age=31536000 x-qnm-cache Miss eagleid 2ff62ba116264288100766047e x-reqid BXoAAAB1nBNiPJIW x-log X-Log date Fri, 16 Jul 2021 09:46:47 GMT via cache14.l2ot7[0,0,200-0,H], cache25.l2ot7[1,0], cache4.de2[759,758,200-0,M], cache13.de2[760,0], 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-bill Tbl:cdn-cache;FileType:0 x-cache Hit from cloudfront content-transfer-encoding binary content-length 28946 last-modified Fri, 16 Jul 2021 09:17:31 GMT server Tengine access-control-max-age 2592000 ali-swift-global-savetime 1626428807 accept-ranges bytes timing-allow-origin * x-amz-cf-id c3BdD-ECluzRK-Yrxn1mZ8Tg8Ju4_cZY0KZJB7eLvtrvhla56F_Vkw==
GET H2	200	58556b1277899f8083a6.js cloud.cache.wpscdn.com/ovs/share/js/	0 2 KB	56ms 15ms	Other application/javascript	2600:9000:2156:3a00:12:96ab:6dc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cloud.cache.wpscdn.com/ovs/share/js/58556b1277899f8083a6.js Requested by Host: us.docworkspace.com URL: https://us.docworkspace.com/d/sAGEcUfeEgOxPm5enkqmnFA&umid=c10757cf-d52b-464b-bc92-f95c47eaa8ad&auth=2e1b1c721d44101085fca6affa5063d710a155bd-8a8215b1f8df5cffd7e4b35e1a15c71cbba71a2d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:3a00:12:96ab:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Tengine / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://us.docworkspace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-encoding gzip content-md5 50ww5xSXevGLEzY61IJdIA== age 2732934 x-swift-cachetime 86400 content-disposition inline; filename="58556b1277899f8083a6.js"; filename*=utf-8''58556b1277899f8083a6.js x-swift-savetime Thu, 24 Jun 2021 06:14:24 GMT x-m-reqid XQkAAKr3yh4GcIsW x-m-log QNM:lac62;SRCPROXY:lac65;SRC:160/304;SRCPROXY:160/304;QNM3:161/304 etag "FtNqdryt6Uk6N8dPYnMEW43qW7YS.gz" vary Accept-Encoding content-type application/javascript access-control-allow-origin * access-control-expose-headers X-Log, X-Reqid cache-control public, max-age=31536000 x-qnm-cache Validate,Hit eagleid 2ff62b9516245152646987056e x-reqid XQkAACx7yx4GcIsW x-log X-Log date Thu, 24 Jun 2021 06:14:22 GMT via cache16.l2ot7[0,0,200-0,H], cache46.l2ot7[0,0], cache13.de2[156,155,200-0,M], cache1.de2[158,0], 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-bill Tbl:cdn-cache;FileType:0 x-cache Hit from cloudfront content-transfer-encoding binary content-length 632 last-modified Wed, 09 Jun 2021 06:31:06 GMT server Tengine access-control-max-age 2592000 ali-swift-global-savetime 1624515262 accept-ranges bytes timing-allow-origin * x-amz-cf-id LFjRshZaB93_CxBit9FcLKtXmGHPAWAQOw3TwbDdGJlJArIsdR39Xw==
GET H2	200	fe7d745c6407f2895654.js cloud.cache.wpscdn.com/ovs/share/js/	0 2 KB	69ms 29ms	Other application/javascript	2600:9000:2156:3a00:12:96ab:6dc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cloud.cache.wpscdn.com/ovs/share/js/fe7d745c6407f2895654.js Requested by Host: us.docworkspace.com URL: https://us.docworkspace.com/d/sAGEcUfeEgOxPm5enkqmnFA&umid=c10757cf-d52b-464b-bc92-f95c47eaa8ad&auth=2e1b1c721d44101085fca6affa5063d710a155bd-8a8215b1f8df5cffd7e4b35e1a15c71cbba71a2d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:3a00:12:96ab:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Tengine / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://us.docworkspace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-encoding gzip content-md5 gQa2XK2IjgMHh5/FyfwxaA== age 2732933 x-swift-cachetime 86400 content-disposition inline; filename="fe7d745c6407f2895654.js"; filename*=utf-8''fe7d745c6407f2895654.js x-swift-savetime Thu, 24 Jun 2021 06:14:25 GMT x-m-reqid 67IAAIZX3fgFcIsW x-m-log QNM:lac61;SRCPROXY:lac65;SRC:165/304;SRCPROXY:165/304;QNM3:176/304 etag "FrisPhjdNzAzRWHkQTxBaxwa_mib.gz" vary Accept-Encoding content-type application/javascript access-control-allow-origin * access-control-expose-headers X-Log, X-Reqid cache-control public, max-age=31536000 x-qnm-cache Validate,Hit eagleid 2ff62b9c16245152652032196e x-reqid 67IAAFV-3fgFcIsW x-log X-Log date Thu, 24 Jun 2021 06:14:21 GMT via cache37.l2ot7[0,0,200-0,H], cache2.l2ot7[0,0], cache5.de2[650,649,200-0,M], cache8.de2[659,0], 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-bill Tbl:cdn-cache;FileType:0 x-cache Hit from cloudfront content-transfer-encoding binary content-length 1436 last-modified Wed, 09 Jun 2021 06:31:06 GMT server Tengine access-control-max-age 2592000 ali-swift-global-savetime 1624515261 accept-ranges bytes timing-allow-origin * x-amz-cf-id j9UEV-Yre3kMH__peltsd7iam4Ty1BrTeyonw4X6EPaQRFGDxbiQMA==
GET H2	200	11ad5220ed692e0a951c.js Show response cloud.cache.wpscdn.com/ovs/share/js/	169 KB 55 KB	9ms 8ms	Script application/javascript	2600:9000:2156:3a00:12:96ab:6dc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cloud.cache.wpscdn.com/ovs/share/js/11ad5220ed692e0a951c.js Requested by Host: cloud.cache.wpscdn.com URL: https://cloud.cache.wpscdn.com/ovs/share/js/6ff5148470dadbe4af94.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:3a00:12:96ab:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Tengine / Resource Hash 11d44fb308ed34f760f91230c4c63c5f80973a2deb419f89d64cadb1df88ffa8 Request headers Referer https://us.docworkspace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-encoding gzip content-md5 lVLhPHoHA9VGDuKIFZ7UJQ== age 819389 x-swift-cachetime 86398 content-disposition inline; filename="11ad5220ed692e0a951c.js"; filename*=utf-8''11ad5220ed692e0a951c.js x-swift-savetime Fri, 16 Jul 2021 09:46:49 GMT x-m-reqid hQECAEr7OdxhPJIW x-m-log QNM:lac61;SRCPROXY:lac67;SRC:665;SRCPROXY:665;QNM3:824 etag "FoSMkD9wkWTZWrLD-Zvv4r4rYBWm.gz" vary Accept-Encoding content-type application/javascript access-control-allow-origin * access-control-expose-headers X-Log, X-Reqid cache-control public, max-age=31536000 x-qnm-cache Miss eagleid 2ff62b9616264288092736931e x-reqid -IMAAAAXhP1hPJIW x-log X-Log date Fri, 16 Jul 2021 09:46:47 GMT via cache12.l2ot7[0,0,200-0,H], cache43.l2ot7[1,0], cache4.de2[164,164,200-0,M], cache2.de2[166,0], 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-bill Tbl:cdn-cache;FileType:0 x-cache Hit from cloudfront content-transfer-encoding binary content-length 55013 last-modified Fri, 16 Jul 2021 09:17:31 GMT server Tengine access-control-max-age 2592000 ali-swift-global-savetime 1626428807 accept-ranges bytes timing-allow-origin * x-amz-cf-id 9UDk6kzNvbJId8OY_okAqMHrgevx5ciGNJMuvuTiW5CzbrBqO-Fieg==
OPTIONS H/1.1	200 OK	check account.wps.com/p/auth/	0 0	1800ms 1719ms	Preflight application/json	90.84.244.155 OCBHONEY OCB publ...
General Check archive.org Show headers Download Go to Full URL https://account.wps.com/p/auth/check Protocol HTTP/1.1 Server 90.84.244.155 Reyrieux, France, ASN2280 (OCBHONEY OCB public cloud network, FR), Reverse DNS ecs-90-84-244-155.compute.prod-cloud-ocb.orange-business.com Software elb / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://us.docworkspace.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Date Sun, 25 Jul 2021 21:23:19 GMT Content-Type application/json;charset=utf-8 Content-Length 15 Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Headers Accept,Content-Type,X-CSRFToken,X-Requested-With Access-Control-Allow-Methods GET, PUT, POST, DELETE, OPTIONS Access-Control-Allow-Origin https://us.docworkspace.com Access-Control-Expose-Headers Accept,Content-Type,X-CSRFToken,X-Requested-With X-Host wpscloud-account-797ddfb5c-24f9g X-Ver || X-KLB 2 Server elb
GET H2	200	onlineParamByFunc Show response api-web-param-us.wps.com/	866 B 1 KB	808ms 410ms	XHR application/json	52.88.101.83 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-web-param-us.wps.com/onlineParamByFunc?funcName=webshare Requested by Host: cloud.cache.wpscdn.com URL: https://cloud.cache.wpscdn.com/ovs/share/js/6ff5148470dadbe4af94.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.101.83 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-101-83.us-west-2.compute.amazonaws.com Software openresty/1.15.8.2 / Resource Hash c7d33c454b8674d7550ed8ed1376d68ad4190b48516233340e33005c3e72ae1e Request headers Accept application/json, text/plain, */* Referer https://us.docworkspace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 25 Jul 2021 21:23:19 GMT server openresty/1.15.8.2 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://us.docworkspace.com access-control-expose-headers Content-Length,Access-Control-Allow-Origin,Access-Control-Allow-Headers,Content-Type access-control-allow-credentials true content-length 866
POST H/1.1	403 Forbidden	check Show response account.wps.com/p/auth/	60 B 611 B	130ms 62ms	XHR application/json	90.84.244.155 OCBHONEY OCB publ...
General Check archive.org Show headers Download Go to Full URL https://account.wps.com/p/auth/check Requested by Host: cloud.cache.wpscdn.com URL: https://cloud.cache.wpscdn.com/ovs/share/js/6ff5148470dadbe4af94.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 90.84.244.155 Reyrieux, France, ASN2280 (OCBHONEY OCB public cloud network, FR), Reverse DNS ecs-90-84-244-155.compute.prod-cloud-ocb.orange-business.com Software elb / Resource Hash 8229f780be39e3995a84999be91eea14aa6d58abc37899b337980277eb1e73a7 Request headers Accept application/json, text/plain, */* Referer https://us.docworkspace.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Date Sun, 25 Jul 2021 21:23:20 GMT X-Ver || Server elb Access-Control-Allow-Methods GET, PUT, POST, DELETE, OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://us.docworkspace.com Access-Control-Expose-Headers Accept,Content-Type,X-CSRFToken,X-Requested-With Access-Control-Allow-Credentials true X-Host wpscloud-account-797ddfb5c-mq2xl Connection keep-alive Access-Control-Allow-Headers Accept,Content-Type,X-CSRFToken,X-Requested-With Content-Length 60 X-KLB 2
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e105ee38f75649a945e921cd6157aa31598dd41b81dbfb88fdf49f326206ab23 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	close.f95bf.png cloud.cache.wpscdn.com/ovs/share/imgs/	15 KB 16 KB	7ms 7ms	Image image/png	2600:9000:2156:3a00:12:96ab:6dc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cloud.cache.wpscdn.com/ovs/share/imgs/close.f95bf.png Requested by Host: cloud.cache.wpscdn.com URL: https://cloud.cache.wpscdn.com/ovs/share/css/6ff5148470dadbe4af94.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:3a00:12:96ab:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Tengine / Resource Hash a9b6f9aa457f9c7b2d5b80f2f8f6292c0f5c6bbee41da599d92c434d50aeda8d Request headers Referer https://cloud.cache.wpscdn.com/ovs/share/css/6ff5148470dadbe4af94.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-log X-Log date Wed, 23 Jun 2021 07:34:33 GMT via cache51.l2ot7[0,0,200-0,H], cache23.l2ot7[1,0], cache9.de2[789,788,200-0,M], cache1.de2[791,0], 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) content-md5 +VvxcRd3VSKR/gkJG9KX1Q== age 2732936 x-bill Tbl:cdn-cache;FileType:0 x-cache Hit from cloudfront content-transfer-encoding binary x-swift-cachetime 86400 content-disposition inline; filename="close.f95bf.png"; filename*=utf-8''close.f95bf.png x-swift-savetime Thu, 24 Jun 2021 06:14:24 GMT content-length 15469 x-m-reqid rnsAAHEcbbPRJYsW x-amz-cf-id OqwCg1uHLCy9mFSpSLb_IcUTToux4QZqeDCqfyuX7cmZkP65ZCxCPA== x-m-log QNM:lac60;SRCPROXY:lac67;SRC:593/304;SRCPROXY:593/304;QNM3:595/304 last-modified Wed, 08 Jul 2020 04:07:08 GMT server Tengine etag "FhGw72fwJz6sIRVptrU3qWvUJreH" access-control-max-age 2592000 ali-swift-global-savetime 1624433673 content-type image/png access-control-allow-origin * access-control-expose-headers X-Log, X-Reqid cache-control public, max-age=31536000 x-amz-cf-pop FRA50-C1 accept-ranges bytes timing-allow-origin * x-qnm-cache Validate,Hit eagleid 2ff62b9516245152636125007e x-reqid rnsAAM5EbbPRJYsW

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __INITIAL_STATE__ object| firebase function| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime function| _up

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.wps.com
api-web-param-us.wps.com
cloud.cache.wpscdn.com
us.docworkspace.com
www.gstatic.com
2600:9000:2156:3a00:12:96ab:6dc0:93a1
2a00:1450:4001:812::2003
44.241.194.230
52.88.101.83
90.84.244.155
11d44fb308ed34f760f91230c4c63c5f80973a2deb419f89d64cadb1df88ffa8
2148022def76b9fb894dda29d0fe31651e0492d59a87b3de6fad4ec69ae0a9be
45ffb5a375ddd15327d85eb200715943e9c814611db414c37c43811764ef99b1
75e44068da4d508132edf26d1ff802128910a826b8fe6460146a0af0ce64d18c
8229f780be39e3995a84999be91eea14aa6d58abc37899b337980277eb1e73a7
83451a7c7487008602891f458aaec585a06c232de036a85eaad2293b030c527f
a9b6f9aa457f9c7b2d5b80f2f8f6292c0f5c6bbee41da599d92c434d50aeda8d
c7d33c454b8674d7550ed8ed1376d68ad4190b48516233340e33005c3e72ae1e
e105ee38f75649a945e921cd6157aa31598dd41b81dbfb88fdf49f326206ab23
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76c1a319f429285dff4811bfa337429b332ce07db2bd18f95ebe355f8ddd629