goristar.ucoz.ua Open in urlscan Pro
193.109.246.19 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://goristar.ucoz.ua/
Submission: On June 20 via api (June 20th 2022, 3:24:12 pm UTC) from GB — Scanned from GB

Summary HTTP 341 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 31 domains to perform 341 HTTP transactions. The main IP is 193.109.246.19, located in Moscow, Russian Federation and belongs to COMPUBYTE-AS, CY. The main domain is goristar.ucoz.ua.

This is the only time goristar.ucoz.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	193.109.246.19 193.109.246.19	204343 (COMPUBYTE-AS) (COMPUBYTE-AS)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	13.107.42.12 13.107.42.12	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.12 13.107.43.12	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	93.95.100.117 93.95.100.117	48347 (MTW-AS) (MTW-AS)
1 2	193.109.247.35 193.109.247.35	204343 (COMPUBYTE-AS) (COMPUBYTE-AS)
4 6	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
9	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
5	13.107.43.13 13.107.43.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 3	31.220.27.135 31.220.27.135	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1 2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2016	15169 (GOOGLE) (GOOGLE)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	146.0.227.107 146.0.227.107	20773 (GODADDY) (GODADDY)
1	212.32.253.229 212.32.253.229	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 3	185.12.125.25 185.12.125.25	50214 (QWARTA) (QWARTA)
1 1	157.90.179.218 157.90.179.218	24940 (HETZNER-AS) (HETZNER-AS)
1 2	185.15.175.130 185.15.175.130	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	45.133.44.37 45.133.44.37	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	185.98.54.153 185.98.54.153	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
35	2.21.20.153 2.21.20.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
72	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
90	2a02:26f0:350... 2a02:26f0:3500:782::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	104.92.80.28 104.92.80.28	16625 (AKAMAI-AS) (AKAMAI-AS)
10	52.109.8.50 52.109.8.50	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
15	52.182.143.211 52.182.143.211	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 9	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
341	34

45 193.109.246.19 (Moscow, Russian Federation)

ASN204343 (COMPUBYTE-AS, CY)
PTR: dev.ucoz.net

goristar.ucoz.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s27.ucoz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.42.12 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: 1drv.ms

hfybpw.bn.files.1drv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hfa2gw.bn.files.1drv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hfyi7g.bn.files.1drv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.12 (Des Moines, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

hfa9yg.bn.files.1drv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.100.117 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

news.2xclick.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.109.247.35 (Moscow, Russian Federation) 1 redirects

ASN204343 (COMPUBYTE-AS, CY)
PTR: dev.ucoz.net

uguide.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 88.212.201.204 (Russian Federation) 4 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.107.43.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

hdbcode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.220.27.135 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.107 (Ascension Island) 1 redirects

ASN20773 (GODADDY, DE)

ads.go2net.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.253.229 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.adtarget.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.12.125.25 (Russian Federation) 3 redirects

ASN50214 (QWARTA, RU)

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.179.218 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1407628.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.130 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.37 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.cdnkimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.98.54.153 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.viixty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2.21.20.153 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-153.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

90 2a02:26f0:3500:782::1c24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1h-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.92.80.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-80-28.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.109.8.50 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

messaging.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.182.143.211 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 20.234.93.27 (Dublin, Ireland) 4 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
90	office.net c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 6071	6 MB
86	live.com onedrive.live.com — Cisco Umbrella Rank: 2375 Failed word-view.officeapps.live.com — Cisco Umbrella Rank: 8962 c.live.com — Cisco Umbrella Rank: 9087	4 MB
44	ucoz.ua goristar.ucoz.ua	13 MB
35	akamaihd.net spoprod-a.akamaihd.net — Cisco Umbrella Rank: 6775	1 MB
15	microsoft.com browser.events.data.microsoft.com — Cisco Umbrella Rank: 263 browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 141	6 KB
10	office.com messaging.office.com — Cisco Umbrella Rank: 3525	3 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 100	749 KB
7	hdbcode.com hdbcode.com — Cisco Umbrella Rank: 519377	54 KB
6	yadro.ru 4 redirects counter.yadro.ru — Cisco Umbrella Rank: 8319	3 KB
5	live.net js.live.net — Cisco Umbrella Rank: 10914	81 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10186	3 KB
5	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 324 fonts.googleapis.com — Cisco Umbrella Rank: 67	31 KB
5	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 3989 uuidksinc.net — Cisco Umbrella Rank: 3986 d.uuidksinc.net	2 KB
4	bing.com 4 redirects c.bing.com — Cisco Umbrella Rank: 229	4 KB
4	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3187 an.yandex.ru — Cisco Umbrella Rank: 2449	71 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	171 KB
4	1drv.com hfybpw.bn.files.1drv.com hfa2gw.bn.files.1drv.com hfa9yg.bn.files.1drv.com hfyi7g.bn.files.1drv.com	1020 KB
3	acint.net 3 redirects www.acint.net — Cisco Umbrella Rank: 35381 acint.net — Cisco Umbrella Rank: 26971	1 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 static.doubleclick.net — Cisco Umbrella Rank: 411	1 KB
2	cdnkimg.com i.cdnkimg.com — Cisco Umbrella Rank: 10703	54 KB
2	digitaltarget.ru 1 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 22525	1 KB
2	uguide.ru 1 redirects uguide.ru	232 B
2	google.com www.google.com — Cisco Umbrella Rank: 9	15 KB
1	viixty.com s.viixty.com — Cisco Umbrella Rank: 484369	142 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 33608	646 B
1	adtarget.me z.cdn.adtarget.me — Cisco Umbrella Rank: 35661	245 B
1	go2net.com.ua 1 redirects ads.go2net.com.ua — Cisco Umbrella Rank: 275818	480 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 122	23 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 236	3 KB
1	2xclick.ru news.2xclick.ru — Cisco Umbrella Rank: 140312	27 KB
1	ucoz.net s27.ucoz.net	205 B
341	31

	Domain	Requested by
90	c1h-word-view-15.cdn.office.net	word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
72	word-view.officeapps.live.com	onedrive.live.com word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
44	goristar.ucoz.ua	goristar.ucoz.ua
35	spoprod-a.akamaihd.net	onedrive.live.com
10	browser.events.data.microsoft.com	c1h-word-view-15.cdn.office.net
10	messaging.office.com	c1h-word-view-15.cdn.office.net
9	c.live.com	4 redirects goristar.ucoz.ua
9	www.youtube.com	goristar.ucoz.ua www.youtube.com
7	hdbcode.com	goristar.ucoz.ua hdbcode.com
6	counter.yadro.ru	4 redirects goristar.ucoz.ua
5	browser.pipe.aria.microsoft.com	c1h-word-view-15.cdn.office.net
5	js.live.net	c1h-word-view-15.cdn.office.net
5	mc.yandex.com	2 redirects goristar.ucoz.ua
5	onedrive.live.com	goristar.ucoz.ua
4	c.bing.com	4 redirects
4	jnn-pa.googleapis.com	www.youtube.com
2	i.cdnkimg.com	goristar.ucoz.ua
2	dmg.digitaltarget.ru	1 redirects uuidksinc.net
2	www.acint.net	2 redirects
2	an.yandex.ru	1 redirects uuidksinc.net
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	mc.yandex.ru	1 redirects hdbcode.com
2	uuidksinc.net	hdbcode.com uuidksinc.net
2	fonts.gstatic.com	www.youtube.com
2	s.uuidksinc.net	1 redirects uuidksinc.net
2	www.gstatic.com	www.google.com www.youtube.com
2	uguide.ru	1 redirects goristar.ucoz.ua
2	www.google.com	goristar.ucoz.ua www.youtube.com
1	s.viixty.com	goristar.ucoz.ua
1	fonts.googleapis.com	hdbcode.com
1	d.uuidksinc.net	uuidksinc.net
1	acint.net	1 redirects
1	ssp-rtb.sape.ru	1 redirects
1	z.cdn.adtarget.me	uuidksinc.net
1	ads.go2net.com.ua	1 redirects
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	news.2xclick.ru	goristar.ucoz.ua
1	hfyi7g.bn.files.1drv.com	goristar.ucoz.ua
1	hfa9yg.bn.files.1drv.com	goristar.ucoz.ua
1	hfa2gw.bn.files.1drv.com	goristar.ucoz.ua
1	hfybpw.bn.files.1drv.com	goristar.ucoz.ua
1	s27.ucoz.net	goristar.ucoz.ua
341	44

This site contains links to these domains. Also see Links.

Domain
www.ucoz.com

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
storage.live.com Microsoft Azure TLS Issuing CA 01	`2022-06-13` - `2023-06-08`	a year	crt.sh
news.2xclick.ru R3	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
onedrive.com Microsoft RSA TLS CA 02	`2022-02-01` - `2023-02-01`	a year	crt.sh
hdbcode.com R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
uuidksinc.net R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
adtarget.me R3	`2022-04-06` - `2022-07-05`	3 months	crt.sh
i.cdnkimg.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
viixty.com R3	`2022-04-02` - `2022-07-01`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2022-04-19` - `2023-04-18`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2021-09-29` - `2022-09-29`	a year	crt.sh
messaging.office.com Microsoft RSA TLS CA 02	`2022-03-02` - `2023-03-02`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2022-05-21` - `2023-05-16`	a year	crt.sh
c.msn.com Microsoft Azure TLS Issuing CA 01	`2022-02-08` - `2023-02-03`	a year	crt.sh

This page contains 14 frames:

Primary Page: http://goristar.ucoz.ua/
Frame ID: 7CF124E646AABB756A3B781F31BC85FC
Requests: 68 HTTP requests in this frame

Frame: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0
Frame ID: F7808A0F1C52EB004399E32E532B643A
Requests: 20 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211078&authkey=AELh0L2Qv48DrrU&em=2
Frame ID: 0FD3F0E6FE969F19E37E15E30A79AAD2
Requests: 1 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211077&authkey=ALKCXSI4EJuINSc&em=2
Frame ID: 515F207BCEAF12EB91BF26AC20551E06
Requests: 9 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Frame ID: 6ABDBF5DE1F80BA3CCB7836ED2D03F93
Requests: 9 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211068&authkey=AIeCzFVl2ljE9Co&em=2
Frame ID: FF4309D1386905D5A6DC44940FB5920A
Requests: 9 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Frame ID: 167D4530851AA5DEBFE8E946FBAC357D
Requests: 9 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211019&authkey=AGCAMq55lajKKJY&em=2
Frame ID: F33FDBF38252EAF360B891C5DB2EDB2A
Requests: 9 HTTP requests in this frame

Frame: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Frame ID: 59A7A383701A7A34382C1C04C31A8B64
Requests: 7 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
Frame ID: C1447DDE424FAC448B76BE9F165DDB9C
Requests: 39 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
Frame ID: EDEA6FE5183688192D585610881E040E
Requests: 39 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
Frame ID: 2CA395FAA4A2362A599752A0271231B9
Requests: 39 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=yRnFL8VqV0+uDjv5uH0Q6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&sc=host%3D%26qt%3DDefault%26pt%3Dem
Frame ID: D6AA08A58CA7D97B639719FFC516339D
Requests: 36 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
Frame ID: 3726A512484D19D299BA31C883912F16
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Навчаємося вдома - Головна сторінка

Detected technologies

Lightbox (JavaScript Libraries) Expand

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

<script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

341
Requests

81 %
HTTPS

41 %
IPv6

31
Domains

44
Subdomains

34
IPs

6
Countries

27639 kB
Transfer

55423 kB
Size

39
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ucoz.com/
Title: uCoz

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

http://uguide.ru/templates/uguide_ru.js HTTP 301
https://uguide.ru/templates/uguide_ru.js

Request Chain 42

http://counter.yadro.ru/hit;ucoznet?r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644146 HTTP 302
https://counter.yadro.ru/hit;ucoznet?r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644146 HTTP 302
https://counter.yadro.ru/hit;ucoznet?q;r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644146

Request Chain 43

http://counter.yadro.ru/hit;ucoz_desktop_ad?r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644147 HTTP 302
https://counter.yadro.ru/hit;ucoz_desktop_ad?r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644147 HTTP 302
https://counter.yadro.ru/hit;ucoz_desktop_ad?q;r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644147

Request Chain 49

http://www.youtube.com/embed/oDpVhXEeCAk?rel=0 HTTP 307
https://www.youtube.com/embed/oDpVhXEeCAk?rel=0

Request Chain 62

https://s.uuidksinc.net/match/1/?cb_url=https%3A%2F%2Fhdbcode.com%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://hdbcode.com/setuid?QrCrsz43ytAFNqW2Xihd

Request Chain 75

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 86

https://an.yandex.ru/mapuid/kadamis/QrCrsz43ytAFNqW2Xihd HTTP 302
https://an.yandex.ru/mapuid/kadamis/QrCrsz43ytAFNqW2Xihd?redir-setuniq=1

Request Chain 87

https://ads.go2net.com.ua/adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1 HTTP 302
https://s.uuidksinc.net/match/760/348455e404144836b660e604afad2422

Request Chain 89

https://www.acint.net/rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=${USER_ID} HTTP 302
https://www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=191&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253D$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=F055CA741691B0621C00916602EFD607&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D HTTP 302
https://d.uuidksinc.net/match/383/?remote_uid=89B803C11591B062220070B302382479

Request Chain 91

https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=QrCrsz43ytAFNqW2Xihd&i=0.22066022998226642 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=QrCrsz43ytAFNqW2Xihd&i=0.22066022998226642

Request Chain 102

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9675.AWjTEZAHl6DPptNE2iionX3uTCLEjaFpNMRMg4FH2m5R76ps16dAQhf9uPhNum6M.77yc5teyk4LrPnp4ZCQEHUcqHfg%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9675.oA-ebNJq4BlSCbjWOgzN98BjhDH9wcA0M72xtWboCDBaexrRe40YlVUUV_CjhwPTWeoeRs5IWIlGdvnIqdaXVnHZVMPqgVR7u0Z6hRbWPP0%2C.taLxJOsJolRB9rB-XBPhexorqtA%2C

Request Chain 147

https://mc.yandex.com/watch/73418029?wmode=7&page-url=http%3A%2F%2Fgoristar.ucoz.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A821%3Acn%3A1%3Adp%3A0%3Als%3A505765348036%3Ahid%3A949401298%3Az%3A0%3Ai%3A20220620152405%3Aet%3A1655738646%3Ac%3A1%3Arn%3A195225410%3Arqn%3A1%3Au%3A1655738646426444373%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1655738643596%3Ads%3A93%2C95%2C339%2C1%2C%2C0%2C%2C887%2C16%2C%2C%2C%2C1416%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1655738646%3At%3A%D0%9D%D0%B0%D0%B2%D1%87%D0%B0%D1%94%D0%BC%D0%BE%D1%81%D1%8F%20%D0%B2%D0%B4%D0%BE%D0%BC%D0%B0%20-%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0%20%D1%81%D1%82%D0%BE%D1%80%D1%96%D0%BD%D0%BA%D0%B0&t=gdpr(14)aw(1)rqnt(1)ti(2) HTTP 302
https://mc.yandex.com/watch/73418029/1?wmode=7&page-url=http%3A%2F%2Fgoristar.ucoz.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A821%3Acn%3A1%3Adp%3A0%3Als%3A505765348036%3Ahid%3A949401298%3Az%3A0%3Ai%3A20220620152405%3Aet%3A1655738646%3Ac%3A1%3Arn%3A195225410%3Arqn%3A1%3Au%3A1655738646426444373%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1655738643596%3Ads%3A93%2C95%2C339%2C1%2C%2C0%2C%2C887%2C16%2C%2C%2C%2C1416%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1655738646%3At%3A%D0%9D%D0%B0%D0%B2%D1%87%D0%B0%D1%94%D0%BC%D0%BE%D1%81%D1%8F%20%D0%B2%D0%B4%D0%BE%D0%BC%D0%B0%20-%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0%20%D1%81%D1%82%D0%BE%D1%80%D1%96%D0%BD%D0%BA%D0%B0&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Request Chain 321

https://c.live.com/c.gif?DI=15347&wlxid=1d68b045-f1a9-4256-b64e-94775946deeb&reqid=001ea0b9826&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D747A88%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4280%26IR%3D1%26EX%3D0%26L.h%3D1190%26L.sjs%3D4149%26L.ttg%3D1190%26C.st%3D1655738644564%26N.domIn%3D1206%26N.req%3D752%26N.resp%3D15%26N.navType%3D0%26N.redirectCount%3D0&r=0.9732970642199388 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=1d68b045-f1a9-4256-b64e-94775946deeb&reqid=001ea0b9826&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D747A88%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4280%26IR%3D1%26EX%3D0%26L.h%3D1190%26L.sjs%3D4149%26L.ttg%3D1190%26C.st%3D1655738644564%26N.domIn%3D1206%26N.req%3D752%26N.resp%3D15%26N.navType%3D0%26N.redirectCount%3D0&r=0.9732970642199388&CtsSyncId=61359FF7130E4F54A1E8AC25E40558E1&RedC=c.live.com&MXFR=0456167AD85C6B0304CF07B3DC5C6F04 HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=1d68b045-f1a9-4256-b64e-94775946deeb&reqid=001ea0b9826&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D747A88%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4280%26IR%3D1%26EX%3D0%26L.h%3D1190%26L.sjs%3D4149%26L.ttg%3D1190%26C.st%3D1655738644564%26N.domIn%3D1206%26N.req%3D752%26N.resp%3D15%26N.navType%3D0%26N.redirectCount%3D0&r=0.9732970642199388&CtsSyncId=61359FF7130E4F54A1E8AC25E40558E1&MUID=0456167AD85C6B0304CF07B3DC5C6F04

Request Chain 322

https://c.live.com/c.gif?DI=15347&wlxid=f43e47d2-a113-4c01-aefc-8eacf213b41a&reqid=00180adfbf3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F804C%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4387%26IR%3D1%26EX%3D0%26L.h%3D1138%26L.sjs%3D4297%26L.ttg%3D1138%26C.st%3D1655738644566%26N.domIn%3D1151%26N.req%3D684%26N.resp%3D3%26N.navType%3D0%26N.redirectCount%3D0&r=0.9850445230904863 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=f43e47d2-a113-4c01-aefc-8eacf213b41a&reqid=00180adfbf3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F804C%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4387%26IR%3D1%26EX%3D0%26L.h%3D1138%26L.sjs%3D4297%26L.ttg%3D1138%26C.st%3D1655738644566%26N.domIn%3D1151%26N.req%3D684%26N.resp%3D3%26N.navType%3D0%26N.redirectCount%3D0&r=0.9850445230904863&CtsSyncId=3533304B59DA4171AF8E1BE9A07EA697&RedC=c.live.com&MXFR=015882B34ADC62401CAE937A4EDC660B HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=f43e47d2-a113-4c01-aefc-8eacf213b41a&reqid=00180adfbf3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F804C%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4387%26IR%3D1%26EX%3D0%26L.h%3D1138%26L.sjs%3D4297%26L.ttg%3D1138%26C.st%3D1655738644566%26N.domIn%3D1151%26N.req%3D684%26N.resp%3D3%26N.navType%3D0%26N.redirectCount%3D0&r=0.9850445230904863&CtsSyncId=3533304B59DA4171AF8E1BE9A07EA697&MUID=015882B34ADC62401CAE937A4EDC660B

Request Chain 323

https://c.live.com/c.gif?DI=15347&wlxid=3a0d4072-2030-40dd-a515-cf7583ab5294&reqid=0013cf89a84&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D7493BD%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4459%26IR%3D1%26EX%3D0%26L.h%3D1797%26L.sjs%3D4445%26L.ttg%3D1797%26C.st%3D1655738644564%26N.domIn%3D1836%26N.req%3D897%26N.resp%3D51%26N.navType%3D0%26N.redirectCount%3D0&r=0.450583496540478 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=3a0d4072-2030-40dd-a515-cf7583ab5294&reqid=0013cf89a84&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D7493BD%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4459%26IR%3D1%26EX%3D0%26L.h%3D1797%26L.sjs%3D4445%26L.ttg%3D1797%26C.st%3D1655738644564%26N.domIn%3D1836%26N.req%3D897%26N.resp%3D51%26N.navType%3D0%26N.redirectCount%3D0&r=0.450583496540478&CtsSyncId=55BFA55AF61B40ACB9CD5DDE5A74836B&RedC=c.live.com&MXFR=28DB6D25CB4368C919107CECCF436C7B HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=3a0d4072-2030-40dd-a515-cf7583ab5294&reqid=0013cf89a84&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D7493BD%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4459%26IR%3D1%26EX%3D0%26L.h%3D1797%26L.sjs%3D4445%26L.ttg%3D1797%26C.st%3D1655738644564%26N.domIn%3D1836%26N.req%3D897%26N.resp%3D51%26N.navType%3D0%26N.redirectCount%3D0&r=0.450583496540478&CtsSyncId=55BFA55AF61B40ACB9CD5DDE5A74836B&MUID=28DB6D25CB4368C919107CECCF436C7B

Request Chain 324

https://c.live.com/c.gif?DI=15347&wlxid=278e3592-e8e3-4948-b2fb-8cfd03e62ed3&reqid=0015a387eaf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D3F4DDA%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4461%26IR%3D1%26EX%3D0%26L.h%3D1807%26L.sjs%3D4408%26L.ttg%3D1807%26C.st%3D1655738644565%26N.domIn%3D1835%26N.req%3D1111%26N.resp%3D156%26N.navType%3D0%26N.redirectCount%3D0&r=0.4064433526841005 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=278e3592-e8e3-4948-b2fb-8cfd03e62ed3&reqid=0015a387eaf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D3F4DDA%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4461%26IR%3D1%26EX%3D0%26L.h%3D1807%26L.sjs%3D4408%26L.ttg%3D1807%26C.st%3D1655738644565%26N.domIn%3D1835%26N.req%3D1111%26N.resp%3D156%26N.navType%3D0%26N.redirectCount%3D0&r=0.4064433526841005&CtsSyncId=A594FE9FDAED4A019DAD445BC1E1963F&RedC=c.live.com&MXFR=2C5E8399F2F16D9C3B2D9250F6F16962 HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=278e3592-e8e3-4948-b2fb-8cfd03e62ed3&reqid=0015a387eaf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D3F4DDA%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4461%26IR%3D1%26EX%3D0%26L.h%3D1807%26L.sjs%3D4408%26L.ttg%3D1807%26C.st%3D1655738644565%26N.domIn%3D1835%26N.req%3D1111%26N.resp%3D156%26N.navType%3D0%26N.redirectCount%3D0&r=0.4064433526841005&CtsSyncId=A594FE9FDAED4A019DAD445BC1E1963F&MUID=2C5E8399F2F16D9C3B2D9250F6F16962

341 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
goristar.ucoz.ua/ 38 KB
9 KB 527ms
339ms Document
text/html 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://goristar.ucoz.ua/
Protocol: HTTP/1.1
Server: 193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: 518304925d9ebb212cad6e475f624aa50054433415b6577768c616e0d5ab78a5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache,no-store private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 Jun 2022 15:24:11 GMT
Keep-Alive: timeout=15
Last-Modified: Mon, 20 Jun 2022 11:15:59 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: host

GET
H/1.1 200
OK 812.css
goristar.ucoz.ua/.s/src/css/ 17 KB
4 KB 96ms
96ms Stylesheet
text/css 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://goristar.ucoz.ua/.s/src/css/812.css

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

0b58c41090052f037c17ce294253e6a27f982de1a4e576b36ecdeb870896609b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 May 2021 12:20:25 GMT
Server: nginx
ETag: W/"60ae3d09-434b"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK base.min.css
goristar.ucoz.ua/.s/src/ 24 KB
6 KB 191ms
96ms Stylesheet
text/css 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://goristar.ucoz.ua/.s/src/base.min.css

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

ed132c64c4008f3048414bf8506edd464a95035f4552c6452e4f2671f1c1ab9f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Apr 2022 08:15:48 GMT
Server: nginx
ETag: W/"62553534-5f07"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK layer7.min.css
goristar.ucoz.ua/.s/src/ 25 KB
7 KB 190ms
95ms Stylesheet
text/css 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://goristar.ucoz.ua/.s/src/layer7.min.css

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

a7251097afbc7a7ed08c618f7b56b27562496792fa0a41dadb42d46cf3b0815b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Mar 2022 08:18:27 GMT
Server: nginx
ETag: W/"623c2953-63fc"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK jquery-1.12.4.min.js Show response
goristar.ucoz.ua/.s/src/ 95 KB
33 KB 202ms
105ms Script
text/javascript 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://goristar.ucoz.ua/.s/src/jquery-1.12.4.min.js

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Mar 2019 15:36:30 GMT
Server: nginx
ETag: W/"5c87d1fe-17b8b"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK uwnd.min.js Show response
goristar.ucoz.ua/.s/src/ 205 KB
56 KB 204ms
105ms Script
text/javascript 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://goristar.ucoz.ua/.s/src/uwnd.min.js

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Server: nginx
ETag: W/"626678ba-3334b"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK uutils.fcg Show response
s27.ucoz.net/cgi/ 0
205 B 290ms
98ms Script
application/javascript 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://s27.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.300072228479689
Requested by: Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/
Protocol: HTTP/1.1
Server: 193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=15
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK ulightbox.min.css
goristar.ucoz.ua/.s/src/ulightbox/ 4 KB
2 KB 191ms
95ms Stylesheet
text/css 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://goristar.ucoz.ua/.s/src/ulightbox/ulightbox.min.css

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

5ddb669cd05d5c481a798631d2bd02b041950600ebaa4d419833fe0f01a04955

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Server: nginx
ETag: W/"628cd15d-11c8"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK social.css
goristar.ucoz.ua/.s/src/ 2 KB
988 B 191ms
96ms Stylesheet
text/css 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://goristar.ucoz.ua/.s/src/social.css

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

12c919cc8994233c2f67bdcf1185997781ccfe1ce3405308e31bfd33d260bd74

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Dec 2021 11:13:55 GMT
Server: nginx
ETag: W/"61a758f3-9b8"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK ulightbox.min.js Show response
goristar.ucoz.ua/.s/src/ulightbox/ 22 KB
8 KB 285ms
95ms Script
text/javascript 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://goristar.ucoz.ua/.s/src/ulightbox/ulightbox.min.js

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

eb2476907f027bd6dcf4f61cecffcd85dd4aaf66ee6615d32fba5359615edad7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Server: nginx
ETag: W/"628cd15d-5713"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: max-age=1728000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 905 B
989 B 179ms
64ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=en

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f781f3b2c376e32077f83aaf0b30dad9a154d92b6840046cfab39c894c506692

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 576
x-xss-protection: 1; mode=block
expires: Mon, 20 Jun 2022 15:24:04 GMT

GET
H/1.1 200
OK portret.jpg
goristar.ucoz.ua/2016/2020/ 202 KB
203 KB 109ms
108ms Image
image/jpeg 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2020/portret.jpg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

24b93fa162c6079784bcc712b4169f0b96a6044a43e9eeeac4d85bb84d2a73ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Last-Modified: Sat, 19 Sep 2020 11:43:54 GMT
Server: nginx
ETag: "5f65eefa-32906"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 207110
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H2 200 y4m1dzLONj__Wlmgw5AQchMKg1XwLRD9V7K_OqWH4RfmRM4f4rAIYuBPS9W0R3LDtmIXAJHTNN5f8dc-zI4Vu0QDAkwAYs3AQ8m-sGq8M5RIqhj79NnsGEDtZhWX7gBh7BhtydUTmv97Gjt1_PC1RbTgco66Wc1JokrDZFFfYoLbGntOZiQHxw6dY5pzw9BpzwWgv...
hfybpw.bn.files.1drv.com/ 170 KB
172 KB 720ms
487ms Image
image/jpeg 13.107.42.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hfybpw.bn.files.1drv.com/y4m1dzLONj__Wlmgw5AQchMKg1XwLRD9V7K_OqWH4RfmRM4f4rAIYuBPS9W0R3LDtmIXAJHTNN5f8dc-zI4Vu0QDAkwAYs3AQ8m-sGq8M5RIqhj79NnsGEDtZhWX7gBh7BhtydUTmv97Gjt1_PC1RbTgco66Wc1JokrDZFFfYoLbGntOZiQHxw6dY5pzw9BpzwWgvFycUfz-9P3g3g8TJ9AEA?width=805&height=577&cropmode=none

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.12 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

1drv.ms

Software

Resource Hash

ac537dd98f88004d7bc29c453889e553da64e318c18a30d2d589261475f5541a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: BN2BAPF0F26255F
x-content-type-options: nosniff
x-asmversion: UNKNOWN; 19.934.602.2004
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-thumbnailscenarioid: Thumbnail_CacheHit_DataCentersMatch
content-disposition: attachment; filename="y4m1dzLONj__Wlmgw5AQchMKg1XwLRD9V7K_OqWH4RfmRM4f4rAIYuBPS9W0R3LDtmIXAJHTNN5f8dc-zI4Vu0QDAkwAYs3AQ8m-sGq8M5RIqhj79NnsGEDtZhWX7gBh7BhtydUTmv97Gjt1_PC1RbTgco66Wc1JokrDZFFfYoLbGntOZiQHxw6dY5pzw9BpzwWgvFycUfz-9P3g3g8TJ9AEA"
ms-cv: QHxmGDRWN0qKPsSByRm7kQ.0
content-length: 174588
last-modified: Sun, 07 Jun 2020 14:55:50 GMT
x-msedge-ref: Ref A: 1B32308F40A94279B12F34B49C6E7A3C Ref B: FRAEDGE1413 Ref C: 2022-06-20T15:24:04Z
x-sqldataorigin: S
date: Mon, 20 Jun 2022 15:24:05 GMT
x-streamorigin: G
content-type: image/jpeg
x-preauthinfo
cache-control: public
accept-ranges: bytes
content-location: https://hfybpw.bn.files.1drv.com/y4m1dzLONj__Wlmgw5AQchMKg1XwLRD9V7K_OqWH4RfmRM4f4rAIYuBPS9W0R3LDtmIXAJHTNN5f8dc-zI4Vu0QDAkwAYs3AQ8m-sGq8M5RIqhj79NnsGEDtZhWX7gBh7BhtydUTmv97Gjt1_PC1RbTgco66Wc1JokrDZFFfYoLbGntOZiQHxw6dY5pzw9BpzwWgvFycUfz-9P3g3g8TJ9AEA
expires: Sun, 18 Sep 2022 15:24:05 GMT

GET
H2 200 y4mJf7ky1TTHGPCoxS3TJuJ_9dpPjNkbUy0Cq4zKQ3KWBBsuDIgvgcpFXWXAKVAFw3oAMn_6BcHaImO1xDmPlL4dWj2aeoev_Zqj7UmK3RNGVktZ4L8yfvDgO-Mo5HSWn-kpwGdGv59EQfPUrJtcXZqEzrp6r3Qi7diNSNaOlXlo6L2OHAmWSeznAP3ctagqiqIc1...
hfa2gw.bn.files.1drv.com/ 278 KB
279 KB 655ms
392ms Image
image/jpeg 13.107.42.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hfa2gw.bn.files.1drv.com/y4mJf7ky1TTHGPCoxS3TJuJ_9dpPjNkbUy0Cq4zKQ3KWBBsuDIgvgcpFXWXAKVAFw3oAMn_6BcHaImO1xDmPlL4dWj2aeoev_Zqj7UmK3RNGVktZ4L8yfvDgO-Mo5HSWn-kpwGdGv59EQfPUrJtcXZqEzrp6r3Qi7diNSNaOlXlo6L2OHAmWSeznAP3ctagqiqIc11OB_p-KwDUZqX1yFxslA?width=1080&height=765&cropmode=none

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.12 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

1drv.ms

Software

Resource Hash

e5e68e5adae8bb8bc4dd27ab6d101afb7d54a0eadb522c41e1bf470f79de6b09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: BN2BAPEF852F494
x-content-type-options: nosniff
x-asmversion: UNKNOWN; 19.934.602.2004
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-thumbnailscenarioid: Thumbnail_CacheHit_DataCentersMatch
content-disposition: attachment; filename="y4mJf7ky1TTHGPCoxS3TJuJ_9dpPjNkbUy0Cq4zKQ3KWBBsuDIgvgcpFXWXAKVAFw3oAMn_6BcHaImO1xDmPlL4dWj2aeoev_Zqj7UmK3RNGVktZ4L8yfvDgO-Mo5HSWn-kpwGdGv59EQfPUrJtcXZqEzrp6r3Qi7diNSNaOlXlo6L2OHAmWSeznAP3ctagqiqIc11OB_p-KwDUZqX1yFxslA"
ms-cv: +Zh4md7w3EumForMpC/6nw.0
content-length: 284525
last-modified: Sun, 07 Jun 2020 14:55:50 GMT
x-msedge-ref: Ref A: 7C63009D7D36492983E91E372B224743 Ref B: FRAEDGE1407 Ref C: 2022-06-20T15:24:04Z
x-sqldataorigin: S
date: Mon, 20 Jun 2022 15:24:04 GMT
x-streamorigin: G
content-type: image/jpeg
x-preauthinfo
cache-control: public
accept-ranges: bytes
content-location: https://hfa2gw.bn.files.1drv.com/y4mJf7ky1TTHGPCoxS3TJuJ_9dpPjNkbUy0Cq4zKQ3KWBBsuDIgvgcpFXWXAKVAFw3oAMn_6BcHaImO1xDmPlL4dWj2aeoev_Zqj7UmK3RNGVktZ4L8yfvDgO-Mo5HSWn-kpwGdGv59EQfPUrJtcXZqEzrp6r3Qi7diNSNaOlXlo6L2OHAmWSeznAP3ctagqiqIc11OB_p-KwDUZqX1yFxslA
expires: Sun, 18 Sep 2022 15:24:05 GMT

GET
H2 200 y4mnJsgW_NV5iJswg7w8bbC6JkkqbaXrmxjeHqzzWccmVIs7FogSV1J_vxGy6cp6KrR_vC5ygTBgQQksJVoLP6ux-_jJyn2iRB7yJxIWb-zkL02Ezks23lIJw4UxIFkgCaHy8eTV-UCVm3Cj5KZJEpfs7l8PqpCnbaqRc_k8DkxYVo8d7lsTSXNDToP65i7ugXzyT...
hfa9yg.bn.files.1drv.com/ 295 KB
296 KB 643ms
389ms Image
image/jpeg 13.107.43.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hfa9yg.bn.files.1drv.com/y4mnJsgW_NV5iJswg7w8bbC6JkkqbaXrmxjeHqzzWccmVIs7FogSV1J_vxGy6cp6KrR_vC5ygTBgQQksJVoLP6ux-_jJyn2iRB7yJxIWb-zkL02Ezks23lIJw4UxIFkgCaHy8eTV-UCVm3Cj5KZJEpfs7l8PqpCnbaqRc_k8DkxYVo8d7lsTSXNDToP65i7ugXzyT5CeC3Hvn67FZ0uSixumg?width=777&height=1216&cropmode=none

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.43.12 Des Moines, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

928946bba7a44be8869f37002d9e1615eb8da828d20b93f53782ed4bf2fa3627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: BN2BAP45064EE2D
x-content-type-options: nosniff
x-asmversion: UNKNOWN; 19.934.602.2004
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-thumbnailscenarioid: Thumbnail_CacheMiss_DataCentersMatch
content-disposition: attachment; filename*=UTF-8''%d0%b8%d0%b7%d0%be%d0%b1%d1%80%d0%b0%d0%b6%d0%b5%d0%bd%d0%b8%d0%b5_viber_2020-06-09_14-34-27.jpg
ms-cv: CDSTJAO9d0qWQixpY4+z3A.0
content-length: 301850
etag: aOTQ2QjhBRkVGMEY1MkJEMiE2MTYuNw
last-modified: Tue, 09 Jun 2020 11:42:34 GMT
x-msedge-ref: Ref A: 8E56C60198B44BEFA5D1199A1ACF7E3F Ref B: VIEEDGE1120 Ref C: 2022-06-20T15:24:04Z
x-sqldataorigin: S
date: Mon, 20 Jun 2022 15:24:04 GMT
x-streamorigin: G
content-type: image/jpeg
x-preauthinfo: rv;poba;
cache-control: public
ctag: aYzo5NDZCOEFGRUYwRjUyQkQyITYxNi4yNTc
accept-ranges: bytes
content-location: https://hfa9yg.bn.files.1drv.com/y4memrma37kmT3EVRnpj8UFf8gglFZ_l5QxXGbIxwtPU3qBrsXRYBd8elKPJrmszio6ofs0GOBHm1XSQaqsrVHs1NraEIZpgyqZByRcqMd_RQ4h3hVxC_yCdJk7Vb5tEr6OdbiFfnndkhIIM8Y9TZB8n0d-JgA_EmaPt8fs76vQfxnvzMnkogrfHTLhiGDaO9XmbmLD0G7u99EAfwHa-SiflQ
expires: Sun, 18 Sep 2022 15:24:05 GMT

GET
H2 200 y4mDlVX72insp3rmMVRHyr4BxZVJrK-VNDd1Jzy5cVUQZclw73jjtAzuVwr8Ra79dUfFA0jIv9WwtplMp2pqYjGw_nTKna_Mk394CZE7chNIxXhxUy8B8GU7_BDXnYVJQ-Emyfz9GWckBGXml6gX4e1kxFBohgwda3oqirpeokmAMJ-8dsdJ1YEPuyHKCEPXyQFuC...
hfyi7g.bn.files.1drv.com/ 273 KB
274 KB 688ms
429ms Image
image/jpeg 13.107.42.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hfyi7g.bn.files.1drv.com/y4mDlVX72insp3rmMVRHyr4BxZVJrK-VNDd1Jzy5cVUQZclw73jjtAzuVwr8Ra79dUfFA0jIv9WwtplMp2pqYjGw_nTKna_Mk394CZE7chNIxXhxUy8B8GU7_BDXnYVJQ-Emyfz9GWckBGXml6gX4e1kxFBohgwda3oqirpeokmAMJ-8dsdJ1YEPuyHKCEPXyQFuCSgAfFqVAGzkqjBziASDg?width=868&height=1227&cropmode=none

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.12 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

1drv.ms

Software

Resource Hash

531d2640a95f554623d5706cf41c4dba112c6980589de484eebb9841e5934b38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: BN7PPF0F07BCF48
x-content-type-options: nosniff
x-asmversion: UNKNOWN; 19.934.602.2004
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-thumbnailscenarioid: Thumbnail_CacheMiss_DataCentersMatch
content-disposition: attachment; filename*=UTF-8''%d0%b8%d0%b7%d0%be%d0%b1%d1%80%d0%b0%d0%b6%d0%b5%d0%bd%d0%b8%d0%b5_viber_2020-06-09_14-34-28.jpg
ms-cv: yFGUq06mIECbDP92XEB8rQ.0
content-length: 279144
etag: aOTQ2QjhBRkVGMEY1MkJEMiE2MTUuNw
last-modified: Tue, 09 Jun 2020 11:42:34 GMT
x-msedge-ref: Ref A: 4E57471F94784135A86A139B682F4E62 Ref B: FRAEDGE1421 Ref C: 2022-06-20T15:24:04Z
x-sqldataorigin: S
date: Mon, 20 Jun 2022 15:24:05 GMT
x-streamorigin: G
content-type: image/jpeg
x-preauthinfo: rv;poba;
cache-control: public
ctag: aYzo5NDZCOEFGRUYwRjUyQkQyITYxNS4yNTc
accept-ranges: bytes
content-location: https://hfyi7g.bn.files.1drv.com/y4mux17YI4NeiHqe8Rzxmx2vFt2KryVIku3LmEuN49HXWQfdnHWLiUbt5JeaoPRnbFPdaIHXLKQC-qlZs55iYj2-RJUNwUNp9JEUzwadgkw5UapA1t_Xur4VvjBuYERUVlfwt-l-mvuz5hz0E3mVvXref0pWImkPNy7M4dHQur8uJV2wifu0nl4c91fCg0vms48wy9_WhekjBphm5htJBfljg
expires: Sun, 18 Sep 2022 15:24:05 GMT

GET
H/1.1 200
OK cifrova_gramotnist_page-0001.jpg
goristar.ucoz.ua/2016/2021/ 648 KB
649 KB 132ms
127ms Image
image/jpeg 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2021/cifrova_gramotnist_page-0001.jpg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

3f775b8c24cb5569fa824b47bca6c26a2e3ec53812e4c5010e7cc72da837215d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Last-Modified: Sat, 04 Dec 2021 13:28:34 GMT
Server: nginx
ETag: "61ab6d02-a2197"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 663959
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK 1.jpeg
goristar.ucoz.ua/2016/2021/ 4 MB
4 MB 130ms
126ms Image
image/jpeg 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2021/1.jpeg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

3c4c34b9ac8774be08b5a28994c7d5470039a043588781850e31e969c6ec2397

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Last-Modified: Sat, 04 Dec 2021 14:10:22 GMT
Server: nginx
ETag: "61ab76ce-3880cb"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 3702987
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK 1_kopija.jpeg
goristar.ucoz.ua/2016/2021/ 2 MB
2 MB 133ms
129ms Image
image/jpeg 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2021/1_kopija.jpeg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

d3c8ed0b348ae2381f39ad119be9ecb38c708cd2632f3a19d7f85626ae0335fb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Last-Modified: Sat, 04 Dec 2021 14:09:03 GMT
Server: nginx
ETag: "61ab767f-2507f8"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 2426872
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK izobrazhenie_viber_2021-12-17_15-07-47-305.jpg
goristar.ucoz.ua/2016/2021/ 204 KB
204 KB 95ms
95ms Image
image/jpeg 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2021/izobrazhenie_viber_2021-12-17_15-07-47-305.jpg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

5a96a506c12e0afe8e4fe79353a8cda7d1821ac53fc5397e5785c71b3b0c8b77

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Last-Modified: Fri, 17 Dec 2021 18:37:18 GMT
Server: nginx
ETag: "61bcd8de-33000"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 208896
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK 001-2.jpg
goristar.ucoz.ua/2016/2018/ 67 KB
67 KB 128ms
127ms Image
image/jpeg 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/001-2.jpg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

4e4b5169d06eff023272537845c061cd30f1cf39a6e47ede3efc5bcf8842844b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Sun, 21 Oct 2018 17:27:58 GMT
Server: nginx
ETag: "5bccb71e-10a5a"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 68186
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK 003-2.jpg
goristar.ucoz.ua/2016/2018/ 65 KB
65 KB 98ms
98ms Image
image/jpeg 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/003-2.jpg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

9b5860c4fc33cdcbe492a935480e3fdead5c97b9e615f0b09938b66739d405be

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Sun, 21 Oct 2018 17:31:29 GMT
Server: nginx
ETag: "5bccb7f1-10495"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 66709
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK 002-2.png
goristar.ucoz.ua/2016/2018/ 64 KB
64 KB 99ms
99ms Image
image/png 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/002-2.png

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

c7a88166e49b47fefe48e84a8ab4f6a2a7eecefc1d1df4702a99049ad094338a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Sun, 21 Oct 2018 17:38:04 GMT
Server: nginx
ETag: "5bccb97c-feac"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 65196
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK 004-2.png
goristar.ucoz.ua/2016/2018/ 66 KB
67 KB 99ms
99ms Image
image/png 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/004-2.png

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

e7017586dd11abbec9ebdc1ca72312f5ba88f15f7c5e8601d2df1b0da5f83153

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Sun, 21 Oct 2018 17:38:34 GMT
Server: nginx
ETag: "5bccb99a-109c3"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 68035
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK 005-1.png
goristar.ucoz.ua/2016/2018/ 28 KB
28 KB 98ms
98ms Image
image/png 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/005-1.png

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

63db4cf8655267b837e882ed7ee7c0470d37849cfe0ed2b88ed2c8fc357cd10a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Sun, 21 Oct 2018 17:47:17 GMT
Server: nginx
ETag: "5bccbba5-6e4a"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 28234
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK 006-1.png
goristar.ucoz.ua/2016/2018/ 35 KB
35 KB 95ms
95ms Image
image/png 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/006-1.png

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

9436e99eb987558967070f5fb6b45b9a26d1ac5b889339fc1a4043d3ec23b1ca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Sun, 21 Oct 2018 17:47:46 GMT
Server: nginx
ETag: "5bccbbc2-8a47"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 35399
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK 007.png
goristar.ucoz.ua/2016/2018/ 78 KB
79 KB 101ms
101ms Image
image/png 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/007.png

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

841018aa4cf71c514ce6c78d9f60ae186ef4b06a7fc066f1db23cd050b3acf0e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Sun, 21 Oct 2018 17:48:11 GMT
Server: nginx
ETag: "5bccbbdb-13911"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 80145
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK 008.png
goristar.ucoz.ua/2016/2018/ 75 KB
75 KB 99ms
98ms Image
image/png 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/008.png

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

ad7bb213b9b9f0c7cf02f2a177b1e3c23b95fc8f27faa1b285b1fd38390f1e6f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Sun, 21 Oct 2018 17:48:49 GMT
Server: nginx
ETag: "5bccbc01-12be8"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 76776
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK 009.png
goristar.ucoz.ua/2016/2018/ 78 KB
79 KB 95ms
95ms Image
image/png 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/009.png

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

f7c8e7d56e567853f315f2289ecff51c2f23854de5389b2feb6392df8ea6f32d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Sun, 21 Oct 2018 17:49:19 GMT
Server: nginx
ETag: "5bccbc1f-138b6"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 80054
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK 010.png
goristar.ucoz.ua/2016/2018/ 162 KB
162 KB 97ms
97ms Image
image/png 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/010.png

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

c6855c894b788b6cf0b8daac3633d3ca1d789dec111b07a58464bc2abb43ff18

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Sun, 21 Oct 2018 17:51:07 GMT
Server: nginx
ETag: "5bccbc8b-286b3"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 165555
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK WP_20181030_10_41_16_Pro-2.jpg
goristar.ucoz.ua/2016/2018/ 154 KB
154 KB 112ms
112ms Image
image/jpeg 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/WP_20181030_10_41_16_Pro-2.jpg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

b264ac01cc97c822112417f5fad88c29dfc1b48d06d468c1cdbca97d7d7ff9cd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Mon, 05 Nov 2018 21:01:29 GMT
Server: nginx
ETag: "5be0afa9-267a4"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 157604
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK 1.jpg
goristar.ucoz.ua/2016/2018/ 40 KB
41 KB 98ms
98ms Image
image/jpeg 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/1.jpg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

7528ee1ccbf090a2b61d0b3b63b1552bc1e2cf5be23c01b7518836a96b925fda

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Sun, 21 Oct 2018 18:04:31 GMT
Server: nginx
ETag: "5bccbfaf-a1e0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 41440
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK mij_vistup_na_mo_25.03.2013.jpg
goristar.ucoz.ua/2016/2018/ 34 KB
34 KB 95ms
95ms Image
image/jpeg 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/mij_vistup_na_mo_25.03.2013.jpg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

164f95a36b72a70adca5707424e5c8fcfcd74c866d4052565022835233cfeac2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Sun, 21 Oct 2018 18:08:11 GMT
Server: nginx
ETag: "5bccc08b-876b"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 34667
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK vseukrajinska_konferencija_volnovaska_zosh_2_1.jpg
goristar.ucoz.ua/2016/2018/ 78 KB
79 KB 96ms
95ms Image
image/jpeg 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/vseukrajinska_konferencija_volnovaska_zosh_2_1.jpg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

f73b49c717fcf1415f383a07b7ad26a616848efe31bbfdaab31b1cffa0e43b2c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Sun, 21 Oct 2018 18:03:30 GMT
Server: nginx
ETag: "5bccbf72-138c2"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 80066
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK proverka_olimpiadi_z_fiziki_kopija-2.jpg
goristar.ucoz.ua/2016/2018/ 4 MB
4 MB 95ms
95ms Image
image/jpeg 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/proverka_olimpiadi_z_fiziki_kopija-2.jpg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

adaf0fb79970c2c655dbf88a622f4c21139d49a4fcb7bae4c71c59f6d2148492

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Sun, 11 Nov 2018 18:29:10 GMT
Server: nginx
ETag: "5be874f6-446720"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 4482848
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK IMG_9124-1.jpg
goristar.ucoz.ua/2016/2018/ 40 KB
41 KB 97ms
97ms Image
image/jpeg 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/IMG_9124-1.jpg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

6420d7ba90d1d2e55b77111c3e11a70d1eada7d5e2e13188230cccbae11376e5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Sun, 21 Oct 2018 18:09:36 GMT
Server: nginx
ETag: "5bccc0e0-a120"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 41248
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK fiz7.png
goristar.ucoz.ua/2016/2018/ 50 KB
51 KB 108ms
108ms Image
image/png 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/fiz7.png

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

c433a5100d2ecb2565bc2b8c6134ab2a26f989a8c8cf5005a62bdd5c7d067406

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Wed, 07 Nov 2018 19:54:38 GMT
Server: nginx
ETag: "5be342fe-c97d"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 51581
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK fiz6.png
goristar.ucoz.ua/2016/2018/ 53 KB
53 KB 99ms
99ms Image
image/png 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/fiz6.png

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

49ad1723cdc1dddd016c2a17b15111e249b34ed524b244cc1880b8f26032351c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Wed, 07 Nov 2018 19:57:06 GMT
Server: nginx
ETag: "5be34392-d24f"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 53839
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK math.png
goristar.ucoz.ua/2016/2018/ 51 KB
51 KB 95ms
95ms Image
image/png 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/math.png

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

a4fe098ec19109cab72d8a3688796e2de91f491318cc83268aa8d7c00be7921f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Wed, 07 Nov 2018 20:05:04 GMT
Server: nginx
ETag: "5be34570-cbf0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 52208
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK math10.png
goristar.ucoz.ua/2016/2018/ 53 KB
53 KB 94ms
94ms Image
image/png 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/math10.png

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

108fac151b070ef44a9d4f81664d2064b2504ed0c7a3035594a15d23a531fc78

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Wed, 07 Nov 2018 20:06:48 GMT
Server: nginx
ETag: "5be345d8-d2b8"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 53944
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK skan_201811071.png
goristar.ucoz.ua/2016/2018/ 204 KB
204 KB 97ms
97ms Image
image/png 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/2016/2018/skan_201811071.png

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

e10a14029b9d9b79ac02bc347de746a75d97d63df5b54c7f8ce1e7810a80304d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Wed, 07 Nov 2018 20:18:08 GMT
Server: nginx
ETag: "5be34880-32eb8"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 208568
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H/1.1 200
OK loader.js Show response
news.2xclick.ru/ 136 KB
27 KB 470ms
183ms Script
application/javascript 93.95.100.117
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://news.2xclick.ru/loader.js
Requested by: Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx/1.10.3 /
Resource Hash: acb47a21292db74397a8b5ad5f28eee547fb50aa095d2ec2e571e3f31466ea9f

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Jun 2022 11:54:33 GMT
Server: nginx/1.10.3
ETag: "62b05ff9-6b21"
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 27425
Expires: Tue, 21 Jun 2022 15:24:04 GMT

GET
H/1.1

404
Not Found

uguide_ru.js
uguide.ru/templates/
Redirect Chain

http://uguide.ru/templates/uguide_ru.js
https://uguide.ru/templates/uguide_ru.js

0
0

297ms
97ms

Script
text/html

193.109.247.35
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uguide.ru/templates/uguide_ru.js
Requested by: Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/
Protocol: HTTP/1.1
Server: 193.109.247.35 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Location: https://uguide.ru/templates/uguide_ru.js
Date: Mon, 20 Jun 2022 15:24:04 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=15
Content-Length: 178
Content-Type: text/html

GET
H/1.1

200
OK

hit;ucoznet
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit;ucoznet?r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644146
https://counter.yadro.ru/hit;ucoznet?r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644146
https://counter.yadro.ru/hit;ucoznet?q;r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644146

43 B
528 B

91ms
91ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;ucoznet?q;r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644146

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 15:24:05 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 19 Jun 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 15:24:04 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;ucoznet?q;r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644146
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 19 Jun 2021 21:00:00 GMT

GET
H/1.1

200
OK

hit;ucoz_desktop_ad
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit;ucoz_desktop_ad?r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644147
https://counter.yadro.ru/hit;ucoz_desktop_ad?r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644147
https://counter.yadro.ru/hit;ucoz_desktop_ad?q;r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644147

43 B
528 B

89ms
89ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;ucoz_desktop_ad?q;r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644147

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 15:24:05 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 19 Jun 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Jun 2022 15:24:04 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;ucoz_desktop_ad?q;r;s1600*1200*24;uhttp%3A//goristar.ucoz.ua/;1655738644147
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 19 Jun 2021 21:00:00 GMT

GET
H/1.1 200
OK 2.gif
goristar.ucoz.ua/.s/t/812/ 1 KB
1 KB 95ms
95ms Image
image/gif 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/.s/t/812/2.gif

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/.s/src/css/812.css

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

d369812aabb4b8152f7dd5883622e3cc08ac79442b64cb79cc802c4f44e30051

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/.s/src/css/812.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Last-Modified: Tue, 23 Feb 2016 13:11:57 GMT
Server: nginx
ETag: "56cc5a9d-407"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1031
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK 3.jpg
goristar.ucoz.ua/.s/t/812/ 88 KB
88 KB 287ms
95ms Image
image/jpeg 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/.s/t/812/3.jpg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/.s/src/css/812.css

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

e0dd5a5a859482ce12dc539a0a92d38320d6074192d4cc1522ebe93fbce3bc01

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/.s/src/css/812.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Last-Modified: Tue, 23 Feb 2016 13:11:57 GMT
Server: nginx
ETag: "56cc5a9d-15fcc"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 90060
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK 1.gif
goristar.ucoz.ua/.s/t/812/ 2 KB
2 KB 191ms
95ms Image
image/gif 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/.s/t/812/1.gif

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/.s/src/css/812.css

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

ef66779e89f08319ebfa2484f931cfce3716f826647006792aa442083cc09cd5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/.s/src/css/812.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Last-Modified: Tue, 23 Feb 2016 13:11:57 GMT
Server: nginx
ETag: "56cc5a9d-630"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1584
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK 6.gif
goristar.ucoz.ua/.s/t/812/ 216 B
571 B 96ms
95ms Image
image/gif 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/.s/t/812/6.gif

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/.s/src/css/812.css

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

e873a255adc7044c02c91415cba18a4ded4cdff268003035a108ffc908e69ef3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/.s/src/css/812.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Last-Modified: Tue, 23 Feb 2016 13:11:57 GMT
Server: nginx
ETag: "56cc5a9d-d8"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 216
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK ar1.gif
goristar.ucoz.ua/.s/img/wd/1/ 49 B
403 B 191ms
95ms Image
image/gif 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/.s/img/wd/1/ar1.gif

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/.s/src/css/812.css

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

68c66290ff9cfdc3863623a3533b742ad62ce6045395a8460d7ca8a8a9d2ee8c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/.s/src/css/812.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Last-Modified: Mon, 31 Jul 2017 10:30:51 GMT
Server: nginx
ETag: "597f06db-31"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 49
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H2

200

oDpVhXEeCAk Show response
www.youtube.com/embed/ Frame F780
Redirect Chain

http://www.youtube.com/embed/oDpVhXEeCAk?rel=0
https://www.youtube.com/embed/oDpVhXEeCAk?rel=0

64 KB
27 KB

256ms
133ms

Document
text/html

2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/oDpVhXEeCAk?rel=0

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

552e3716b8889b43b533d305787f5a744d2714fe9b1d5ff9fda11d2ddce0f22e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://goristar.ucoz.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Mon, 20 Jun 2022 15:24:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0
Non-Authoritative-Reason: HSTS

GET embed
onedrive.live.com/ Frame 0FD3 0
0

GET
H2 200 embed Show response
onedrive.live.com/ Frame 515F 60 KB
21 KB 952ms
737ms Document
text/html 13.107.43.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211077&authkey=ALKCXSI4EJuINSc&em=2

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.43.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

85154a52418baa72f42d512fe10f79d6f8c4a2c6b2e4ba9fed4edf416f3d9d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://goristar.ucoz.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 15:24:04 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-msedge-ref: Ref A: FB231447186943DCAF49A6BEB8002C85 Ref B: VIEEDGE2719 Ref C: 2022-06-20T15:24:04Z
x-msnserver: RD00155D747A88
x-odwebserver: northcentralus0-odwebpl

GET
H2 200 embed Show response
onedrive.live.com/ Frame 6ABD 60 KB
21 KB 1060ms
846ms Document
text/html 13.107.43.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.43.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f7f709f61930a52fef012dae4b22acaff2b5aa8f11946a6274317cb3147f88ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://goristar.ucoz.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 15:24:05 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-msedge-ref: Ref A: 6CA1BA42215946EF88B8D2FFBE4520EF Ref B: VIEEDGE2719 Ref C: 2022-06-20T15:24:04Z
x-msnserver: RD00155D7493BD
x-odwebserver: northcentralus0-odwebpl

GET
H2 200 embed Show response
onedrive.live.com/ Frame FF43 60 KB
21 KB 1169ms
955ms Document
text/html 13.107.43.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211068&authkey=AIeCzFVl2ljE9Co&em=2

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.43.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ff4f1971d3e73ba2580e09f2d1bc36a45fdbe4121776a5a904eeebc92bf516ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://goristar.ucoz.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 15:24:05 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-msedge-ref: Ref A: C0AEBD189FCE4AC0A1DB9015CB931551 Ref B: VIEEDGE2719 Ref C: 2022-06-20T15:24:04Z
x-msnserver: RD00155D3F4DDA
x-odwebserver: northcentralus0-odwebpl

GET
H2 200 embed Show response
onedrive.live.com/ Frame 167D 60 KB
21 KB 892ms
681ms Document
text/html 13.107.43.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.43.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7f26cd6b0e760c97d73b108b7e49866479124a551007c710d9f8bb7a9a2be43c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://goristar.ucoz.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 15:24:04 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-msedge-ref: Ref A: 26F0081E38C54653B6B7FB7F3EA7079C Ref B: VIEEDGE2719 Ref C: 2022-06-20T15:24:04Z
x-msnserver: RD00155D6F804C
x-odwebserver: northcentralus0-odwebpl

GET
H2 200 embed Show response
onedrive.live.com/ Frame F33F 60 KB
21 KB 1189ms
978ms Document
text/html 13.107.43.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211019&authkey=AGCAMq55lajKKJY&em=2

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.43.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6099d43a20a20cbd919ed66bcb1fcdf56008b5be0de0aa18e613e00d9803f4e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://goristar.ucoz.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 15:24:05 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-msedge-ref: Ref A: 622538B9BE41486584AEE92630029C88 Ref B: VIEEDGE2719 Ref C: 2022-06-20T15:24:04Z
x-msnserver: RD00155D3F4DDD
x-odwebserver: northcentralus0-odwebpl

GET
H2 200 kkqahhd3.js Show response
hdbcode.com/ 21 KB
9 KB 213ms
105ms Script
application/javascript 31.220.27.155
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hdbcode.com/kkqahhd3.js
Requested by: Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: b556530f20aa5ee66ee77e6d38cd4f811a6cf9b4aed2277b2e4adf9976537e5e

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:04 GMT
content-encoding: gzip
last-modified: Fri, 10 Jun 2022 15:31:50 GMT
server: nginx/1.19.0
etag: W/"62a363e6-53ed"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 b3aad1kk.js Show response
hdbcode.com/ 21 KB
9 KB 164ms
56ms Script
application/javascript 31.220.27.155
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hdbcode.com/b3aad1kk.js
Requested by: Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: b556530f20aa5ee66ee77e6d38cd4f811a6cf9b4aed2277b2e4adf9976537e5e

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:04 GMT
content-encoding: gzip
last-modified: Fri, 10 Jun 2022 15:31:50 GMT
server: nginx/1.19.0
etag: W/"62a363e6-53ed"
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK u.svg
goristar.ucoz.ua/.s/img/icon/social/ 612 B
972 B 384ms
99ms Image
image/svg+xml 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/.s/img/icon/social/u.svg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/.s/src/social.css

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

d0608cf0c4aff79f20a198427f7df73300d643face9bea72b8d406b432b84df9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/.s/src/social.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Server: nginx
ETag: "5950f318-264"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 612
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK fb.svg
goristar.ucoz.ua/.s/img/icon/social/ 611 B
971 B 358ms
95ms Image
image/svg+xml 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/.s/img/icon/social/fb.svg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/.s/src/social.css

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

a9265d79c9ff74d4deeab5dce9643ed838018a6b4346605e002867858534f4bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/.s/src/social.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Server: nginx
ETag: "5950f318-263"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 611
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H/1.1 200
OK gp.svg
goristar.ucoz.ua/.s/img/icon/social/ 550 B
910 B 262ms
95ms Image
image/svg+xml 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/.s/img/icon/social/gp.svg

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/.s/src/social.css

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

a657a4d5d05c6cd9b9f881ab6941e71f725c7eb451c9f37ceb514e45fdfd441d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/.s/src/social.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:11 GMT
Last-Modified: Fri, 01 Feb 2019 12:57:26 GMT
Server: nginx
ETag: "5c544236-226"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 550
Expires: Sun, 10 Jul 2022 15:24:11 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 362 KB
144 KB 184ms
53ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7394cc0158bd83bdfd6c63cebb7fb96a873394f273c873f3cdbddf1f2a43e436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://goristar.ucoz.ua/
Origin: http://goristar.ucoz.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 15:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146545
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Jun 2023 15:41:31 GMT

GET
H2

200

setuid
hdbcode.com/
Redirect Chain

https://s.uuidksinc.net/match/1/?cb_url=https%3A%2F%2Fhdbcode.com%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent=
https://hdbcode.com/setuid?QrCrsz43ytAFNqW2Xihd

74 B
239 B

51ms
51ms

Image
image/png

31.220.27.155
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hdbcode.com/setuid?QrCrsz43ytAFNqW2Xihd
Requested by: Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/
Protocol: H2
Server: 31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:04 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

Redirect headers

location: https://hdbcode.com/setuid?QrCrsz43ytAFNqW2Xihd
date: Mon, 20 Jun 2022 15:24:04 GMT
server: nginx/1.19.0
content-length: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/f05de49d/ Frame F780 338 KB
47 KB 54ms
53ms Stylesheet
text/css 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f05de49d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ef8240733673f0a3033c41dc341b2257b546bebf39e6e4303ee907366d78a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 02:49:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47576
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 00:19:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Jun 2023 02:49:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F780 15 KB
16 KB 171ms
55ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 512243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Jun 2023 17:06:41 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/f05de49d/www-embed-player.vflset/ Frame F780 304 KB
94 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f05de49d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55912cfc0ebd0cfdaea7cb26393660daf8c0d03029368e5113f70453fd915ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 13:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5476
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96086
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 00:19:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Jun 2023 13:52:48 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/f05de49d/player_ias.vflset/en_GB/ Frame F780 2 MB
533 KB 126ms
126ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f05de49d/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0936e323adeda3d6bda1d6310feef803410334d4aebe9698cc39ae4142bf991a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 16:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 340643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 545904
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 00:19:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Jun 2023 16:46:41 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/f05de49d/fetch-polyfill.vflset/ Frame F780 9 KB
3 KB 125ms
125ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f05de49d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 08:55:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 00:19:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Jun 2023 08:55:55 GMT

GET
H2 200 matchx Show response
uuidksinc.net/ Frame 59A7 2 KB
1 KB 163ms
50ms Document
text/html 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Requested by: Host: hdbcode.com
URL: https://hdbcode.com/kkqahhd3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e6464ecb9dfbfeb8b9a7dff33004b7b94b5044f66dde50d776729876196090f5

Request headers

Referer: http://goristar.ucoz.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 20 Jun 2022 15:24:05 GMT
server: nginx/1.19.0
vary: Accept-Encoding

OPTIONS
H2 200 get_data
hdbcode.com/ Frame 0
0 152ms
51ms Preflight 31.220.27.155
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hdbcode.com/get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=goristar.ucoz.ua&blockID=322613&width=1000&height=10739&windowWidth=1600&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=6a659671-7e9c-40a7-863b-6966925aa0e6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://goristar.ucoz.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://goristar.ucoz.ua
content-length: 0
date: Mon, 20 Jun 2022 15:24:05 GMT
server: nginx/1.19.0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 203 KB
70 KB 461ms
199ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: hdbcode.com
URL: https://hdbcode.com/kkqahhd3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

70cd5366e26d943884b899bbb472b0b4660928d04c457fb45045339312fb5e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: br
last-modified: Fri, 17 Jun 2022 12:16:07 GMT
etag: "62ac4657-11654"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71252
expires: Mon, 20 Jun 2022 16:24:05 GMT

GET
H2 200 get_data Show response
hdbcode.com/ 48 KB
18 KB 143ms
142ms Fetch
application/json 31.220.27.155
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hdbcode.com/get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=goristar.ucoz.ua&blockID=322613&width=1000&height=10739&windowWidth=1600&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=6a659671-7e9c-40a7-863b-6966925aa0e6
Requested by: Host: hdbcode.com
URL: https://hdbcode.com/kkqahhd3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: df98f270279c9989ab51e0329dbe8ec90e96dc3d2d20523d0c26e91176ab2de5

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
server: nginx/1.19.0
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: http://goristar.ucoz.ua
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type

GET
H2 200 get_data Show response
hdbcode.com/ 48 KB
18 KB 225ms
225ms Fetch
application/json 31.220.27.155
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hdbcode.com/get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=goristar.ucoz.ua&blockID=322502&width=1000&height=10739&windowWidth=1600&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=6a659671-7e9c-40a7-863b-6966925aa0e6
Requested by: Host: hdbcode.com
URL: https://hdbcode.com/kkqahhd3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e11c551a0b3e3664210dfb9963aa7e1f408a9b4aa8f86f1e5e94938e54242352

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
server: nginx/1.19.0
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: http://goristar.ucoz.ua
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type

OPTIONS
H2 200 get_data
hdbcode.com/ Frame 0
0 152ms
52ms Preflight 31.220.27.155
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hdbcode.com/get_data?v=default&page=https%253A%252F%252Fucoz.ru%252F&domain=goristar.ucoz.ua&blockID=322502&width=1000&height=10739&windowWidth=1600&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=6a659671-7e9c-40a7-863b-6966925aa0e6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://goristar.ucoz.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://goristar.ucoz.ua
content-length: 0
date: Mon, 20 Jun 2022 15:24:05 GMT
server: nginx/1.19.0

GET
H/1.1 200
OK ar1.gif
goristar.ucoz.ua/.s/img/wd/7/ 49 B
403 B 179ms
99ms Image
image/gif 193.109.246.19
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://goristar.ucoz.ua/.s/img/wd/7/ar1.gif

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/.s/src/layer7.min.css

Protocol

HTTP/1.1

Server

193.109.246.19 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),

Reverse DNS

dev.ucoz.net

Software

nginx /

Resource Hash

3907e3bf2936ab9dc1712ef5daac0dba9f4f493d8e474ff2cdf563e42d88b275

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/.s/src/layer7.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:12 GMT
Last-Modified: Mon, 31 Jul 2017 10:30:51 GMT
Server: nginx
ETag: "597f06db-31"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 49
Expires: Sun, 10 Jul 2022 15:24:12 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F780
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

177ms
62ms

XHR
application/json

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0

Protocol

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce72190ad6b4d0cdec7cf3b488ce0e201010c001f61f005cc8e05cac5d51f4c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 20 Jun 2022 15:24:05 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F780 29 B
588 B 175ms
53ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f05de49d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:09:29 GMT
x-content-type-options: nosniff
age: 876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Jun 2022 15:24:29 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 187ms
65ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 20 Jun 2022 15:24:05 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F780 63 KB
29 KB 423ms
122ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f05de49d/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

767ec6820d829a50a4b456fc54951ff22a26ad2f1ffc0acd2c24d963986cbf6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 29963
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/f05de49d/player_ias.vflset/en_GB/ Frame F780 119 KB
37 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f05de49d/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f05de49d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fd0c318f9cee7853dc1b9aadcdbcb5e112aa19239967e96cb54b54e06b04bfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 16:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 340180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37643
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 00:19:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Jun 2023 16:54:25 GMT

GET
H3 200 neLWrzQQwrLuSjLunjDl8WO25FW7p4vlNGwO3v1xINA.js Show response
www.google.com/js/th/ Frame F780 36 KB
14 KB 166ms
55ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/neLWrzQQwrLuSjLunjDl8WO25FW7p4vlNGwO3v1xINA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f05de49d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2d6af3410c2b2ee4a32ee9e30e5f163b6e455bba78be5346c0edefd7120d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 05:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 468836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13855
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 05:10:09 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/f05de49d/player_ias.vflset/en_GB/ Frame F780 27 KB
8 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f05de49d/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f05de49d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aea68df31c22fedd60b0fb27d60d19fd575df18f96627ddb0480d8f44b11d43d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 16:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 340642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8054
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 00:19:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Jun 2023 16:46:43 GMT

GET
DATA 200
OK truncated
/ Frame F780 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRWnI01FrLSIcpwn_elub_HYR0HV4wJ7XaKpGSLPw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F780 2 KB
3 KB 188ms
72ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRWnI01FrLSIcpwn_elub_HYR0HV4wJ7XaKpGSLPw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

40652385091f04310f4cff52d962dc695a21854b7ebf0f428e39aee78dfc67f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:05 GMT
x-content-type-options: nosniff
server: fife
etag: "vd56"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2274
x-xss-protection: 0
expires: Tue, 21 Jun 2022 15:24:05 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/oDpVhXEeCAk/ Frame F780 23 KB
23 KB 257ms
140ms Image
image/webp 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/oDpVhXEeCAk/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6eeee3ccb35c54e1d593eb2960b5c48534ebac1c9b5adbad2bf5dda38234abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:05 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23126
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Jun 2022 17:24:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F780 10 KB
10 KB 164ms
54ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:29:26 GMT
x-content-type-options: nosniff
age: 582879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 13 Jun 2023 21:29:26 GMT

GET
H2

200

QrCrsz43ytAFNqW2Xihd
an.yandex.ru/mapuid/kadamis/ Frame 59A7
Redirect Chain

https://an.yandex.ru/mapuid/kadamis/QrCrsz43ytAFNqW2Xihd
https://an.yandex.ru/mapuid/kadamis/QrCrsz43ytAFNqW2Xihd?redir-setuniq=1

43 B
108 B

107ms
107ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/QrCrsz43ytAFNqW2Xihd?redir-setuniq=1

Requested by

Host: uuidksinc.net
URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
last-modified: Mon, 20 Jun 2022 15:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Jun 2022 15:24:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
last-modified: Mon, 20 Jun 2022 15:24:05 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/kadamis/QrCrsz43ytAFNqW2Xihd?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 20 Jun 2022 15:24:05 GMT

GET
H2

200

348455e404144836b660e604afad2422
s.uuidksinc.net/match/760/ Frame 59A7
Redirect Chain

https://ads.go2net.com.ua/adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1
https://s.uuidksinc.net/match/760/348455e404144836b660e604afad2422

74 B
241 B

53ms
53ms

Image
image/png

31.220.27.135
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.uuidksinc.net/match/760/348455e404144836b660e604afad2422
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Protocol: H2
Server: 31.220.27.135 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:05 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

Redirect headers

Date: Mon, 20 Jun 2022 15:24:05 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://s.uuidksinc.net/match/760/348455e404144836b660e604afad2422
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H2 200 smc
z.cdn.adtarget.me/ Frame 59A7 0
245 B 157ms
49ms Image
text/plain 212.32.253.229
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.me/smc?s=22&u=QrCrsz43ytAFNqW2Xihd
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 212.32.253.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:21:31 GMT
server: nginx
content-length: 0
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

/
d.uuidksinc.net/match/383/ Frame 59A7
Redirect Chain

https://www.acint.net/rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=${USER_ID}
https://www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=191&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253D$%257BUSER_ID...
https://acint.net/rmatch?dp=14&euid=F055CA741691B0621C00916602EFD607&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D
https://d.uuidksinc.net/match/383/?remote_uid=89B803C11591B062220070B302382479

74 B
241 B

59ms
50ms

Image
image/png

31.220.27.135
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.uuidksinc.net/match/383/?remote_uid=89B803C11591B062220070B302382479
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Protocol: H2
Server: 31.220.27.135 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:06 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

Redirect headers

date: Mon, 20 Jun 2022 15:24:06 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://d.uuidksinc.net/match/383/?remote_uid=89B803C11591B062220070B302382479
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 403 sync
uuidksinc.net/kadam-sync.rutarget.ru/ Frame 59A7 555 B
555 B 52ms
51ms Image
text/html 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuidksinc.net/kadam-sync.rutarget.ru/sync
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 7019ec764d8b79a5b92f049dd4a436a7a97595f4351cc3f795fdaddaa7292aef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:05 GMT
server: nginx/1.19.0
content-length: 555
content-type: text/html

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/6573/i/ Frame 59A7
Redirect Chain

https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=QrCrsz43ytAFNqW2Xihd&i=0.22066022998226642
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=QrCrsz43ytAFNqW2Xihd&i=0.22066022998226642

49 B
602 B

97ms
97ms

Image
image/gif

185.15.175.130
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=QrCrsz43ytAFNqW2Xihd&i=0.22066022998226642

Requested by

Host: uuidksinc.net
URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 3
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Mon, 20 Jun 2022 15:24:05 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=QrCrsz43ytAFNqW2Xihd&i=0.22066022998226642
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F780 4 KB
2 KB 178ms
67ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f05de49d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Jun 2022 15:24:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 190ms
63ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: hdbcode.com
URL: https://hdbcode.com/kkqahhd3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 14:12:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Jun 2022 15:24:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Jun 2022 15:24:05 GMT

GET
H2 200 rect_6228ba412f7f2t1646836289r2163.jpg
i.cdnkimg.com/auto/500x175/image/tesr/5476/476/ 36 KB
36 KB 182ms
58ms Image
image/jpeg 45.133.44.37
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cdnkimg.com/auto/500x175/image/tesr/5476/476/rect_6228ba412f7f2t1646836289r2163.jpg
Requested by: Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.37 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 57a3d01a0770b6859e43427f3ea373cd2e8f2254ffa4fb0dfe31efa2efb94efb

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:05 GMT
server: nginx/1.19.0
x-cache-status: HIT
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 04 Jul 2022 15:24:05 GMT
cache-control: max-age=1209600
content-length: 37005
x-proxy-cache: HIT

GET
H2 200 6228ba412f7f2t1646836289r2163.jpg
i.cdnkimg.com/auto/190x175/image/tesr/5476/476/ 18 KB
18 KB 260ms
170ms Image
image/jpeg 45.133.44.37
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cdnkimg.com/auto/190x175/image/tesr/5476/476/6228ba412f7f2t1646836289r2163.jpg
Requested by: Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.37 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3062a5aef31dd58a33970aa854a03935348c80452dced9fd4114aaff3b44246

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:05 GMT
server: nginx/1.19.0
x-cache-status: MISS
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 04 Jul 2022 15:24:05 GMT
cache-control: max-age=1209600
content-length: 18341
x-proxy-cache: HIT

GET
H3 204 generate_204
www.youtube.com/ Frame F780 0
9 B 56ms
56ms Image
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?hibqnw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 pniesythbv7fuctapn7fkycom5rqa7k6azrhm7ctnbagymutpwadqxt5fiagohrxgefvw3qhmj7x4vlhjzgopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcalqbdsel6kkijlbfn7oc4z3cjeh6jbfg2jui5b7gkyq6tdlr33rhbw2pur2ovaicdlazfmt2lmfiiq...
s.viixty.com/n/1/ 74 B
142 B 162ms
52ms Image
image/png 185.98.54.153
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.viixty.com/n/1/pniesythbv7fuctapn7fkycom5rqa7k6azrhm7ctnbagymutpwadqxt5fiagohrxgefvw3qhmj7x4vlhjzgopyc2jh64n25dtkxypk5nhfq33f4zqfgfcvcalqbdsel6kkijlbfn7oc4z3cjeh6jbfg2jui5b7gkyq6tdlr33rhbw2pur2ovaicdlazfmt2lmfiiq2y2iuygsmswj5fwdich2rjttqlihdde5gx5k7eflj7rk3ithwcdrnqpjdu5kd2urjvpw52z4ycmfseg3xkineznm4fdmbcikvki3l5fhgsxod5wau6akuy7asefc6de4qnzkglpjgmrwglm3knqjkavdvgo5jc2c2bturheqmyfhlovaocjnhzjva5hl35huvyhnmg5smgy63yl3kuhvow4osflgbzems3bkb4fiuwioz4devsprowzzfdlcnuzgit64iplaxqbpbkfeocjnhbgtb2jbgbhuvekhjfysme44gyz4v4qkzi3estbaa3s47ahgmnwpqr3jdytd3so5nrc3ucxkoeeuymkkxiolqcrxblzt2nxnpbfl24d52qhnlcrltfw2nepqjegmu34yrlk6s7rgzl66t7u6k5mcveijwtkf4vhsdt6w6xmk23pbuxovsyljhvppgcfnbckwm3eehrzeirawltgbmyb24yqae5dmyrahu5fy===?cur=${AUCTION_CURRENCY}&bid=${AUCTION_PRICE}
Requested by: Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.98.54.153 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:05 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 167D 85 KB
16 KB 205ms
62ms Stylesheet
text/css 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6f0a1371-501e-0080-4432-fbbe78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=16233186
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 167D 169 KB
30 KB 196ms
54ms Stylesheet
text/css 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 9eaec477-701e-00b5-1896-fb102d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=12473267
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 515F 85 KB
16 KB 209ms
113ms Stylesheet
text/css 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211077&authkey=ALKCXSI4EJuINSc&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6f0a1371-501e-0080-4432-fbbe78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=16233186
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 515F 169 KB
30 KB 164ms
69ms Stylesheet
text/css 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211077&authkey=ALKCXSI4EJuINSc&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 9eaec477-701e-00b5-1896-fb102d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=12473267
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9675.AWjTEZAHl6DPptNE2iionX3uTCLEjaFpNMRMg4FH2m5R76ps16dAQhf9uPhNum6M.77yc5teyk4LrPnp4ZCQEHUcqHfg%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9675.oA-ebNJq4BlSCbjWOgzN98BjhDH9wcA0M72xtWboCDBaexrRe40YlVUUV_CjhwPTWeoeRs5IWIlGdvnIqdaXVnHZVMPqgVR7u0Z6hRbWPP0%2C.taLxJOsJolRB9rB-XBPhexorqtA%2C

43 B
359 B

107ms
107ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9675.oA-ebNJq4BlSCbjWOgzN98BjhDH9wcA0M72xtWboCDBaexrRe40YlVUUV_CjhwPTWeoeRs5IWIlGdvnIqdaXVnHZVMPqgVR7u0Z6hRbWPP0%2C.taLxJOsJolRB9rB-XBPhexorqtA%2C

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:06 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9675.oA-ebNJq4BlSCbjWOgzN98BjhDH9wcA0M72xtWboCDBaexrRe40YlVUUV_CjhwPTWeoeRs5IWIlGdvnIqdaXVnHZVMPqgVR7u0Z6hRbWPP0%2C.taLxJOsJolRB9rB-XBPhexorqtA%2C
date: Mon, 20 Jun 2022 15:24:05 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 244ms
100ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 15:24:05 GMT
last-modified: Fri, 17 Jun 2022 12:16:07 GMT
etag: "62ac4657-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 20 Jun 2022 16:24:05 GMT

GET
H3-Q050 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 6ABD 85 KB
15 KB 255ms
76ms Stylesheet
text/css 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6f0a1371-501e-0080-4432-fbbe78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=16233186
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 6ABD 169 KB
30 KB 255ms
76ms Stylesheet
text/css 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 9eaec477-701e-00b5-1896-fb102d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=12473267
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame C144 130 KB
130 KB 318ms
158ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

97e0b27e12cf8314ff8b05fe5d177c2657a124ae0b6d37b24fa5455a89281045

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 15:24:04 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: 190f961c-87fa-4ef0-93fb-bd4c06296aae
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 139D235DFB6141E992D55CF832F55FF2 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:05Z
x-officecluster: PIE1
x-officefd: DB5PEPF000083FC
x-officefe: DB5PEPF000083FC
x-officeversion: 16.0.15409.41003
x-usersessionid: 190f961c-87fa-4ef0-93fb-bd4c06296aae

GET
H3-Q050 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 167D 92 KB
33 KB 253ms
75ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 29c81963-d01e-00de-63ce-3d4d7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=23518961
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 167D 483 KB
133 KB 250ms
73ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4acc2b98-201e-0043-0a8f-3e373b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=23621654
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame FF43 85 KB
16 KB 198ms
73ms Stylesheet
text/css 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211068&authkey=AIeCzFVl2ljE9Co&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6f0a1371-501e-0080-4432-fbbe78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=16233186
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame FF43 169 KB
30 KB 201ms
76ms Stylesheet
text/css 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211068&authkey=AIeCzFVl2ljE9Co&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 9eaec477-701e-00b5-1896-fb102d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=12473267
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame EDEA 130 KB
132 KB 211ms
104ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211077&authkey=ALKCXSI4EJuINSc&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

31dd6ea0b2545e0597be27bea0a525b2abe30cddf28676d2a21ce675aaac246f

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 15:24:04 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: F92D90C6DF3A48AAB5510C831579C83E Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:05Z
x-officecluster: PIE1
x-officefd: DB5PEPF000083EB
x-officefe: DB5PEPF000083EB
x-officeversion: 16.0.15409.41003
x-usersessionid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723

GET
H3-Q050 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame F33F 85 KB
15 KB 172ms
77ms Stylesheet
text/css 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211019&authkey=AGCAMq55lajKKJY&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6f0a1371-501e-0080-4432-fbbe78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=16233186
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame F33F 169 KB
30 KB 172ms
77ms Stylesheet
text/css 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211019&authkey=AGCAMq55lajKKJY&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 9eaec477-701e-00b5-1896-fb102d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=12473267
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 515F 92 KB
33 KB 202ms
75ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211077&authkey=ALKCXSI4EJuINSc&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 29c81963-d01e-00de-63ce-3d4d7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=23518961
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 515F 483 KB
133 KB 201ms
75ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211077&authkey=ALKCXSI4EJuINSc&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:05 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4acc2b98-201e-0043-0a8f-3e373b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=23621654
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/ Frame EDEA 271 KB
34 KB 180ms
54ms Stylesheet
text/css 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c69650ab0b68842c0938498b0be309cff9c4c246f471aac4f25af29de9147cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"31288b78677fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33768
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:52:18 GMT
x-officefd: AM4PEPF000069EC
x-msedge-ref: Ref A: 85080C06E6104C83849DFC8A87D6E4A2 Ref B: AMS04EDGE3406 Ref C: 2022-06-13T20:52:18Z
x-usersessionid: 34d1a30f-f573-40ba-9626-56b938034291
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 34d1a30f-f573-40ba-9626-56b938034291
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/ Frame EDEA 106 KB
24 KB 344ms
218ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d7fa7fb90d87e699218623828dc3fc14eca17ea1b4f771b84acb4e4ea3ec222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"b0b1cfa5617fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00006A1E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23681
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:10:37 GMT
x-officefd: AM4PEPF00006A1E
x-msedge-ref: Ref A: 36D98CE1F6964DB2863B1437F8ADD72B Ref B: AM3EDGE0807 Ref C: 2022-06-13T20:10:37Z
x-usersessionid: e6da76eb-b84d-43a6-be6c-895496717e9a
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e6da76eb-b84d-43a6-be6c-895496717e9a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h44667F4E13B65C96_App_Scripts/2057/ Frame EDEA 137 KB
28 KB 282ms
196ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h44667F4E13B65C96_App_Scripts/2057/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6cafc80c79f9effe87f62754b8bbc2e97f3e372e2d40ef4b6731ccc88e1580ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "25de2d70407dd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00010312
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27937
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 11 Jun 2022 03:07:52 GMT
x-officefd: AM4PEPF00010312
x-msedge-ref: Ref A: 3DFECF2799ED4EB6B348FAC37CD9294F Ref B: AMS04EDGE2815 Ref C: 2022-06-12T17:05:11Z
x-usersessionid: 4650b7a4-b63b-4689-a51b-4b5eccd0d026
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4650b7a4-b63b-4689-a51b-4b5eccd0d026
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame EDEA 6 KB
2 KB 288ms
202ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "508242c2f57bd81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00012271
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1373
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 09 Jun 2022 11:40:46 GMT
x-officefd: AM4PEPF00012271
x-msedge-ref: Ref A: D5B1F12E1E1546FEB79ED74D02283E1D Ref B: AMS04EDGE3521 Ref C: 2022-06-13T10:21:29Z
x-usersessionid: 2ad58b33-71b1-4a23-af7a-257f9ea11d2d
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2ad58b33-71b1-4a23-af7a-257f9ea11d2d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hD53F37F94627C314_App_Scripts/2057/ Frame EDEA 19 KB
4 KB 183ms
183ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hD53F37F94627C314_App_Scripts/2057/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a58e71496d547cc6ab3cfb6165221a82dc74ae386801d7a4379ec1bd7535749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "ae7fbf6737cd81:0"
x-officecluster: US3C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00012E7D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3331
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 10 Jun 2022 02:44:09 GMT
x-officefd: DM3PEPF000132E5
x-msedge-ref: Ref A: 516EA7FC1F1D41E1987C53486664DCD6 Ref B: AMS04EDGE2112 Ref C: 2022-06-13T01:31:49Z
x-usersessionid: 22bc782c-425e-4787-9b13-27512259eef9
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 22bc782c-425e-4787-9b13-27512259eef9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hED9DDC739C538700_App_Scripts/2057/ Frame EDEA 464 KB
70 KB 180ms
55ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hED9DDC739C538700_App_Scripts/2057/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ed9ddc739c5387008773f690d4ccd41dadbb81238e2426c8aba53514790fd58b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7b31a813e67ad81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15331.41004
x-officefe: DB5PEPF0000E7FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 71027
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Wed, 08 Jun 2022 03:15:59 GMT
x-officefd: DB5PEPF0000E7FB
x-msedge-ref: Ref A: DA64707398F948A792B3EE2762DBA450 Ref B: AMS04EDGE3307 Ref C: 2022-06-08T03:15:59Z
x-usersessionid: 8d9791e9-6821-4653-b922-830e1253123d
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8d9791e9-6821-4653-b922-830e1253123d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h5C23AABE6E702262_App_Scripts/exp/ Frame EDEA 9 KB
4 KB 298ms
173ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h5C23AABE6E702262_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5c23aabe6e7022629d24a84edc627cbfb90318069476de5aa9423be162773a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "143fdfad781d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF000069E6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3857
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 15 Jun 2022 22:31:38 GMT
x-officefd: AM4PEPF000069E6
x-msedge-ref: Ref A: 45DD19BCDA724B14B563EA3494BC9C28 Ref B: AM3EDGE0613 Ref C: 2022-06-20T10:41:27Z
x-usersessionid: ef606886-bf09-475b-abaf-14c7958cf173
date: Mon, 20 Jun 2022 15:24:06 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ef606886-bf09-475b-abaf-14c7958cf173
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/ Frame EDEA 3 MB
751 KB 183ms
183ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7cca78b6998790b29556944615d6918487e36819fc8c5233565121ac4ddb351c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"43be449607fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF00008420
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 766526
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:00:54 GMT
x-officefd: DB5PEPF00008420
x-msedge-ref: Ref A: E033BF88C86E4F95AD2BDC0F20D9F12D Ref B: AMS04EDGE2806 Ref C: 2022-06-13T20:00:53Z
x-usersessionid: 8dcbcb91-28e5-4dd3-a8fd-9e7a1f588b00
date: Mon, 20 Jun 2022 15:24:06 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8dcbcb91-28e5-4dd3-a8fd-9e7a1f588b00
accept-ranges: bytes
timing-allow-origin: *

GET
H2 404 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame EDEA 1 KB
1 KB 226ms
226ms Image
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&access_token=4woAaoos%2Dg5HobtGCF%2DB8K1%5FZOD%5F4hfH9nDqLwHD9jCqJRBxax96TDPE%2D2gm%5FLNviUo1kH4L56nOJ6LIx5JoVu9IYq5%5FNZ5qKw9KMETAUl9RC5UMc%5F8LnkwtT437rLEqEjel8%5Fltk0vCfun%2Djmx8mJEA&access_token_ttl=1657553045371&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDc3LjU&v=00000000-0000-0000-0000-000000000802&usid=ffbf101e-abdd-4375-bc7a-8f1bd4ce7723&splashscreen=1&build=16.0.15409.41003&PdfMode=1&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000083DA
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083DA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 1245
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: 3dac6694-3c77-4be3-ae77-3db635442be9
x-officefd: DB5PEPF000083DA
x-usersessionid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
date: Mon, 20 Jun 2022 15:24:05 GMT
x-download-options: noopen
content-type: text/html
cache-control: no-cache
x-msedge-ref: Ref A: 270A64D082BA417ABB841686FE019C66 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame EDEA 0
539 B 221ms
220ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BY3PEPF0000C93E
x-officeversion: 16.0.15409.41003
x-officefe: BY3PEPF0000C93E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: 0200dedc-0812-40be-94eb-c2d1351b204a
x-officecluster: PGTUS1
x-usersessionid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
date: Mon, 20 Jun 2022 15:24:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: E6873381BCFA4FDFB1D7EDCC976BC0C4 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/ Frame C144 271 KB
34 KB 199ms
120ms Stylesheet
text/css 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c69650ab0b68842c0938498b0be309cff9c4c246f471aac4f25af29de9147cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"31288b78677fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33768
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:52:18 GMT
x-officefd: AM4PEPF000069EC
x-msedge-ref: Ref A: 85080C06E6104C83849DFC8A87D6E4A2 Ref B: AMS04EDGE3406 Ref C: 2022-06-13T20:52:18Z
x-usersessionid: 34d1a30f-f573-40ba-9626-56b938034291
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 34d1a30f-f573-40ba-9626-56b938034291
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/ Frame C144 106 KB
24 KB 261ms
182ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d7fa7fb90d87e699218623828dc3fc14eca17ea1b4f771b84acb4e4ea3ec222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"b0b1cfa5617fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00006A1E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23681
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:10:37 GMT
x-officefd: AM4PEPF00006A1E
x-msedge-ref: Ref A: 36D98CE1F6964DB2863B1437F8ADD72B Ref B: AM3EDGE0807 Ref C: 2022-06-13T20:10:37Z
x-usersessionid: e6da76eb-b84d-43a6-be6c-895496717e9a
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e6da76eb-b84d-43a6-be6c-895496717e9a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h44667F4E13B65C96_App_Scripts/2057/ Frame C144 137 KB
28 KB 220ms
190ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h44667F4E13B65C96_App_Scripts/2057/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6cafc80c79f9effe87f62754b8bbc2e97f3e372e2d40ef4b6731ccc88e1580ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "25de2d70407dd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00010312
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27937
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 11 Jun 2022 03:07:52 GMT
x-officefd: AM4PEPF00010312
x-msedge-ref: Ref A: 3DFECF2799ED4EB6B348FAC37CD9294F Ref B: AMS04EDGE2815 Ref C: 2022-06-12T17:05:11Z
x-usersessionid: 4650b7a4-b63b-4689-a51b-4b5eccd0d026
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4650b7a4-b63b-4689-a51b-4b5eccd0d026
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame C144 6 KB
2 KB 239ms
210ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "508242c2f57bd81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00012271
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1373
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 09 Jun 2022 11:40:46 GMT
x-officefd: AM4PEPF00012271
x-msedge-ref: Ref A: D5B1F12E1E1546FEB79ED74D02283E1D Ref B: AMS04EDGE3521 Ref C: 2022-06-13T10:21:29Z
x-usersessionid: 2ad58b33-71b1-4a23-af7a-257f9ea11d2d
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2ad58b33-71b1-4a23-af7a-257f9ea11d2d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hD53F37F94627C314_App_Scripts/2057/ Frame C144 19 KB
4 KB 139ms
138ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hD53F37F94627C314_App_Scripts/2057/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a58e71496d547cc6ab3cfb6165221a82dc74ae386801d7a4379ec1bd7535749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "ae7fbf6737cd81:0"
x-officecluster: US3C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00012E7D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3331
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 10 Jun 2022 02:44:09 GMT
x-officefd: DM3PEPF000132E5
x-msedge-ref: Ref A: 516EA7FC1F1D41E1987C53486664DCD6 Ref B: AMS04EDGE2112 Ref C: 2022-06-13T01:31:49Z
x-usersessionid: 22bc782c-425e-4787-9b13-27512259eef9
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 22bc782c-425e-4787-9b13-27512259eef9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hED9DDC739C538700_App_Scripts/2057/ Frame C144 464 KB
70 KB 252ms
174ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hED9DDC739C538700_App_Scripts/2057/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ed9ddc739c5387008773f690d4ccd41dadbb81238e2426c8aba53514790fd58b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7b31a813e67ad81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15331.41004
x-officefe: DB5PEPF0000E7FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 71027
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Wed, 08 Jun 2022 03:15:59 GMT
x-officefd: DB5PEPF0000E7FB
x-msedge-ref: Ref A: DA64707398F948A792B3EE2762DBA450 Ref B: AMS04EDGE3307 Ref C: 2022-06-08T03:15:59Z
x-usersessionid: 8d9791e9-6821-4653-b922-830e1253123d
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8d9791e9-6821-4653-b922-830e1253123d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h5C23AABE6E702262_App_Scripts/exp/ Frame C144 9 KB
4 KB 260ms
181ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h5C23AABE6E702262_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5c23aabe6e7022629d24a84edc627cbfb90318069476de5aa9423be162773a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "143fdfad781d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF000069E6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3857
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 15 Jun 2022 22:31:38 GMT
x-officefd: AM4PEPF000069E6
x-msedge-ref: Ref A: 45DD19BCDA724B14B563EA3494BC9C28 Ref B: AM3EDGE0613 Ref C: 2022-06-20T10:41:27Z
x-usersessionid: ef606886-bf09-475b-abaf-14c7958cf173
date: Mon, 20 Jun 2022 15:24:06 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ef606886-bf09-475b-abaf-14c7958cf173
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/ Frame C144 3 MB
751 KB 142ms
141ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7cca78b6998790b29556944615d6918487e36819fc8c5233565121ac4ddb351c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"43be449607fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF00008420
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 766526
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:00:54 GMT
x-officefd: DB5PEPF00008420
x-msedge-ref: Ref A: E033BF88C86E4F95AD2BDC0F20D9F12D Ref B: AMS04EDGE2806 Ref C: 2022-06-13T20:00:53Z
x-usersessionid: 8dcbcb91-28e5-4dd3-a8fd-9e7a1f588b00
date: Mon, 20 Jun 2022 15:24:06 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8dcbcb91-28e5-4dd3-a8fd-9e7a1f588b00
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame C144 76 KB
76 KB 254ms
254ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wNIZuG8SRBloyX54wbymqt4%5F8mcfZJ%2DMdl05AkE%5F0YTGsXyHjjNLRaL0WtWAhryjp96tQAFG5XZUfMEC7EhK3eHS3PYn8FD%2DVYDLxK6O6tj6lfOxJ6Z4%2DtpPm%5FYGZDr51pL7BGQxcwjZB%5FfFxgJgbZw&access_token_ttl=1657553045311&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ&v=00000000-0000-0000-0000-000000000802&usid=190f961c-87fa-4ef0-93fb-bd4c06296aae&splashscreen=1&build=16.0.15409.41003&PdfMode=1&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e638694e4d5377c70059ccac39d4d8d1da864a1d6ff0c24df041f7e1585676a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000083FB
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 77344
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wNIZuG8SRBloyX54wbymqt4%5F8mcfZJ%2DMdl05AkE%5F0YTGsXyHjjNLRaL0WtWAhryjp96tQAFG5XZUfMEC7EhK3eHS3PYn8FD%2DVYDLxK6O6tj6lfOxJ6Z4%2DtpPm%5FYGZDr51pL7BGQxcwjZB%5FfFxgJgbZw&access_token_ttl=1657553045311&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 1dcdaf79-56e0-4075-99f6-2c0e81539160
x-officefd: DB5PEPF000083FB
x-usersessionid: 190f961c-87fa-4ef0-93fb-bd4c06296aae
date: Mon, 20 Jun 2022 15:24:05 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 343803AB8E174E43BC064657208E5194 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:06 GMT

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame C144 0
217 B 219ms
218ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 190f961c-87fa-4ef0-93fb-bd4c06296aae
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":1,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BY3PEPF0000C96E
x-officeversion: 16.0.15409.41003
x-officefe: BY3PEPF0000C96E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: c15ec7a7-e562-40a8-825f-b3f399c69168
x-officecluster: PGTUS1
x-usersessionid: 190f961c-87fa-4ef0-93fb-bd4c06296aae
date: Mon, 20 Jun 2022 15:24:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: A7257B01BA134F289F334037B9807D57 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame 2CA3 130 KB
130 KB 115ms
110ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b51878a3480a1aaf9b908740495d8d0cb2386a587cb37fede061d86d1c0a4b74

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 15:24:05 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 2A32D06CC85649C783B9A488CF2362BE Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z
x-officecluster: PIE1
x-officefd: DB5PEPF000064AD
x-officefe: DB5PEPF000064AD
x-officeversion: 16.0.15409.41003
x-usersessionid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame D6AA 130 KB
132 KB 106ms
102ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=yRnFL8VqV0+uDjv5uH0Q6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&sc=host%3D%26qt%3DDefault%26pt%3Dem

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211068&authkey=AIeCzFVl2ljE9Co&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6b700822e8a44f77f93e681d30cfc8d1f72cf09178bd7daee96892a54ba13671

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 15:24:05 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: D3A9F3FC919841EBB6570FD8F0EB0FD1 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z
x-officecluster: PIE1
x-officefd: DB5PEPF00008421
x-officefe: DB5PEPF00008421
x-officeversion: 16.0.15409.41003
x-usersessionid: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82

GET
H3-Q050 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 6ABD 92 KB
33 KB 1672ms
1668ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:06 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 29c81963-d01e-00de-63ce-3d4d7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=23518960
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 6ABD 483 KB
133 KB 1672ms
1668ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:06 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4acc2b98-201e-0043-0a8f-3e373b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=23621653
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

POST
H2 200 wordviewerframe.aspx Show response
word-view.officeapps.live.com/wv/ Frame 3726 130 KB
130 KB 88ms
87ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211019&authkey=AGCAMq55lajKKJY&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ec78c2c3871dea83585c1d83439c798fb40fa47f885cc1caf314a6daff0c6f53

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 15:24:05 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: f9bc29c9-9017-4451-9c2b-d2cde9705a87
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: AD3546F1D1904EF19E9EABC41659E2D2 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z
x-officecluster: PNL1
x-officefd: AM4PEPF00012934
x-officefe: AM4PEPF00012934
x-officeversion: 16.0.15409.41003
x-usersessionid: f9bc29c9-9017-4451-9c2b-d2cde9705a87

GET
H3-Q050 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame FF43 92 KB
33 KB 1668ms
1668ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211068&authkey=AIeCzFVl2ljE9Co&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:06 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 29c81963-d01e-00de-63ce-3d4d7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=23518960
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame FF43 483 KB
133 KB 1668ms
1668ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211068&authkey=AIeCzFVl2ljE9Co&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:06 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4acc2b98-201e-0043-0a8f-3e373b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=23621653
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame F33F 92 KB
33 KB 1657ms
1657ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211019&authkey=AGCAMq55lajKKJY&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:06 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 29c81963-d01e-00de-63ce-3d4d7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=23518960
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame F33F 483 KB
133 KB 1659ms
1658ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211019&authkey=AGCAMq55lajKKJY&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:06 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4acc2b98-201e-0043-0a8f-3e373b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=23621653
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F780 102 B
146 B 67ms
67ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f05de49d/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97f64480ab12ab8961b7e489a6cac8b7ed495234639c954ddef5de63c9b2ad4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 20 Jun 2022 15:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 122
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 69ms
69ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 20 Jun 2022 15:24:06 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/73418029/
Redirect Chain

https://mc.yandex.com/watch/73418029?wmode=7&page-url=http%3A%2F%2Fgoristar.ucoz.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3A...
https://mc.yandex.com/watch/73418029/1?wmode=7&page-url=http%3A%2F%2Fgoristar.ucoz.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%...

338 B
746 B

109ms
108ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/73418029/1?wmode=7&page-url=http%3A%2F%2Fgoristar.ucoz.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A821%3Acn%3A1%3Adp%3A0%3Als%3A505765348036%3Ahid%3A949401298%3Az%3A0%3Ai%3A20220620152405%3Aet%3A1655738646%3Ac%3A1%3Arn%3A195225410%3Arqn%3A1%3Au%3A1655738646426444373%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1655738643596%3Ads%3A93%2C95%2C339%2C1%2C%2C0%2C%2C887%2C16%2C%2C%2C%2C1416%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1655738646%3At%3A%D0%9D%D0%B0%D0%B2%D1%87%D0%B0%D1%94%D0%BC%D0%BE%D1%81%D1%8F%20%D0%B2%D0%B4%D0%BE%D0%BC%D0%B0%20-%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0%20%D1%81%D1%82%D0%BE%D1%80%D1%96%D0%BD%D0%BA%D0%B0&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Requested by

Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7c65ffea96ffcebf0411825f94f16061afccdc3f25c91c02ff44c6f853bebc98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://goristar.ucoz.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 15:24:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 20-Jun-2022 15:24:06 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://goristar.ucoz.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Mon, 20-Jun-2022 15:24:06 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 15:24:06 GMT
last-modified: Mon, 20-Jun-2022 15:24:06 GMT
location: /watch/73418029/1?wmode=7&page-url=http%3A%2F%2Fgoristar.ucoz.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A968%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A821%3Acn%3A1%3Adp%3A0%3Als%3A505765348036%3Ahid%3A949401298%3Az%3A0%3Ai%3A20220620152405%3Aet%3A1655738646%3Ac%3A1%3Arn%3A195225410%3Arqn%3A1%3Au%3A1655738646426444373%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1655738643596%3Ads%3A93%2C95%2C339%2C1%2C%2C0%2C%2C887%2C16%2C%2C%2C%2C1416%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1655738646%3At%3A%D0%9D%D0%B0%D0%B2%D1%87%D0%B0%D1%94%D0%BC%D0%BE%D1%81%D1%8F%20%D0%B2%D0%B4%D0%BE%D0%BC%D0%B0%20-%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0%20%D1%81%D1%82%D0%BE%D1%80%D1%96%D0%BD%D0%BA%D0%B0&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://goristar.ucoz.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 20-Jun-2022 15:24:06 GMT

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/ Frame 3726 271 KB
34 KB 85ms
84ms Stylesheet
text/css 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c69650ab0b68842c0938498b0be309cff9c4c246f471aac4f25af29de9147cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"31288b78677fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33768
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:52:18 GMT
x-officefd: AM4PEPF000069EC
x-msedge-ref: Ref A: 85080C06E6104C83849DFC8A87D6E4A2 Ref B: AMS04EDGE3406 Ref C: 2022-06-13T20:52:18Z
x-usersessionid: 34d1a30f-f573-40ba-9626-56b938034291
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 34d1a30f-f573-40ba-9626-56b938034291
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/ Frame 3726 106 KB
24 KB 184ms
183ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d7fa7fb90d87e699218623828dc3fc14eca17ea1b4f771b84acb4e4ea3ec222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"b0b1cfa5617fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00006A1E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23681
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:10:37 GMT
x-officefd: AM4PEPF00006A1E
x-msedge-ref: Ref A: 36D98CE1F6964DB2863B1437F8ADD72B Ref B: AM3EDGE0807 Ref C: 2022-06-13T20:10:37Z
x-usersessionid: e6da76eb-b84d-43a6-be6c-895496717e9a
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e6da76eb-b84d-43a6-be6c-895496717e9a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h44667F4E13B65C96_App_Scripts/2057/ Frame 3726 137 KB
28 KB 181ms
178ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h44667F4E13B65C96_App_Scripts/2057/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6cafc80c79f9effe87f62754b8bbc2e97f3e372e2d40ef4b6731ccc88e1580ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "25de2d70407dd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00010312
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27937
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 11 Jun 2022 03:07:52 GMT
x-officefd: AM4PEPF00010312
x-msedge-ref: Ref A: 3DFECF2799ED4EB6B348FAC37CD9294F Ref B: AMS04EDGE2815 Ref C: 2022-06-12T17:05:11Z
x-usersessionid: 4650b7a4-b63b-4689-a51b-4b5eccd0d026
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4650b7a4-b63b-4689-a51b-4b5eccd0d026
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame 3726 6 KB
2 KB 183ms
181ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "508242c2f57bd81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00012271
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1373
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 09 Jun 2022 11:40:46 GMT
x-officefd: AM4PEPF00012271
x-msedge-ref: Ref A: D5B1F12E1E1546FEB79ED74D02283E1D Ref B: AMS04EDGE3521 Ref C: 2022-06-13T10:21:29Z
x-usersessionid: 2ad58b33-71b1-4a23-af7a-257f9ea11d2d
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2ad58b33-71b1-4a23-af7a-257f9ea11d2d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hD53F37F94627C314_App_Scripts/2057/ Frame 3726 19 KB
4 KB 185ms
183ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hD53F37F94627C314_App_Scripts/2057/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a58e71496d547cc6ab3cfb6165221a82dc74ae386801d7a4379ec1bd7535749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "ae7fbf6737cd81:0"
x-officecluster: US3C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00012E7D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3331
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 10 Jun 2022 02:44:09 GMT
x-officefd: DM3PEPF000132E5
x-msedge-ref: Ref A: 516EA7FC1F1D41E1987C53486664DCD6 Ref B: AMS04EDGE2112 Ref C: 2022-06-13T01:31:49Z
x-usersessionid: 22bc782c-425e-4787-9b13-27512259eef9
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 22bc782c-425e-4787-9b13-27512259eef9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hED9DDC739C538700_App_Scripts/2057/ Frame 3726 464 KB
70 KB 167ms
167ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hED9DDC739C538700_App_Scripts/2057/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ed9ddc739c5387008773f690d4ccd41dadbb81238e2426c8aba53514790fd58b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7b31a813e67ad81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15331.41004
x-officefe: DB5PEPF0000E7FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 71027
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Wed, 08 Jun 2022 03:15:59 GMT
x-officefd: DB5PEPF0000E7FB
x-msedge-ref: Ref A: DA64707398F948A792B3EE2762DBA450 Ref B: AMS04EDGE3307 Ref C: 2022-06-08T03:15:59Z
x-usersessionid: 8d9791e9-6821-4653-b922-830e1253123d
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8d9791e9-6821-4653-b922-830e1253123d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h5C23AABE6E702262_App_Scripts/exp/ Frame 3726 9 KB
4 KB 168ms
167ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h5C23AABE6E702262_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5c23aabe6e7022629d24a84edc627cbfb90318069476de5aa9423be162773a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "143fdfad781d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF000069E6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3857
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 15 Jun 2022 22:31:38 GMT
x-officefd: AM4PEPF000069E6
x-msedge-ref: Ref A: 45DD19BCDA724B14B563EA3494BC9C28 Ref B: AM3EDGE0613 Ref C: 2022-06-20T10:41:27Z
x-usersessionid: ef606886-bf09-475b-abaf-14c7958cf173
date: Mon, 20 Jun 2022 15:24:06 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ef606886-bf09-475b-abaf-14c7958cf173
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/ Frame 3726 3 MB
751 KB 189ms
186ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7cca78b6998790b29556944615d6918487e36819fc8c5233565121ac4ddb351c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"43be449607fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF00008420
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 766526
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:00:54 GMT
x-officefd: DB5PEPF00008420
x-msedge-ref: Ref A: E033BF88C86E4F95AD2BDC0F20D9F12D Ref B: AMS04EDGE2806 Ref C: 2022-06-13T20:00:53Z
x-usersessionid: 8dcbcb91-28e5-4dd3-a8fd-9e7a1f588b00
date: Mon, 20 Jun 2022 15:24:06 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8dcbcb91-28e5-4dd3-a8fd-9e7a1f588b00
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3726 0
470 B 149ms
147ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: f9bc29c9-9017-4451-9c2b-d2cde9705a87
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BN3PEPF00003853
x-officeversion: 16.0.15409.41003
x-officefe: BN3PEPF00003853
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: a03ecbc0-3924-49f6-8ba5-59f732efef90
x-officecluster: PGTUS3
x-usersessionid: f9bc29c9-9017-4451-9c2b-d2cde9705a87
date: Mon, 20 Jun 2022 15:24:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: E64EB5C97EA549E9A8C6D034F65A23FE Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/ Frame D6AA 271 KB
34 KB 98ms
96ms Stylesheet
text/css 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=yRnFL8VqV0+uDjv5uH0Q6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&sc=host%3D%26qt%3DDefault%26pt%3Dem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c69650ab0b68842c0938498b0be309cff9c4c246f471aac4f25af29de9147cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"31288b78677fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33768
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:52:18 GMT
x-officefd: AM4PEPF000069EC
x-msedge-ref: Ref A: 85080C06E6104C83849DFC8A87D6E4A2 Ref B: AMS04EDGE3406 Ref C: 2022-06-13T20:52:18Z
x-usersessionid: 34d1a30f-f573-40ba-9626-56b938034291
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 34d1a30f-f573-40ba-9626-56b938034291
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/ Frame D6AA 106 KB
24 KB 190ms
188ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d7fa7fb90d87e699218623828dc3fc14eca17ea1b4f771b84acb4e4ea3ec222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"b0b1cfa5617fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00006A1E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23681
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:10:37 GMT
x-officefd: AM4PEPF00006A1E
x-msedge-ref: Ref A: 36D98CE1F6964DB2863B1437F8ADD72B Ref B: AM3EDGE0807 Ref C: 2022-06-13T20:10:37Z
x-usersessionid: e6da76eb-b84d-43a6-be6c-895496717e9a
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e6da76eb-b84d-43a6-be6c-895496717e9a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h44667F4E13B65C96_App_Scripts/2057/ Frame D6AA 137 KB
28 KB 186ms
184ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h44667F4E13B65C96_App_Scripts/2057/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6cafc80c79f9effe87f62754b8bbc2e97f3e372e2d40ef4b6731ccc88e1580ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "25de2d70407dd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00010312
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27937
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 11 Jun 2022 03:07:52 GMT
x-officefd: AM4PEPF00010312
x-msedge-ref: Ref A: 3DFECF2799ED4EB6B348FAC37CD9294F Ref B: AMS04EDGE2815 Ref C: 2022-06-12T17:05:11Z
x-usersessionid: 4650b7a4-b63b-4689-a51b-4b5eccd0d026
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4650b7a4-b63b-4689-a51b-4b5eccd0d026
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame D6AA 6 KB
2 KB 188ms
187ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "508242c2f57bd81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00012271
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1373
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 09 Jun 2022 11:40:46 GMT
x-officefd: AM4PEPF00012271
x-msedge-ref: Ref A: D5B1F12E1E1546FEB79ED74D02283E1D Ref B: AMS04EDGE3521 Ref C: 2022-06-13T10:21:29Z
x-usersessionid: 2ad58b33-71b1-4a23-af7a-257f9ea11d2d
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2ad58b33-71b1-4a23-af7a-257f9ea11d2d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hD53F37F94627C314_App_Scripts/2057/ Frame D6AA 19 KB
4 KB 189ms
188ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hD53F37F94627C314_App_Scripts/2057/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a58e71496d547cc6ab3cfb6165221a82dc74ae386801d7a4379ec1bd7535749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "ae7fbf6737cd81:0"
x-officecluster: US3C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00012E7D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3331
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 10 Jun 2022 02:44:09 GMT
x-officefd: DM3PEPF000132E5
x-msedge-ref: Ref A: 516EA7FC1F1D41E1987C53486664DCD6 Ref B: AMS04EDGE2112 Ref C: 2022-06-13T01:31:49Z
x-usersessionid: 22bc782c-425e-4787-9b13-27512259eef9
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 22bc782c-425e-4787-9b13-27512259eef9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hED9DDC739C538700_App_Scripts/2057/ Frame D6AA 464 KB
70 KB 160ms
158ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hED9DDC739C538700_App_Scripts/2057/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ed9ddc739c5387008773f690d4ccd41dadbb81238e2426c8aba53514790fd58b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7b31a813e67ad81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15331.41004
x-officefe: DB5PEPF0000E7FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 71027
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Wed, 08 Jun 2022 03:15:59 GMT
x-officefd: DB5PEPF0000E7FB
x-msedge-ref: Ref A: DA64707398F948A792B3EE2762DBA450 Ref B: AMS04EDGE3307 Ref C: 2022-06-08T03:15:59Z
x-usersessionid: 8d9791e9-6821-4653-b922-830e1253123d
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8d9791e9-6821-4653-b922-830e1253123d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h5C23AABE6E702262_App_Scripts/exp/ Frame D6AA 9 KB
4 KB 163ms
163ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h5C23AABE6E702262_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5c23aabe6e7022629d24a84edc627cbfb90318069476de5aa9423be162773a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "143fdfad781d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF000069E6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3857
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 15 Jun 2022 22:31:38 GMT
x-officefd: AM4PEPF000069E6
x-msedge-ref: Ref A: 45DD19BCDA724B14B563EA3494BC9C28 Ref B: AM3EDGE0613 Ref C: 2022-06-20T10:41:27Z
x-usersessionid: ef606886-bf09-475b-abaf-14c7958cf173
date: Mon, 20 Jun 2022 15:24:06 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ef606886-bf09-475b-abaf-14c7958cf173
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/ Frame D6AA 3 MB
751 KB 190ms
189ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7cca78b6998790b29556944615d6918487e36819fc8c5233565121ac4ddb351c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"43be449607fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF00008420
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 766526
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:00:54 GMT
x-officefd: DB5PEPF00008420
x-msedge-ref: Ref A: E033BF88C86E4F95AD2BDC0F20D9F12D Ref B: AMS04EDGE2806 Ref C: 2022-06-13T20:00:53Z
x-usersessionid: 8dcbcb91-28e5-4dd3-a8fd-9e7a1f588b00
date: Mon, 20 Jun 2022 15:24:06 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8dcbcb91-28e5-4dd3-a8fd-9e7a1f588b00
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame D6AA 0
365 B 473ms
471ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=yRnFL8VqV0+uDjv5uH0Q6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BB18
x-officeversion: 16.0.15413.41023
x-officefe: BL6PEPF0000BB18
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7a5947d4-761f-4af2-ab6f-e7fa19429ffc
x-officecluster: PGTUS4
x-usersessionid: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
date: Mon, 20 Jun 2022 15:24:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 73E4CC82E7714981A0CC9E8064767A7F Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/ Frame 2CA3 271 KB
34 KB 116ms
115ms Stylesheet
text/css 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css

Requested by

Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c69650ab0b68842c0938498b0be309cff9c4c246f471aac4f25af29de9147cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"31288b78677fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33768
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:52:18 GMT
x-officefd: AM4PEPF000069EC
x-msedge-ref: Ref A: 85080C06E6104C83849DFC8A87D6E4A2 Ref B: AMS04EDGE3406 Ref C: 2022-06-13T20:52:18Z
x-usersessionid: 34d1a30f-f573-40ba-9626-56b938034291
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 34d1a30f-f573-40ba-9626-56b938034291
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/ Frame 2CA3 106 KB
24 KB 192ms
191ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d7fa7fb90d87e699218623828dc3fc14eca17ea1b4f771b84acb4e4ea3ec222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"b0b1cfa5617fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00006A1E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23681
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:10:37 GMT
x-officefd: AM4PEPF00006A1E
x-msedge-ref: Ref A: 36D98CE1F6964DB2863B1437F8ADD72B Ref B: AM3EDGE0807 Ref C: 2022-06-13T20:10:37Z
x-usersessionid: e6da76eb-b84d-43a6-be6c-895496717e9a
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e6da76eb-b84d-43a6-be6c-895496717e9a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h44667F4E13B65C96_App_Scripts/2057/ Frame 2CA3 137 KB
28 KB 193ms
192ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h44667F4E13B65C96_App_Scripts/2057/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6cafc80c79f9effe87f62754b8bbc2e97f3e372e2d40ef4b6731ccc88e1580ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "25de2d70407dd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00010312
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27937
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 11 Jun 2022 03:07:52 GMT
x-officefd: AM4PEPF00010312
x-msedge-ref: Ref A: 3DFECF2799ED4EB6B348FAC37CD9294F Ref B: AMS04EDGE2815 Ref C: 2022-06-12T17:05:11Z
x-usersessionid: 4650b7a4-b63b-4689-a51b-4b5eccd0d026
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4650b7a4-b63b-4689-a51b-4b5eccd0d026
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame 2CA3 6 KB
2 KB 195ms
195ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "508242c2f57bd81:0"
x-officecluster: SNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF00012271
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1373
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 09 Jun 2022 11:40:46 GMT
x-officefd: AM4PEPF00012271
x-msedge-ref: Ref A: D5B1F12E1E1546FEB79ED74D02283E1D Ref B: AMS04EDGE3521 Ref C: 2022-06-13T10:21:29Z
x-usersessionid: 2ad58b33-71b1-4a23-af7a-257f9ea11d2d
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2ad58b33-71b1-4a23-af7a-257f9ea11d2d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hD53F37F94627C314_App_Scripts/2057/ Frame 2CA3 19 KB
4 KB 198ms
197ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hD53F37F94627C314_App_Scripts/2057/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a58e71496d547cc6ab3cfb6165221a82dc74ae386801d7a4379ec1bd7535749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "ae7fbf6737cd81:0"
x-officecluster: US3C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00012E7D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3331
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 10 Jun 2022 02:44:09 GMT
x-officefd: DM3PEPF000132E5
x-msedge-ref: Ref A: 516EA7FC1F1D41E1987C53486664DCD6 Ref B: AMS04EDGE2112 Ref C: 2022-06-13T01:31:49Z
x-usersessionid: 22bc782c-425e-4787-9b13-27512259eef9
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 22bc782c-425e-4787-9b13-27512259eef9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hED9DDC739C538700_App_Scripts/2057/ Frame 2CA3 464 KB
70 KB 160ms
159ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hED9DDC739C538700_App_Scripts/2057/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ed9ddc739c5387008773f690d4ccd41dadbb81238e2426c8aba53514790fd58b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7b31a813e67ad81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15331.41004
x-officefe: DB5PEPF0000E7FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 71027
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Wed, 08 Jun 2022 03:15:59 GMT
x-officefd: DB5PEPF0000E7FB
x-msedge-ref: Ref A: DA64707398F948A792B3EE2762DBA450 Ref B: AMS04EDGE3307 Ref C: 2022-06-08T03:15:59Z
x-usersessionid: 8d9791e9-6821-4653-b922-830e1253123d
date: Mon, 20 Jun 2022 15:24:06 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8d9791e9-6821-4653-b922-830e1253123d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h5C23AABE6E702262_App_Scripts/exp/ Frame 2CA3 9 KB
4 KB 165ms
164ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h5C23AABE6E702262_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5c23aabe6e7022629d24a84edc627cbfb90318069476de5aa9423be162773a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "143fdfad781d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF000069E6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3857
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 15 Jun 2022 22:31:38 GMT
x-officefd: AM4PEPF000069E6
x-msedge-ref: Ref A: 45DD19BCDA724B14B563EA3494BC9C28 Ref B: AM3EDGE0613 Ref C: 2022-06-20T10:41:27Z
x-usersessionid: ef606886-bf09-475b-abaf-14c7958cf173
date: Mon, 20 Jun 2022 15:24:06 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ef606886-bf09-475b-abaf-14c7958cf173
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/ Frame 2CA3 3 MB
751 KB 200ms
199ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7cca78b6998790b29556944615d6918487e36819fc8c5233565121ac4ddb351c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"43be449607fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF00008420
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 766526
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:00:54 GMT
x-officefd: DB5PEPF00008420
x-msedge-ref: Ref A: E033BF88C86E4F95AD2BDC0F20D9F12D Ref B: AMS04EDGE2806 Ref C: 2022-06-13T20:00:53Z
x-usersessionid: 8dcbcb91-28e5-4dd3-a8fd-9e7a1f588b00
date: Mon, 20 Jun 2022 15:24:06 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8dcbcb91-28e5-4dd3-a8fd-9e7a1f588b00
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2CA3 0
293 B 140ms
139ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BB7C
x-officeversion: 16.0.15409.41003
x-officefe: BL6PEPF0000BB7C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: c1c2e626-fd5d-4a1c-b431-cc8c46d4810a
x-officecluster: PGTUS6
x-usersessionid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
date: Mon, 20 Jun 2022 15:24:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 585733410A8849A7B404FB1467964716 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame EDEA 0
382 B 184ms
184ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":213,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: SN3PEPF0000C0FC
x-officeversion: 16.0.15409.41003
x-officefe: SN3PEPF0000C0FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5cabed3c-3ccb-4d84-a643-5dc6388c5b62
x-officecluster: PGTUS5
x-usersessionid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
date: Mon, 20 Jun 2022 15:24:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 6101D022DEBD45BD97C2910B07633A9C Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame C144 0
217 B 178ms
178ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 190f961c-87fa-4ef0-93fb-bd4c06296aae
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":206,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000B75C
x-officeversion: 16.0.15409.41003
x-officefe: BL6PEPF0000B75C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5c8e141b-b175-4086-a919-8e30ff9a00bb
x-officecluster: PGTUS6
x-usersessionid: 190f961c-87fa-4ef0-93fb-bd4c06296aae
date: Mon, 20 Jun 2022 15:24:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 2990B60049314C8792BC73B1C06B7EC6 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3726 0
328 B 228ms
227ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: f9bc29c9-9017-4451-9c2b-d2cde9705a87
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":171,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: MW1PEPF000078A6
x-officeversion: 16.0.15413.41023
x-officefe: MW1PEPF000078A6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: 26ee0d81-29ad-4940-bb6b-d25a2af2a4ec
x-officecluster: PGTUS2
x-usersessionid: f9bc29c9-9017-4451-9c2b-d2cde9705a87
date: Mon, 20 Jun 2022 15:24:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 15307FC946424F65B2992602AC4BEE9F Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame D6AA 517 KB
518 KB 227ms
227ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&access_token=4wems4ySx0X2QfOCadVAq5Zkjv%2DXJCnyjyrBU0gWUBDqvQwCnjAw2tUbDOpFXm0puoTveyRY7%5FecgB9PXm3Po0GilY9Z6ZhhXVyOIJlm8zEm6%5FNFPrQLr8dptxRmfKUs%2DHbqgbPwSTbxguSKSKbbjkJQ&access_token_ttl=1657553045593&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDY4LjU&v=00000000-0000-0000-0000-000000000802&usid=6efdf2e8-9b05-4f36-98d7-4e6dda97af82&splashscreen=1&build=16.0.15409.41003&PdfMode=1&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

11710c2b3aaf87ca225ff47d8e33813214c76c9a14067a3473b5d80fe07e299e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=yRnFL8VqV0+uDjv5uH0Q6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF0000E7FA
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF0000E7FA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 528903
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&access_token=4wems4ySx0X2QfOCadVAq5Zkjv%2DXJCnyjyrBU0gWUBDqvQwCnjAw2tUbDOpFXm0puoTveyRY7%5FecgB9PXm3Po0GilY9Z6ZhhXVyOIJlm8zEm6%5FNFPrQLr8dptxRmfKUs%2DHbqgbPwSTbxguSKSKbbjkJQ&access_token_ttl=1657553045593&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDY4LjU00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: df907628-1d68-47b6-b9c9-57400dd319a8
x-officefd: DB5PEPF0000E7FA
x-usersessionid: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
date: Mon, 20 Jun 2022 15:24:05 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: D2EB76215C4E4442A7A636810969841E Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:06 GMT

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2CA3 0
238 B 225ms
225ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":171,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: SN3PEPF0000F908
x-officeversion: 16.0.15409.41003
x-officefe: SN3PEPF0000F908
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 9c1a4d0d-c39d-498e-acee-52195fb1f56c
x-officecluster: PGTUS5
x-usersessionid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
date: Mon, 20 Jun 2022 15:24:05 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: A3509A68F28B4F689755FB2A646465E5 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 2CA3 76 KB
76 KB 261ms
260ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wsGCKUS8YSKS%2DGjNPxf%5FztCks4d3QGrIG1MOiUrNSAcqZB%2D6NZ9nvtQyRjqethJI81HW7V1FGAPRt1kyxEInn4FBjgIImub1kkmNJD6reHxU7nx2PcjmzSqpfrjZ0u9RtzK4Wh3%5FNrR2QadaLVUjD%5Fw&access_token_ttl=1657553045475&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ&v=00000000-0000-0000-0000-000000000802&usid=cf7d5f64-2e5a-4701-b858-2f74d6ba935d&splashscreen=1&build=16.0.15409.41003&PdfMode=1&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e638694e4d5377c70059ccac39d4d8d1da864a1d6ff0c24df041f7e1585676a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000083DA
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083DA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 77344
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wsGCKUS8YSKS%2DGjNPxf%5FztCks4d3QGrIG1MOiUrNSAcqZB%2D6NZ9nvtQyRjqethJI81HW7V1FGAPRt1kyxEInn4FBjgIImub1kkmNJD6reHxU7nx2PcjmzSqpfrjZ0u9RtzK4Wh3%5FNrR2QadaLVUjD%5Fw&access_token_ttl=1657553045475&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: d21c2fdd-af2b-4aeb-be09-823f37c689c6
x-officefd: DB5PEPF000083DA
x-usersessionid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
date: Mon, 20 Jun 2022 15:24:05 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 2D18BB99B63E4267BF8891064DF2491F Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:06Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:06 GMT

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/ Frame D6AA 22 KB
23 KB 54ms
54ms Font
font/x-woff 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"2dea0757a7fd81:0"
x-officecluster: US3C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00012E78
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 23:08:13 GMT
x-officefd: DM3PEPF000132E3
x-msedge-ref: Ref A: A76AC451B17F436BA5261D44321638E8 Ref B: AMS04EDGE2615 Ref C: 2022-06-13T23:08:13Z
x-usersessionid: 8c187220-3700-4498-91af-4d283cb7f390
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: 8c187220-3700-4498-91af-4d283cb7f390
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame D6AA 357 B
843 B 85ms
85ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&access_token=4wems4ySx0X2QfOCadVAq5Zkjv%2DXJCnyjyrBU0gWUBDqvQwCnjAw2tUbDOpFXm0puoTveyRY7%5FecgB9PXm3Po0GilY9Z6ZhhXVyOIJlm8zEm6%5FNFPrQLr8dptxRmfKUs%2DHbqgbPwSTbxguSKSKbbjkJQ&access_token_ttl=1657553045593&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDY4LjU&type=png&o15=1&ui=en-GB&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

0d68f6176468c0ca382dfe39fa0dae9a5b2b1a24b1fb8fe3d1af580a5ebc5f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF00008421
X-UserSessionId: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: IlTliXLIwOChQX2O90XldYpJozDt9FXFY+dbK9zYn48=,637913354464530388
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=yRnFL8VqV0+uDjv5uH0Q6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF00008421
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF00008421
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 355
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 9790909a-596d-4bff-9b05-876ccaf13580, 9790909a-596d-4bff-9b05-876ccaf13580
x-officefd: DB5PEPF000083EB
x-usersessionid: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82, 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
x-powered-by: ARR/3.0
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: B2B1617B90474FBC82FEE1749197D25F Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *, *
expires: Tue, 20 Jun 2023 15:24:07 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/ Frame D6AA 40 KB
7 KB 56ms
55ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"bfcdeccb627fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF000083EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5997
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:18:51 GMT
x-officefd: DB5PEPF000083EC
x-msedge-ref: Ref A: 5554051627F94F6196DA286534DF3D9A Ref B: AM3EDGE0518 Ref C: 2022-06-13T20:18:51Z
x-usersessionid: 0a3dd291-b5d5-4d15-87d7-9dfaa4e2a564
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0a3dd291-b5d5-4d15-87d7-9dfaa4e2a564
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wapsw.png
c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/ Frame D6AA 6 KB
6 KB 74ms
73ms Image
image/png 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/wapsw.png?b=1601540941003

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"c4f9efa1280d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000F300
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5884
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 14 Jun 2022 17:20:00 GMT
x-officefd: DB5PEPF0000F300
x-msedge-ref: Ref A: A8AB5F10340F4D45A508D57F96672F11 Ref B: AMS04EDGE3410 Ref C: 2022-06-14T17:20:00Z
x-usersessionid: 63e0cd65-d26d-4787-bba5-30edf8f066f1
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 63e0cd65-d26d-4787-bba5-30edf8f066f1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/ Frame D6AA 34 KB
35 KB 66ms
66ms Image
image/png 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/wv.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"c4bcd034707fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000C632
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 21:54:50 GMT
x-officefd: DB5PEPF0000C632
x-msedge-ref: Ref A: 271284E0EFD049898B8BCECC894291E6 Ref B: AM3EDGE0222 Ref C: 2022-06-13T21:54:50Z
x-usersessionid: 947a3e0c-8791-49c4-a73c-2314492cb6f0
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 947a3e0c-8791-49c4-a73c-2314492cb6f0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wapsw.png
c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/ Frame 2CA3 6 KB
6 KB 56ms
56ms Image
image/png 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/wapsw.png?b=1601540941003

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"c4f9efa1280d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000F300
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5884
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 14 Jun 2022 17:20:00 GMT
x-officefd: DB5PEPF0000F300
x-msedge-ref: Ref A: A8AB5F10340F4D45A508D57F96672F11 Ref B: AMS04EDGE3410 Ref C: 2022-06-14T17:20:00Z
x-usersessionid: 63e0cd65-d26d-4787-bba5-30edf8f066f1
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 63e0cd65-d26d-4787-bba5-30edf8f066f1
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2CA3 0
198 B 158ms
158ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":562,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BN3PEPF0000384C
x-officeversion: 16.0.15409.41003
x-officefe: BN3PEPF0000384C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: a46cf532-709f-447c-99a9-08654e1ee797
x-officecluster: PGTUS3
x-usersessionid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: EB85F17B8CA947368AD0F70BD297B717 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/ Frame 2CA3 34 KB
35 KB 57ms
57ms Image
image/png 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/wv.png

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"c4bcd034707fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000C632
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 21:54:50 GMT
x-officefd: DB5PEPF0000C632
x-msedge-ref: Ref A: 271284E0EFD049898B8BCECC894291E6 Ref B: AM3EDGE0222 Ref C: 2022-06-13T21:54:50Z
x-usersessionid: 947a3e0c-8791-49c4-a73c-2314492cb6f0
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 947a3e0c-8791-49c4-a73c-2314492cb6f0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/ Frame 2CA3 22 KB
23 KB 54ms
54ms Font
font/x-woff 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"2dea0757a7fd81:0"
x-officecluster: US3C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00012E78
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 23:08:13 GMT
x-officefd: DM3PEPF000132E3
x-msedge-ref: Ref A: A76AC451B17F436BA5261D44321638E8 Ref B: AMS04EDGE2615 Ref C: 2022-06-13T23:08:13Z
x-usersessionid: 8c187220-3700-4498-91af-4d283cb7f390
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: 8c187220-3700-4498-91af-4d283cb7f390
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2CA3 356 B
708 B 92ms
92ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wsGCKUS8YSKS%2DGjNPxf%5FztCks4d3QGrIG1MOiUrNSAcqZB%2D6NZ9nvtQyRjqethJI81HW7V1FGAPRt1kyxEInn4FBjgIImub1kkmNJD6reHxU7nx2PcjmzSqpfrjZ0u9RtzK4Wh3%5FNrR2QadaLVUjD%5Fw&access_token_ttl=1657553045475&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ&type=png&o15=1&ui=en-GB&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

91a9ab6fec61c170a5eafdd7480c9237a87086e10d1c8bd9aa186971fb6bcc49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF000064AD
X-UserSessionId: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: GZ4Vc2Nil0bcwvPkSD3TTinsI8opYTf3PTjMJH9WUwo=,637913354464608802
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000064AD
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000064AD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 354
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 9e43500c-cd35-4301-aadd-f9dea2270568, 9e43500c-cd35-4301-aadd-f9dea2270568
x-officefd: DB5PEPF000083FB
x-usersessionid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d, cf7d5f64-2e5a-4701-b858-2f74d6ba935d
x-powered-by: ARR/3.0
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: EB044AA87F1F44A395E54CD0C671A296 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *, *
expires: Tue, 20 Jun 2023 15:24:07 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/ Frame 2CA3 40 KB
7 KB 55ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"bfcdeccb627fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF000083EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5997
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:18:51 GMT
x-officefd: DB5PEPF000083EC
x-msedge-ref: Ref A: 5554051627F94F6196DA286534DF3D9A Ref B: AM3EDGE0518 Ref C: 2022-06-13T20:18:51Z
x-usersessionid: 0a3dd291-b5d5-4d15-87d7-9dfaa4e2a564
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0a3dd291-b5d5-4d15-87d7-9dfaa4e2a564
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wapsw.png
c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/ Frame EDEA 6 KB
6 KB 55ms
55ms Image
image/png 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/wapsw.png?b=1601540941003

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"c4f9efa1280d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000F300
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5884
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 14 Jun 2022 17:20:00 GMT
x-officefd: DB5PEPF0000F300
x-msedge-ref: Ref A: A8AB5F10340F4D45A508D57F96672F11 Ref B: AMS04EDGE3410 Ref C: 2022-06-14T17:20:00Z
x-usersessionid: 63e0cd65-d26d-4787-bba5-30edf8f066f1
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 63e0cd65-d26d-4787-bba5-30edf8f066f1
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame EDEA 0
460 B 157ms
157ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":795,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BN3PEPF00003C10
x-officeversion: 16.0.15409.41003
x-officefe: BN3PEPF00003C10
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: a3267260-8c6f-4d1e-96a4-7cc537c3dd7b
x-officecluster: PGTUS3
x-usersessionid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: AE5C8BB9EE8D4EC2BA58B6391C0C590A Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/ Frame EDEA 34 KB
35 KB 57ms
57ms Image
image/png 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/wv.png

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"c4bcd034707fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000C632
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 21:54:50 GMT
x-officefd: DB5PEPF0000C632
x-msedge-ref: Ref A: 271284E0EFD049898B8BCECC894291E6 Ref B: AM3EDGE0222 Ref C: 2022-06-13T21:54:50Z
x-usersessionid: 947a3e0c-8791-49c4-a73c-2314492cb6f0
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 947a3e0c-8791-49c4-a73c-2314492cb6f0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/ Frame EDEA 22 KB
23 KB 54ms
54ms Font
font/x-woff 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"2dea0757a7fd81:0"
x-officecluster: US3C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00012E78
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 23:08:13 GMT
x-officefd: DM3PEPF000132E3
x-msedge-ref: Ref A: A76AC451B17F436BA5261D44321638E8 Ref B: AMS04EDGE2615 Ref C: 2022-06-13T23:08:13Z
x-usersessionid: 8c187220-3700-4498-91af-4d283cb7f390
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: 8c187220-3700-4498-91af-4d283cb7f390
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame EDEA 357 B
833 B 96ms
96ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&access_token=4woAaoos%2Dg5HobtGCF%2DB8K1%5FZOD%5F4hfH9nDqLwHD9jCqJRBxax96TDPE%2D2gm%5FLNviUo1kH4L56nOJ6LIx5JoVu9IYq5%5FNZ5qKw9KMETAUl9RC5UMc%5F8LnkwtT437rLEqEjel8%5Fltk0vCfun%2Djmx8mJEA&access_token_ttl=1657553045371&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDc3LjU&type=png&o15=1&ui=en-GB&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

8445e9465ffebf940db252a354544a1b63560c505433dd876660040cbf79b120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF000083EB
X-UserSessionId: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: 7JlUCwx0HwV9cAEsLnt+yt7qSOuGeTV0NM8TRN5sbNA=,637913354459337271
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000083EB
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083EB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 358
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 36b77f6f-5e11-4753-b241-56ad8640cd23, 36b77f6f-5e11-4753-b241-56ad8640cd23
x-officefd: DB5PEPF00008421
x-usersessionid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723, ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
x-powered-by: ARR/3.0
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 311A9551386B4746B1D55834450ACE99 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *, *
expires: Tue, 20 Jun 2023 15:24:07 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/ Frame EDEA 40 KB
7 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"bfcdeccb627fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF000083EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5997
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:18:51 GMT
x-officefd: DB5PEPF000083EC
x-msedge-ref: Ref A: 5554051627F94F6196DA286534DF3D9A Ref B: AM3EDGE0518 Ref C: 2022-06-13T20:18:51Z
x-usersessionid: 0a3dd291-b5d5-4d15-87d7-9dfaa4e2a564
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0a3dd291-b5d5-4d15-87d7-9dfaa4e2a564
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wapsw.png
c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/ Frame C144 6 KB
6 KB 55ms
55ms Image
image/png 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/wapsw.png?b=1601540941003

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"c4f9efa1280d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000F300
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5884
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 14 Jun 2022 17:20:00 GMT
x-officefd: DB5PEPF0000F300
x-msedge-ref: Ref A: A8AB5F10340F4D45A508D57F96672F11 Ref B: AMS04EDGE3410 Ref C: 2022-06-14T17:20:00Z
x-usersessionid: 63e0cd65-d26d-4787-bba5-30edf8f066f1
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 63e0cd65-d26d-4787-bba5-30edf8f066f1
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame C144 0
317 B 154ms
154ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 190f961c-87fa-4ef0-93fb-bd4c06296aae
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":795,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BB11
x-officeversion: 16.0.15413.41023
x-officefe: BL6PEPF0000BB11
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 4b4a2617-5f6c-4b00-a90c-2e705d61e106
x-officecluster: PGTUS4
x-usersessionid: 190f961c-87fa-4ef0-93fb-bd4c06296aae
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 6BC6A9DBA61C42409AB76E0FA9F9C4A6 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/ Frame C144 34 KB
35 KB 57ms
57ms Image
image/png 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/wv.png

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"c4bcd034707fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000C632
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 21:54:50 GMT
x-officefd: DB5PEPF0000C632
x-msedge-ref: Ref A: 271284E0EFD049898B8BCECC894291E6 Ref B: AM3EDGE0222 Ref C: 2022-06-13T21:54:50Z
x-usersessionid: 947a3e0c-8791-49c4-a73c-2314492cb6f0
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 947a3e0c-8791-49c4-a73c-2314492cb6f0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/ Frame C144 22 KB
23 KB 54ms
54ms Font
font/x-woff 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"2dea0757a7fd81:0"
x-officecluster: US3C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00012E78
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 23:08:13 GMT
x-officefd: DM3PEPF000132E3
x-msedge-ref: Ref A: A76AC451B17F436BA5261D44321638E8 Ref B: AMS04EDGE2615 Ref C: 2022-06-13T23:08:13Z
x-usersessionid: 8c187220-3700-4498-91af-4d283cb7f390
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: 8c187220-3700-4498-91af-4d283cb7f390
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame C144 356 B
813 B 84ms
84ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wNIZuG8SRBloyX54wbymqt4%5F8mcfZJ%2DMdl05AkE%5F0YTGsXyHjjNLRaL0WtWAhryjp96tQAFG5XZUfMEC7EhK3eHS3PYn8FD%2DVYDLxK6O6tj6lfOxJ6Z4%2DtpPm%5FYGZDr51pL7BGQxcwjZB%5FfFxgJgbZw&access_token_ttl=1657553045311&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ&type=png&o15=1&ui=en-GB&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

91a9ab6fec61c170a5eafdd7480c9237a87086e10d1c8bd9aa186971fb6bcc49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF000083FC
X-UserSessionId: 190f961c-87fa-4ef0-93fb-bd4c06296aae
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: W/M3UZ2FLEGRvLEF3g341/jEPvSC0pIxUOHVTr1Ucis=,637913354459353433
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000083FC
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 354
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: d60cf567-6fba-409f-bcf8-e66bb8fbfe99, d60cf567-6fba-409f-bcf8-e66bb8fbfe99
x-officefd: DB5PEPF000064AD
x-usersessionid: 190f961c-87fa-4ef0-93fb-bd4c06296aae, 190f961c-87fa-4ef0-93fb-bd4c06296aae
x-powered-by: ARR/3.0
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 9C6CAE901EF442FEB9F8AA0158470E00 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *, *
expires: Tue, 20 Jun 2023 15:24:07 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/ Frame C144 40 KB
7 KB 55ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"bfcdeccb627fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF000083EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5997
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:18:51 GMT
x-officefd: DB5PEPF000083EC
x-msedge-ref: Ref A: 5554051627F94F6196DA286534DF3D9A Ref B: AM3EDGE0518 Ref C: 2022-06-13T20:18:51Z
x-usersessionid: 0a3dd291-b5d5-4d15-87d7-9dfaa4e2a564
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0a3dd291-b5d5-4d15-87d7-9dfaa4e2a564
accept-ranges: bytes
timing-allow-origin: *

GET
BLOB 200
OK 1bf019c8-3a06-449f-9682-7fc1c06683af
https://word-view.officeapps.live.com/ Frame D6AA 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/1bf019c8-3a06-449f-9682-7fc1c06683af
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=yRnFL8VqV0+uDjv5uH0Q6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame D6AA 0
218 B 139ms
139ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=yRnFL8VqV0+uDjv5uH0Q6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":171,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css","Type":"ResourceDownloadSuccess"},{"Index":2,"MsSinceStart":478,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BAFD
x-officeversion: 16.0.15413.41023
x-officefe: BL6PEPF0000BAFD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 95b21dc9-3f9c-4200-8a24-ab3d5b54231f
x-officecluster: PGTUS4
x-usersessionid: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 83C8F9A3D05C43F9A19A682F5C8D130A Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
BLOB 200
OK 5aa835b2-2583-415e-a4c7-6a3229e5d10a
https://word-view.officeapps.live.com/ Frame 2CA3 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/5aa835b2-2583-415e-a4c7-6a3229e5d10a
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

GET
BLOB 200
OK 01e4c0f3-6def-48f4-bc78-ff459b42a5ff
https://word-view.officeapps.live.com/ Frame EDEA 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/01e4c0f3-6def-48f4-bc78-ff459b42a5ff
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

GET
BLOB 200
OK f51fbd71-bc5a-486e-b2ff-b717ab2d5f93
https://word-view.officeapps.live.com/ Frame C144 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/f51fbd71-bc5a-486e-b2ff-b717ab2d5f93
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame EDEA 515 KB
517 KB 241ms
241ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

617e04b068960a71d00105ce3a2825448d9ca811345d27f0f367060a561bfe5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF0000E7FA
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF0000E7FA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 527819
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&access_token=4woAaoos%2Dg5HobtGCF%2DB8K1%5FZOD%5F4hfH9nDqLwHD9jCqJRBxax96TDPE%2D2gm%5FLNviUo1kH4L56nOJ6LIx5JoVu9IYq5%5FNZ5qKw9KMETAUl9RC5UMc%5F8LnkwtT437rLEqEjel8%5Fltk0vCfun%2Djmx8mJEA&access_token_ttl=1657553045371&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDc3LjU00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: b22d3780-9b08-4c9a-8fe5-3e6cbdfbf4a0
x-officefd: DB5PEPF0000E7FA
x-usersessionid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: D8F17D81E4FB47B5B93D507489D7E7BE Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:07 GMT

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 3726 110 KB
111 KB 3717ms
3716ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&access_token=4w6lvIUrMrE67fmDAt0zYuijeagRjMjWqf%5FJlHOOmC5xzgUjMXWWOCrqoJpgcR6P%2DEg5wFe%5FgIZlWhJNTkDPeALIJ0dGfOsgH6bLjatKkZVHvVuB%5FTtAqzHJ%2DEwrmvrxNoV95kMWtFsflvJI3rcPgTHA&access_token_ttl=1657553045618&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDE5LjU&v=00000000-0000-0000-0000-000000000802&usid=f9bc29c9-9017-4451-9c2b-d2cde9705a87&splashscreen=1&build=16.0.15409.41003&PdfMode=1&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3368a35ab5a69f1185f3e8389995740cdca344015d22b636daedc653009e582d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF0001237B
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF0001237B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 112598
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&access_token=4w6lvIUrMrE67fmDAt0zYuijeagRjMjWqf%5FJlHOOmC5xzgUjMXWWOCrqoJpgcR6P%2DEg5wFe%5FgIZlWhJNTkDPeALIJ0dGfOsgH6bLjatKkZVHvVuB%5FTtAqzHJ%2DEwrmvrxNoV95kMWtFsflvJI3rcPgTHA&access_token_ttl=1657553045618&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDE5LjU00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 326acf77-6e80-41a7-9695-d9966d78067f
x-officefd: AM4PEPF0001237B
x-usersessionid: f9bc29c9-9017-4451-9c2b-d2cde9705a87
date: Mon, 20 Jun 2022 15:24:10 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 01D44EA3E3B441EB958751393670380A Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:11 GMT

GET
H2 200 wapsw.png
c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/ Frame 3726 6 KB
6 KB 55ms
54ms Image
image/png 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/wapsw.png?b=1601540941003

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"c4f9efa1280d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000F300
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5884
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 14 Jun 2022 17:20:00 GMT
x-officefd: DB5PEPF0000F300
x-msedge-ref: Ref A: A8AB5F10340F4D45A508D57F96672F11 Ref B: AMS04EDGE3410 Ref C: 2022-06-14T17:20:00Z
x-usersessionid: 63e0cd65-d26d-4787-bba5-30edf8f066f1
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 63e0cd65-d26d-4787-bba5-30edf8f066f1
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3726 0
354 B 280ms
279ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: f9bc29c9-9017-4451-9c2b-d2cde9705a87
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":904,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BY3PEPF0000C967
x-officeversion: 16.0.15409.41003
x-officefe: BY3PEPF0000C967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: 84270882-fb66-4991-bf75-79624d37e41c
x-officecluster: PGTUS1
x-usersessionid: f9bc29c9-9017-4451-9c2b-d2cde9705a87
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: F786D0BD8C4843138AC372F4EB5ACA90 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/ Frame 3726 34 KB
35 KB 57ms
57ms Image
image/png 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/wv.png

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"c4bcd034707fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000C632
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35196
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 21:54:50 GMT
x-officefd: DB5PEPF0000C632
x-msedge-ref: Ref A: 271284E0EFD049898B8BCECC894291E6 Ref B: AM3EDGE0222 Ref C: 2022-06-13T21:54:50Z
x-usersessionid: 947a3e0c-8791-49c4-a73c-2314492cb6f0
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 947a3e0c-8791-49c4-a73c-2314492cb6f0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/ Frame 3726 22 KB
23 KB 54ms
54ms Font
font/x-woff 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/hC69650AB0B68842C_resources/2057/WordViewer.css
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"2dea0757a7fd81:0"
x-officecluster: US3C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00012E78
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 23:08:13 GMT
x-officefd: DM3PEPF000132E3
x-msedge-ref: Ref A: A76AC451B17F436BA5261D44321638E8 Ref B: AMS04EDGE2615 Ref C: 2022-06-13T23:08:13Z
x-usersessionid: 8c187220-3700-4498-91af-4d283cb7f390
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: 8c187220-3700-4498-91af-4d283cb7f390
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3726 356 B
907 B 68ms
68ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&access_token=4w6lvIUrMrE67fmDAt0zYuijeagRjMjWqf%5FJlHOOmC5xzgUjMXWWOCrqoJpgcR6P%2DEg5wFe%5FgIZlWhJNTkDPeALIJ0dGfOsgH6bLjatKkZVHvVuB%5FTtAqzHJ%2DEwrmvrxNoV95kMWtFsflvJI3rcPgTHA&access_token_ttl=1657553045618&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDE5LjU&type=png&o15=1&ui=en-GB&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

20e7cf657640bad091589b217b7e8431e567b0d095d915c942603e3d701a688f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012934
X-UserSessionId: f9bc29c9-9017-4451-9c2b-d2cde9705a87
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: IzyLieNtcYU03ovxJMKqMYuD+EpdSl9s8kSGU9+3CN8=,637913354464509008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012934
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF00012934
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 355
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: ed6d2798-c570-4c4d-87a7-879d9fcb9076, ed6d2798-c570-4c4d-87a7-879d9fcb9076
x-officefd: AM4PEPF00012379
x-usersessionid: f9bc29c9-9017-4451-9c2b-d2cde9705a87, f9bc29c9-9017-4451-9c2b-d2cde9705a87
x-powered-by: ARR/3.0
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 5BB2D51F916A4BF6805EB78CD0A248ED Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *, *
expires: Tue, 20 Jun 2023 15:24:07 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/ Frame 3726 40 KB
7 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"bfcdeccb627fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF000083EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5997
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:18:51 GMT
x-officefd: DB5PEPF000083EC
x-msedge-ref: Ref A: 5554051627F94F6196DA286534DF3D9A Ref B: AM3EDGE0518 Ref C: 2022-06-13T20:18:51Z
x-usersessionid: 0a3dd291-b5d5-4d15-87d7-9dfaa4e2a564
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0a3dd291-b5d5-4d15-87d7-9dfaa4e2a564
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/ Frame D6AA 837 KB
138 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e2c2683c75736d84db85be4f4d684806c3aa1aa12c8dc4b80fcdf0e2d1dc51f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ca8095cc627fd81:0"
x-officecluster: US4C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00013871
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 140330
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Mon, 13 Jun 2022 20:18:52 GMT
x-officefd: DM3PEPF00012E9B
x-msedge-ref: Ref A: 74FADE2FF05A425DA408772B184E38F5 Ref B: AM3EDGE0908 Ref C: 2022-06-13T20:18:51Z
x-usersessionid: b8c5fbc0-95ec-4cd7-aa99-b1fd7acb26df
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b8c5fbc0-95ec-4cd7-aa99-b1fd7acb26df
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedback_floodgate.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/ Frame D6AA 549 KB
102 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9453a0d46bcb5bb3ef1982975b93214e05fc901c61cda2917fda568d7a3d4704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"383de8637fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF0001293F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 103228
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:26:47 GMT
x-officefd: AM4PEPF0001293F
x-msedge-ref: Ref A: 8BF9370E3F2641E79D35C6DD53764320 Ref B: AM3EDGE0207 Ref C: 2022-06-13T20:26:47Z
x-usersessionid: a1d23c35-d46d-4f82-8035-0d4805f20ec0
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a1d23c35-d46d-4f82-8035-0d4805f20ec0
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame D6AA 0
433 B 143ms
142ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DB5PEPF00008421
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: IlTliXLIwOChQX2O90XldYpJozDt9FXFY+dbK9zYn48=,637913354464530388
X-bULS-SuppressionETag: D364F302477177B1869F1E6153FB2A84B42A10D2
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wems4ySx0X2QfOCadVAq5Zkjv-XJCnyjyrBU0gWUBDqvQwCnjAw2tUbDOpFXm0puoTveyRY7_ecgB9PXm3Po0GilY9Z6ZhhXVyOIJlm8zEm6_NFPrQLr8dptxRmfKUs-HbqgbPwSTbxguSKSKbbjkJQ
X-UserSessionId: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=yRnFL8VqV0+uDjv5uH0Q6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1657553045593
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS6
x-officeversion: 16.0.15409.41003
x-officefe: BL6PEPF0000906B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: D364F302477177B1869F1E6153FB2A84B42A10D2
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 009d0e4b-68e5-4cc9-8fec-5d68d9f1df56
x-officefd: BL6PEPF0000906B
x-usersessionid: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 47D4B76673EF4BA585E9581D9EBD3902 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/ Frame D6AA 695 B
1 KB 54ms
54ms Image
image/gif 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/progress.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"9fe7845f6c7fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000840F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 21:27:24 GMT
x-officefd: DB5PEPF0000840F
x-msedge-ref: Ref A: 964E645CECED430FAC109F676FE5E0DD Ref B: AM3EDGE0714 Ref C: 2022-06-13T21:27:24Z
x-usersessionid: ac901ad6-0f08-4331-8fe3-7e9d3b2099d0
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: ac901ad6-0f08-4331-8fe3-7e9d3b2099d0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame D6AA 517 KB
518 KB 235ms
235ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=6efdf2e8-9b05-4f36-98d7-4e6dda97af82&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&access_token=4wems4ySx0X2QfOCadVAq5Zkjv-XJCnyjyrBU0gWUBDqvQwCnjAw2tUbDOpFXm0puoTveyRY7_ecgB9PXm3Po0GilY9Z6ZhhXVyOIJlm8zEm6_NFPrQLr8dptxRmfKUs-HbqgbPwSTbxguSKSKbbjkJQ&access_token_ttl=1657553045994&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDY4LjU&waccluster=PIE1&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

11710c2b3aaf87ca225ff47d8e33813214c76c9a14067a3473b5d80fe07e299e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=yRnFL8VqV0+uDjv5uH0Q6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000083DA
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083DA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 528903
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&access_token=4wems4ySx0X2QfOCadVAq5Zkjv%2DXJCnyjyrBU0gWUBDqvQwCnjAw2tUbDOpFXm0puoTveyRY7%5FecgB9PXm3Po0GilY9Z6ZhhXVyOIJlm8zEm6%5FNFPrQLr8dptxRmfKUs%2DHbqgbPwSTbxguSKSKbbjkJQ&access_token_ttl=1657553045994&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDY4LjU00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: c5bc65ec-16dd-42d6-9114-5522a5803b1a
x-officefd: DB5PEPF000083DA
x-usersessionid: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: CB51ADF4F4E64A37ABA916CCD30151C1 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:07 GMT

GET
BLOB 200
OK 9ec5855a-0683-4c49-8951-a1875e1e51c8
https://word-view.officeapps.live.com/ Frame 3726 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://word-view.officeapps.live.com/9ec5855a-0683-4c49-8951-a1875e1e51c8
Requested by: Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame D6AA 0
240 B 278ms
277ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=yRnFL8VqV0+uDjv5uH0Q6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":921,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BY3PEPF0000C920
x-officeversion: 16.0.15409.41003
x-officefe: BY3PEPF0000C920
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7c1a7712-0d51-4d50-9597-e4d7c197f4e6
x-officecluster: PGTUS1
x-usersessionid: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: CC132165D1D74C81819BA5BCB29BF0EE Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame D6AA 1 KB
1 KB 80ms
79ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=6efdf2e8-9b05-4f36-98d7-4e6dda97af82&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&access_token=4wems4ySx0X2QfOCadVAq5Zkjv%2DXJCnyjyrBU0gWUBDqvQwCnjAw2tUbDOpFXm0puoTveyRY7%5FecgB9PXm3Po0GilY9Z6ZhhXVyOIJlm8zEm6%5FNFPrQLr8dptxRmfKUs%2DHbqgbPwSTbxguSKSKbbjkJQ&access_token_ttl=1657553045593&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDY4LjU&waccluster=PIE1&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

ab9cfa01cbe91d36d800e7bea7876bd9332438a23c6c0a904c6b70f12c5cf6db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF00008421
X-UserSessionId: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: IlTliXLIwOChQX2O90XldYpJozDt9FXFY+dbK9zYn48=,637913354464530388
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=yRnFL8VqV0+uDjv5uH0Q6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF00008421
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF00008421
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 672
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&access_token=4wems4ySx0X2QfOCadVAq5Zkjv%2DXJCnyjyrBU0gWUBDqvQwCnjAw2tUbDOpFXm0puoTveyRY7%5FecgB9PXm3Po0GilY9Z6ZhhXVyOIJlm8zEm6%5FNFPrQLr8dptxRmfKUs%2DHbqgbPwSTbxguSKSKbbjkJQ&access_token_ttl=1657553045593&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDY4LjU00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 413a630d-ac18-41fa-b484-d9ae9a243253, 413a630d-ac18-41fa-b484-d9ae9a243253
x-officefd: DB5PEPF000083EB
x-usersessionid: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82, 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
x-powered-by: ARR/3.0
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 6C5EABEEFF6C491891F98CF409C557DC Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *, *
expires: Tue, 20 Jun 2023 15:24:07 GMT

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2CA3 0
342 B 142ms
142ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":955,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BN3PEPF00003853
x-officeversion: 16.0.15409.41003
x-officefe: BN3PEPF00003853
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 74b9076c-52ef-4cde-bbc8-309fb858f597
x-officecluster: PGTUS3
x-usersessionid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 5DA5189E739A4C49816192D633FE300C Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/ Frame 2CA3 837 KB
138 KB 66ms
66ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e2c2683c75736d84db85be4f4d684806c3aa1aa12c8dc4b80fcdf0e2d1dc51f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ca8095cc627fd81:0"
x-officecluster: US4C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00013871
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 140330
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Mon, 13 Jun 2022 20:18:52 GMT
x-officefd: DM3PEPF00012E9B
x-msedge-ref: Ref A: 74FADE2FF05A425DA408772B184E38F5 Ref B: AM3EDGE0908 Ref C: 2022-06-13T20:18:51Z
x-usersessionid: b8c5fbc0-95ec-4cd7-aa99-b1fd7acb26df
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b8c5fbc0-95ec-4cd7-aa99-b1fd7acb26df
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/ Frame 2CA3 695 B
1 KB 55ms
55ms Image
image/gif 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/progress.gif

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"9fe7845f6c7fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000840F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 21:27:24 GMT
x-officefd: DB5PEPF0000840F
x-msedge-ref: Ref A: 964E645CECED430FAC109F676FE5E0DD Ref B: AM3EDGE0714 Ref C: 2022-06-13T21:27:24Z
x-usersessionid: ac901ad6-0f08-4331-8fe3-7e9d3b2099d0
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: ac901ad6-0f08-4331-8fe3-7e9d3b2099d0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedback_floodgate.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/ Frame 2CA3 549 KB
102 KB 62ms
62ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9453a0d46bcb5bb3ef1982975b93214e05fc901c61cda2917fda568d7a3d4704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"383de8637fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF0001293F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 103228
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:26:47 GMT
x-officefd: AM4PEPF0001293F
x-msedge-ref: Ref A: 8BF9370E3F2641E79D35C6DD53764320 Ref B: AM3EDGE0207 Ref C: 2022-06-13T20:26:47Z
x-usersessionid: a1d23c35-d46d-4f82-8035-0d4805f20ec0
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a1d23c35-d46d-4f82-8035-0d4805f20ec0
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2CA3 0
233 B 577ms
576ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DB5PEPF000064AD
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: GZ4Vc2Nil0bcwvPkSD3TTinsI8opYTf3PTjMJH9WUwo=,637913354464608802
X-bULS-SuppressionETag: D364F302477177B1869F1E6153FB2A84B42A10D2
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wsGCKUS8YSKS-GjNPxf_ztCks4d3QGrIG1MOiUrNSAcqZB-6NZ9nvtQyRjqethJI81HW7V1FGAPRt1kyxEInn4FBjgIImub1kkmNJD6reHxU7nx2PcjmzSqpfrjZ0u9RtzK4Wh3_NrR2QadaLVUjD_w
X-UserSessionId: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1657553045475
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.15413.41023
x-officefe: BL6PEPF0000BB18
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: D364F302477177B1869F1E6153FB2A84B42A10D2
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: ccb11fe5-82d0-45ea-8a15-80a1c6fe37f3
x-officefd: BL6PEPF0000BB18
x-usersessionid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
date: Mon, 20 Jun 2022 15:24:07 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 5C421D236D0A4046B5EEF6545DC1A1D4 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 2CA3 76 KB
76 KB 257ms
256ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=cf7d5f64-2e5a-4701-b858-2f74d6ba935d&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wsGCKUS8YSKS-GjNPxf_ztCks4d3QGrIG1MOiUrNSAcqZB-6NZ9nvtQyRjqethJI81HW7V1FGAPRt1kyxEInn4FBjgIImub1kkmNJD6reHxU7nx2PcjmzSqpfrjZ0u9RtzK4Wh3_NrR2QadaLVUjD_w&access_token_ttl=1657553045928&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ&waccluster=PIE1&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e638694e4d5377c70059ccac39d4d8d1da864a1d6ff0c24df041f7e1585676a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000083EB
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083EB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 77344
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wsGCKUS8YSKS%2DGjNPxf%5FztCks4d3QGrIG1MOiUrNSAcqZB%2D6NZ9nvtQyRjqethJI81HW7V1FGAPRt1kyxEInn4FBjgIImub1kkmNJD6reHxU7nx2PcjmzSqpfrjZ0u9RtzK4Wh3%5FNrR2QadaLVUjD%5Fw&access_token_ttl=1657553045928&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 56a8363b-0008-47b5-9050-47eeae61c0b6
x-officefd: DB5PEPF000083EB
x-usersessionid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 46FC64A499A0448284F6E815D4370FB9 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:07 GMT

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 2CA3 87 KB
87 KB 259ms
258ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=cf7d5f64-2e5a-4701-b858-2f74d6ba935d&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wsGCKUS8YSKS-GjNPxf_ztCks4d3QGrIG1MOiUrNSAcqZB-6NZ9nvtQyRjqethJI81HW7V1FGAPRt1kyxEInn4FBjgIImub1kkmNJD6reHxU7nx2PcjmzSqpfrjZ0u9RtzK4Wh3_NrR2QadaLVUjD_w&access_token_ttl=1657553045928&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ&waccluster=PIE1&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c3f105763108f06e21e3e7ad5f439748d31e78a6380b3bfb040cb7e4df60f380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000064AD
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000064AD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 88800
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wsGCKUS8YSKS%2DGjNPxf%5FztCks4d3QGrIG1MOiUrNSAcqZB%2D6NZ9nvtQyRjqethJI81HW7V1FGAPRt1kyxEInn4FBjgIImub1kkmNJD6reHxU7nx2PcjmzSqpfrjZ0u9RtzK4Wh3%5FNrR2QadaLVUjD%5Fw&access_token_ttl=1657553045928&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ00000000-0000-0000-0000-000000000802p2.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 2ebb3620-d0f2-4679-b59b-b4eee599fce7
x-officefd: DB5PEPF000064AD
x-usersessionid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 24921B24E54C4DBBB64FCA8E8A237EB0 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:07 GMT

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 2CA3 82 KB
82 KB 259ms
259ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p3.img&v=00000000-0000-0000-0000-000000000802&usid=cf7d5f64-2e5a-4701-b858-2f74d6ba935d&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wsGCKUS8YSKS-GjNPxf_ztCks4d3QGrIG1MOiUrNSAcqZB-6NZ9nvtQyRjqethJI81HW7V1FGAPRt1kyxEInn4FBjgIImub1kkmNJD6reHxU7nx2PcjmzSqpfrjZ0u9RtzK4Wh3_NrR2QadaLVUjD_w&access_token_ttl=1657553045928&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ&waccluster=PIE1&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3035159fc8cf0668d4ce7bad908f88a7e0fbfdb45bb33eaef0daab30634796f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF0000D036
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF0000D036
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 83605
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wsGCKUS8YSKS%2DGjNPxf%5FztCks4d3QGrIG1MOiUrNSAcqZB%2D6NZ9nvtQyRjqethJI81HW7V1FGAPRt1kyxEInn4FBjgIImub1kkmNJD6reHxU7nx2PcjmzSqpfrjZ0u9RtzK4Wh3%5FNrR2QadaLVUjD%5Fw&access_token_ttl=1657553045928&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ00000000-0000-0000-0000-000000000802p3.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 8ca2ded2-99d2-4b63-af2f-f2820bf8aae5
x-officefd: DB5PEPF0000D036
x-usersessionid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: F2DD0954CE4A480FBEEE119F2B1273C2 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:07 GMT

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame EDEA 0
478 B 255ms
255ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":1158,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: SN3PEPF0000C10B
x-officeversion: 16.0.15409.41003
x-officefe: SN3PEPF0000C10B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: f40d9c57-b8fc-4430-9710-33d0585a5988
x-officecluster: PGTUS5
x-usersessionid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: D7A3B2DAAB224F9E9A3E3CF598CC41F6 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/ Frame EDEA 837 KB
138 KB 63ms
63ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e2c2683c75736d84db85be4f4d684806c3aa1aa12c8dc4b80fcdf0e2d1dc51f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ca8095cc627fd81:0"
x-officecluster: US4C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00013871
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 140330
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Mon, 13 Jun 2022 20:18:52 GMT
x-officefd: DM3PEPF00012E9B
x-msedge-ref: Ref A: 74FADE2FF05A425DA408772B184E38F5 Ref B: AM3EDGE0908 Ref C: 2022-06-13T20:18:51Z
x-usersessionid: b8c5fbc0-95ec-4cd7-aa99-b1fd7acb26df
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b8c5fbc0-95ec-4cd7-aa99-b1fd7acb26df
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/ Frame EDEA 695 B
1 KB 54ms
54ms Image
image/gif 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/progress.gif

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"9fe7845f6c7fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000840F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 21:27:24 GMT
x-officefd: DB5PEPF0000840F
x-msedge-ref: Ref A: 964E645CECED430FAC109F676FE5E0DD Ref B: AM3EDGE0714 Ref C: 2022-06-13T21:27:24Z
x-usersessionid: ac901ad6-0f08-4331-8fe3-7e9d3b2099d0
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: ac901ad6-0f08-4331-8fe3-7e9d3b2099d0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedback_floodgate.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/ Frame EDEA 549 KB
102 KB 56ms
56ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9453a0d46bcb5bb3ef1982975b93214e05fc901c61cda2917fda568d7a3d4704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"383de8637fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF0001293F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 103228
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:26:47 GMT
x-officefd: AM4PEPF0001293F
x-msedge-ref: Ref A: 8BF9370E3F2641E79D35C6DD53764320 Ref B: AM3EDGE0207 Ref C: 2022-06-13T20:26:47Z
x-usersessionid: a1d23c35-d46d-4f82-8035-0d4805f20ec0
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a1d23c35-d46d-4f82-8035-0d4805f20ec0
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame EDEA 0
326 B 189ms
188ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DB5PEPF000083EB
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: 7JlUCwx0HwV9cAEsLnt+yt7qSOuGeTV0NM8TRN5sbNA=,637913354459337271
X-bULS-SuppressionETag: D364F302477177B1869F1E6153FB2A84B42A10D2
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4woAaoos-g5HobtGCF-B8K1_ZOD_4hfH9nDqLwHD9jCqJRBxax96TDPE-2gm_LNviUo1kH4L56nOJ6LIx5JoVu9IYq5_NZ5qKw9KMETAUl9RC5UMc_8LnkwtT437rLEqEjel8_ltk0vCfun-jmx8mJEA
X-UserSessionId: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1657553045371
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS3
x-officeversion: 16.0.15409.41003
x-officefe: BN3PEPF00003844
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: D364F302477177B1869F1E6153FB2A84B42A10D2
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: e1fcac27-cb14-449a-97c0-180a54b34601
x-officefd: BN3PEPF00003844
x-usersessionid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 21EDA8D8FA5C4853B9FFCF893F794168 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame EDEA 515 KB
517 KB 246ms
246ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=ffbf101e-abdd-4375-bc7a-8f1bd4ce7723&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&access_token=4woAaoos-g5HobtGCF-B8K1_ZOD_4hfH9nDqLwHD9jCqJRBxax96TDPE-2gm_LNviUo1kH4L56nOJ6LIx5JoVu9IYq5_NZ5qKw9KMETAUl9RC5UMc_8LnkwtT437rLEqEjel8_ltk0vCfun-jmx8mJEA&access_token_ttl=1657553046431&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDc3LjU&waccluster=PIE1&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

617e04b068960a71d00105ce3a2825448d9ca811345d27f0f367060a561bfe5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000083FB
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 527819
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&access_token=4woAaoos%2Dg5HobtGCF%2DB8K1%5FZOD%5F4hfH9nDqLwHD9jCqJRBxax96TDPE%2D2gm%5FLNviUo1kH4L56nOJ6LIx5JoVu9IYq5%5FNZ5qKw9KMETAUl9RC5UMc%5F8LnkwtT437rLEqEjel8%5Fltk0vCfun%2Djmx8mJEA&access_token_ttl=1657553046431&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDc3LjU00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: a4103af8-bcf5-4d7b-91e0-aaa960b83a26
x-officefd: DB5PEPF000083FB
x-usersessionid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 797F8047498D4916818F2F881A4CC7F3 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:07 GMT

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame EDEA 534 KB
535 KB 246ms
246ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=ffbf101e-abdd-4375-bc7a-8f1bd4ce7723&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&access_token=4woAaoos-g5HobtGCF-B8K1_ZOD_4hfH9nDqLwHD9jCqJRBxax96TDPE-2gm_LNviUo1kH4L56nOJ6LIx5JoVu9IYq5_NZ5qKw9KMETAUl9RC5UMc_8LnkwtT437rLEqEjel8_ltk0vCfun-jmx8mJEA&access_token_ttl=1657553046431&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDc3LjU&waccluster=PIE1&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

66f25311b67a7902147f13ce7e321d14b0bb549e3b1d2a01bbf1b36ceb8d2080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF00008421
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF00008421
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 546378
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&access_token=4woAaoos%2Dg5HobtGCF%2DB8K1%5FZOD%5F4hfH9nDqLwHD9jCqJRBxax96TDPE%2D2gm%5FLNviUo1kH4L56nOJ6LIx5JoVu9IYq5%5FNZ5qKw9KMETAUl9RC5UMc%5F8LnkwtT437rLEqEjel8%5Fltk0vCfun%2Djmx8mJEA&access_token_ttl=1657553046431&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDc3LjU00000000-0000-0000-0000-000000000802p2.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7b4f4438-5448-4a86-9a7a-67c1d110f42b
x-officefd: DB5PEPF00008421
x-usersessionid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: FB4179924E09443D86844A48670932BC Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:07 GMT

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame C144 0
396 B 187ms
187ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 190f961c-87fa-4ef0-93fb-bd4c06296aae
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":1117,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BB11
x-officeversion: 16.0.15413.41023
x-officefe: BL6PEPF0000BB11
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: ddcda882-0d41-4f19-84f1-9dd0d002de98
x-officecluster: PGTUS4
x-usersessionid: 190f961c-87fa-4ef0-93fb-bd4c06296aae
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 48DDFA512226438F81E2A206419362EB Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/ Frame C144 837 KB
138 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e2c2683c75736d84db85be4f4d684806c3aa1aa12c8dc4b80fcdf0e2d1dc51f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ca8095cc627fd81:0"
x-officecluster: US4C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00013871
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 140330
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Mon, 13 Jun 2022 20:18:52 GMT
x-officefd: DM3PEPF00012E9B
x-msedge-ref: Ref A: 74FADE2FF05A425DA408772B184E38F5 Ref B: AM3EDGE0908 Ref C: 2022-06-13T20:18:51Z
x-usersessionid: b8c5fbc0-95ec-4cd7-aa99-b1fd7acb26df
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b8c5fbc0-95ec-4cd7-aa99-b1fd7acb26df
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/ Frame C144 695 B
1 KB 54ms
53ms Image
image/gif 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/progress.gif

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"9fe7845f6c7fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000840F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 21:27:24 GMT
x-officefd: DB5PEPF0000840F
x-msedge-ref: Ref A: 964E645CECED430FAC109F676FE5E0DD Ref B: AM3EDGE0714 Ref C: 2022-06-13T21:27:24Z
x-usersessionid: ac901ad6-0f08-4331-8fe3-7e9d3b2099d0
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: ac901ad6-0f08-4331-8fe3-7e9d3b2099d0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedback_floodgate.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/ Frame C144 549 KB
102 KB 57ms
53ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9453a0d46bcb5bb3ef1982975b93214e05fc901c61cda2917fda568d7a3d4704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"383de8637fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF0001293F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 103228
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:26:47 GMT
x-officefd: AM4PEPF0001293F
x-msedge-ref: Ref A: 8BF9370E3F2641E79D35C6DD53764320 Ref B: AM3EDGE0207 Ref C: 2022-06-13T20:26:47Z
x-usersessionid: a1d23c35-d46d-4f82-8035-0d4805f20ec0
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a1d23c35-d46d-4f82-8035-0d4805f20ec0
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame C144 0
321 B 231ms
229ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DB5PEPF000083FC
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: W/M3UZ2FLEGRvLEF3g341/jEPvSC0pIxUOHVTr1Ucis=,637913354459353433
X-bULS-SuppressionETag: D364F302477177B1869F1E6153FB2A84B42A10D2
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wNIZuG8SRBloyX54wbymqt4_8mcfZJ-Mdl05AkE_0YTGsXyHjjNLRaL0WtWAhryjp96tQAFG5XZUfMEC7EhK3eHS3PYn8FD-VYDLxK6O6tj6lfOxJ6Z4-tpPm_YGZDr51pL7BGQxcwjZB_fFxgJgbZw
X-UserSessionId: 190f961c-87fa-4ef0-93fb-bd4c06296aae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1657553045311
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS1
x-officeversion: 16.0.15409.41003
x-officefe: BY3PEPF0000C93D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: D364F302477177B1869F1E6153FB2A84B42A10D2
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: ba441c22-86e1-43e5-8dc5-469bc1af50fe
x-officefd: BY3PEPF0000C93D
x-usersessionid: 190f961c-87fa-4ef0-93fb-bd4c06296aae
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: CFF657BAED1346F68F9233BE71070D00 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame C144 76 KB
76 KB 393ms
391ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=190f961c-87fa-4ef0-93fb-bd4c06296aae&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wNIZuG8SRBloyX54wbymqt4_8mcfZJ-Mdl05AkE_0YTGsXyHjjNLRaL0WtWAhryjp96tQAFG5XZUfMEC7EhK3eHS3PYn8FD-VYDLxK6O6tj6lfOxJ6Z4-tpPm_YGZDr51pL7BGQxcwjZB_fFxgJgbZw&access_token_ttl=1657553046425&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ&waccluster=PIE1&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e638694e4d5377c70059ccac39d4d8d1da864a1d6ff0c24df041f7e1585676a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF0000C62B
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF0000C62B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 77344
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wNIZuG8SRBloyX54wbymqt4%5F8mcfZJ%2DMdl05AkE%5F0YTGsXyHjjNLRaL0WtWAhryjp96tQAFG5XZUfMEC7EhK3eHS3PYn8FD%2DVYDLxK6O6tj6lfOxJ6Z4%2DtpPm%5FYGZDr51pL7BGQxcwjZB%5FfFxgJgbZw&access_token_ttl=1657553046425&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: b5aa8d4a-cefa-4228-826f-10f847fb9139
x-officefd: DB5PEPF0000C62B
x-usersessionid: 190f961c-87fa-4ef0-93fb-bd4c06296aae
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 37B619369BF3455F922F99887A795C80 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:07 GMT

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame C144 87 KB
88 KB 395ms
393ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=190f961c-87fa-4ef0-93fb-bd4c06296aae&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wNIZuG8SRBloyX54wbymqt4_8mcfZJ-Mdl05AkE_0YTGsXyHjjNLRaL0WtWAhryjp96tQAFG5XZUfMEC7EhK3eHS3PYn8FD-VYDLxK6O6tj6lfOxJ6Z4-tpPm_YGZDr51pL7BGQxcwjZB_fFxgJgbZw&access_token_ttl=1657553046425&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ&waccluster=PIE1&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c3f105763108f06e21e3e7ad5f439748d31e78a6380b3bfb040cb7e4df60f380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF0000D03D
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF0000D03D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 88800
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wNIZuG8SRBloyX54wbymqt4%5F8mcfZJ%2DMdl05AkE%5F0YTGsXyHjjNLRaL0WtWAhryjp96tQAFG5XZUfMEC7EhK3eHS3PYn8FD%2DVYDLxK6O6tj6lfOxJ6Z4%2DtpPm%5FYGZDr51pL7BGQxcwjZB%5FfFxgJgbZw&access_token_ttl=1657553046425&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ00000000-0000-0000-0000-000000000802p2.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 998f5c57-e430-422f-9120-3f6f6ad66633
x-officefd: DB5PEPF0000D03D
x-usersessionid: 190f961c-87fa-4ef0-93fb-bd4c06296aae
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 162D894DCD9747128FD211F6DA6CB211 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:07 GMT

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame C144 82 KB
82 KB 395ms
393ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p3.img&v=00000000-0000-0000-0000-000000000802&usid=190f961c-87fa-4ef0-93fb-bd4c06296aae&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wNIZuG8SRBloyX54wbymqt4_8mcfZJ-Mdl05AkE_0YTGsXyHjjNLRaL0WtWAhryjp96tQAFG5XZUfMEC7EhK3eHS3PYn8FD-VYDLxK6O6tj6lfOxJ6Z4-tpPm_YGZDr51pL7BGQxcwjZB_fFxgJgbZw&access_token_ttl=1657553046425&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ&waccluster=PIE1&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3035159fc8cf0668d4ce7bad908f88a7e0fbfdb45bb33eaef0daab30634796f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000083DE
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083DE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 83605
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wNIZuG8SRBloyX54wbymqt4%5F8mcfZJ%2DMdl05AkE%5F0YTGsXyHjjNLRaL0WtWAhryjp96tQAFG5XZUfMEC7EhK3eHS3PYn8FD%2DVYDLxK6O6tj6lfOxJ6Z4%2DtpPm%5FYGZDr51pL7BGQxcwjZB%5FfFxgJgbZw&access_token_ttl=1657553046425&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ00000000-0000-0000-0000-000000000802p3.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 51d7f775-783d-4999-884b-a137abc916ab
x-officefd: DB5PEPF000083DE
x-usersessionid: 190f961c-87fa-4ef0-93fb-bd4c06296aae
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 2530B66B3D2343119DA777FDB69B7CD2 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:07 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2CA3 5 KB
2 KB 172ms
172ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=cf7d5f64-2e5a-4701-b858-2f74d6ba935d&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wsGCKUS8YSKS%2DGjNPxf%5FztCks4d3QGrIG1MOiUrNSAcqZB%2D6NZ9nvtQyRjqethJI81HW7V1FGAPRt1kyxEInn4FBjgIImub1kkmNJD6reHxU7nx2PcjmzSqpfrjZ0u9RtzK4Wh3%5FNrR2QadaLVUjD%5Fw&access_token_ttl=1657553045475&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ&waccluster=PIE1&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

f1ae7e118bbf61cae02ce379e55ab106d1fba274742f3be8c111e545855a1072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF000064AD
X-UserSessionId: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: GZ4Vc2Nil0bcwvPkSD3TTinsI8opYTf3PTjMJH9WUwo=,637913354464608802
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000064AD
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000064AD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1710
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wsGCKUS8YSKS%2DGjNPxf%5FztCks4d3QGrIG1MOiUrNSAcqZB%2D6NZ9nvtQyRjqethJI81HW7V1FGAPRt1kyxEInn4FBjgIImub1kkmNJD6reHxU7nx2PcjmzSqpfrjZ0u9RtzK4Wh3%5FNrR2QadaLVUjD%5Fw&access_token_ttl=1657553045475&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 7b741896-06e1-4a5c-ba55-3c9ad06ef5e1, 7b741896-06e1-4a5c-ba55-3c9ad06ef5e1
x-officefd: DB5PEPF0000CE8B
x-usersessionid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d, cf7d5f64-2e5a-4701-b858-2f74d6ba935d
x-powered-by: ARR/3.0
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 44EE807FC29B48958AF58305BE1BEDA7 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *, *
expires: Tue, 20 Jun 2023 15:24:07 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame EDEA 2 KB
1 KB 169ms
169ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=ffbf101e-abdd-4375-bc7a-8f1bd4ce7723&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&access_token=4woAaoos%2Dg5HobtGCF%2DB8K1%5FZOD%5F4hfH9nDqLwHD9jCqJRBxax96TDPE%2D2gm%5FLNviUo1kH4L56nOJ6LIx5JoVu9IYq5%5FNZ5qKw9KMETAUl9RC5UMc%5F8LnkwtT437rLEqEjel8%5Fltk0vCfun%2Djmx8mJEA&access_token_ttl=1657553045371&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDc3LjU&waccluster=PIE1&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

68fc0cd1b945e47f9572345a29bcefc6577b1da712be678ec56043b6c4415c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF000083EB
X-UserSessionId: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: 7JlUCwx0HwV9cAEsLnt+yt7qSOuGeTV0NM8TRN5sbNA=,637913354459337271
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000083EB
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083EB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 685
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&access_token=4woAaoos%2Dg5HobtGCF%2DB8K1%5FZOD%5F4hfH9nDqLwHD9jCqJRBxax96TDPE%2D2gm%5FLNviUo1kH4L56nOJ6LIx5JoVu9IYq5%5FNZ5qKw9KMETAUl9RC5UMc%5F8LnkwtT437rLEqEjel8%5Fltk0vCfun%2Djmx8mJEA&access_token_ttl=1657553045371&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDc3LjU00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 9b5d3e75-3710-48ec-8a1c-1135ba3d05a0, 9b5d3e75-3710-48ec-8a1c-1135ba3d05a0
x-officefd: DB5PEPF000064AD
x-usersessionid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723, ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
x-powered-by: ARR/3.0
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 82CA58DD12CC4DE7AC7D173D8BDE1A77 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *, *
expires: Tue, 20 Jun 2023 15:24:07 GMT

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame C144 5 KB
2 KB 170ms
170ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=190f961c-87fa-4ef0-93fb-bd4c06296aae&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wNIZuG8SRBloyX54wbymqt4%5F8mcfZJ%2DMdl05AkE%5F0YTGsXyHjjNLRaL0WtWAhryjp96tQAFG5XZUfMEC7EhK3eHS3PYn8FD%2DVYDLxK6O6tj6lfOxJ6Z4%2DtpPm%5FYGZDr51pL7BGQxcwjZB%5FfFxgJgbZw&access_token_ttl=1657553045311&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ&waccluster=PIE1&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

f1ae7e118bbf61cae02ce379e55ab106d1fba274742f3be8c111e545855a1072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF000083FC
X-UserSessionId: 190f961c-87fa-4ef0-93fb-bd4c06296aae
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: W/M3UZ2FLEGRvLEF3g341/jEPvSC0pIxUOHVTr1Ucis=,637913354459353433
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000083FC
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1710
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wNIZuG8SRBloyX54wbymqt4%5F8mcfZJ%2DMdl05AkE%5F0YTGsXyHjjNLRaL0WtWAhryjp96tQAFG5XZUfMEC7EhK3eHS3PYn8FD%2DVYDLxK6O6tj6lfOxJ6Z4%2DtpPm%5FYGZDr51pL7BGQxcwjZB%5FfFxgJgbZw&access_token_ttl=1657553045311&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: ac400f54-d295-4554-b497-b79afb3faec4, ac400f54-d295-4554-b497-b79afb3faec4
x-officefd: DB5PEPF0000F302
x-usersessionid: 190f961c-87fa-4ef0-93fb-bd4c06296aae, 190f961c-87fa-4ef0-93fb-bd4c06296aae
x-powered-by: ARR/3.0
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: AD8F4887A9874E84BCE6187567470543 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *, *
expires: Tue, 20 Jun 2023 15:24:07 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F780 28 B
54 B 67ms
67ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/f05de49d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/oDpVhXEeCAk?rel=0
X-YouTube-Client-Version: 1.20220615.02.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtuWkdKRkFGVU1zdyiUosKVBg%3D%3D
X-YouTube-Ad-Signals: dt=1655738645005&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C525%2C300&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 20 Jun 2022 15:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 20 Jun 2022 15:24:07 GMT

GET
H2 200 officebrowserfeedback.css
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/ Frame D6AA 18 KB
3 KB 55ms
55ms Stylesheet
text/css 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e6352f2e637fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069E2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2711
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:21:36 GMT
x-officefd: AM4PEPF000069E2
x-msedge-ref: Ref A: 1DC4C7C4D7184617A65570A7DE4A3DBD Ref B: AMS04EDGE1706 Ref C: 2022-06-13T20:21:36Z
x-usersessionid: 902c8a22-d600-49e6-9bea-db15619f8955
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 902c8a22-d600-49e6-9bea-db15619f8955
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedbackstrings.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/Intl/en-gb/ Frame D6AA 2 KB
2 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/Intl/en-gb/officebrowserfeedbackstrings.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4a2f0d29c06c3abd747ca2772b8e3068e60ec2d416f69c3eb46642171e7b42e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"af1f1aaebb7fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069E6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1157
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 14 Jun 2022 06:55:06 GMT
x-officefd: AM4PEPF000069E6
x-msedge-ref: Ref A: 6C05A010E6474427B076486504C06A95 Ref B: VIEEDGE4114 Ref C: 2022-06-14T06:55:06Z
x-usersessionid: 087cd1ea-1c0f-4c08-9577-3255774f290d
date: Mon, 20 Jun 2022 15:24:07 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 087cd1ea-1c0f-4c08-9577-3255774f290d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedback.css
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/ Frame EDEA 18 KB
3 KB 54ms
54ms Stylesheet
text/css 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e6352f2e637fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069E2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2711
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:21:36 GMT
x-officefd: AM4PEPF000069E2
x-msedge-ref: Ref A: 1DC4C7C4D7184617A65570A7DE4A3DBD Ref B: AMS04EDGE1706 Ref C: 2022-06-13T20:21:36Z
x-usersessionid: 902c8a22-d600-49e6-9bea-db15619f8955
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 902c8a22-d600-49e6-9bea-db15619f8955
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedbackstrings.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/Intl/en-gb/ Frame EDEA 2 KB
2 KB 55ms
55ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/Intl/en-gb/officebrowserfeedbackstrings.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4a2f0d29c06c3abd747ca2772b8e3068e60ec2d416f69c3eb46642171e7b42e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"af1f1aaebb7fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069E6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1157
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 14 Jun 2022 06:55:06 GMT
x-officefd: AM4PEPF000069E6
x-msedge-ref: Ref A: 6C05A010E6474427B076486504C06A95 Ref B: VIEEDGE4114 Ref C: 2022-06-14T06:55:06Z
x-usersessionid: 087cd1ea-1c0f-4c08-9577-3255774f290d
date: Mon, 20 Jun 2022 15:24:07 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 087cd1ea-1c0f-4c08-9577-3255774f290d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedback.css
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/ Frame 2CA3 18 KB
3 KB 55ms
54ms Stylesheet
text/css 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e6352f2e637fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069E2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2711
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:21:36 GMT
x-officefd: AM4PEPF000069E2
x-msedge-ref: Ref A: 1DC4C7C4D7184617A65570A7DE4A3DBD Ref B: AMS04EDGE1706 Ref C: 2022-06-13T20:21:36Z
x-usersessionid: 902c8a22-d600-49e6-9bea-db15619f8955
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 902c8a22-d600-49e6-9bea-db15619f8955
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedbackstrings.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/Intl/en-gb/ Frame 2CA3 2 KB
2 KB 55ms
55ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/Intl/en-gb/officebrowserfeedbackstrings.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4a2f0d29c06c3abd747ca2772b8e3068e60ec2d416f69c3eb46642171e7b42e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"af1f1aaebb7fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069E6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1157
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 14 Jun 2022 06:55:06 GMT
x-officefd: AM4PEPF000069E6
x-msedge-ref: Ref A: 6C05A010E6474427B076486504C06A95 Ref B: VIEEDGE4114 Ref C: 2022-06-14T06:55:06Z
x-usersessionid: 087cd1ea-1c0f-4c08-9577-3255774f290d
date: Mon, 20 Jun 2022 15:24:07 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 087cd1ea-1c0f-4c08-9577-3255774f290d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/ Frame 3726 837 KB
138 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e2c2683c75736d84db85be4f4d684806c3aa1aa12c8dc4b80fcdf0e2d1dc51f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ca8095cc627fd81:0"
x-officecluster: US4C
x-officeversion: 16.0.15407.41018
x-officefe: DM3PEPF00013871
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 140330
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Mon, 13 Jun 2022 20:18:52 GMT
x-officefd: DM3PEPF00012E9B
x-msedge-ref: Ref A: 74FADE2FF05A425DA408772B184E38F5 Ref B: AM3EDGE0908 Ref C: 2022-06-13T20:18:51Z
x-usersessionid: b8c5fbc0-95ec-4cd7-aa99-b1fd7acb26df
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b8c5fbc0-95ec-4cd7-aa99-b1fd7acb26df
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/ Frame 3726 695 B
1 KB 54ms
54ms Image
image/gif 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_resources/2057/progress.gif

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"9fe7845f6c7fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000840F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 21:27:24 GMT
x-officefd: DB5PEPF0000840F
x-msedge-ref: Ref A: 964E645CECED430FAC109F676FE5E0DD Ref B: AM3EDGE0714 Ref C: 2022-06-13T21:27:24Z
x-usersessionid: ac901ad6-0f08-4331-8fe3-7e9d3b2099d0
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: ac901ad6-0f08-4331-8fe3-7e9d3b2099d0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedback_floodgate.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/ Frame 3726 549 KB
102 KB 57ms
56ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9453a0d46bcb5bb3ef1982975b93214e05fc901c61cda2917fda568d7a3d4704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"383de8637fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF0001293F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 103228
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:26:47 GMT
x-officefd: AM4PEPF0001293F
x-msedge-ref: Ref A: 8BF9370E3F2641E79D35C6DD53764320 Ref B: AM3EDGE0207 Ref C: 2022-06-13T20:26:47Z
x-usersessionid: a1d23c35-d46d-4f82-8035-0d4805f20ec0
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a1d23c35-d46d-4f82-8035-0d4805f20ec0
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3726 0
550 B 239ms
239ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: AM4PEPF00012934
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: IzyLieNtcYU03ovxJMKqMYuD+EpdSl9s8kSGU9+3CN8=,637913354464509008
X-bULS-SuppressionETag: D364F302477177B1869F1E6153FB2A84B42A10D2
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4w6lvIUrMrE67fmDAt0zYuijeagRjMjWqf_JlHOOmC5xzgUjMXWWOCrqoJpgcR6P-Eg5wFe_gIZlWhJNTkDPeALIJ0dGfOsgH6bLjatKkZVHvVuB_TtAqzHJ-EwrmvrxNoV95kMWtFsflvJI3rcPgTHA
X-UserSessionId: f9bc29c9-9017-4451-9c2b-d2cde9705a87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1657553045618
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS6
x-officeversion: 16.0.15409.41003
x-officefe: BL6PEPF0000B921
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: D364F302477177B1869F1E6153FB2A84B42A10D2
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: de3f78f3-20a3-4cda-a5a0-e0aa0cbd465b
x-officefd: BL6PEPF0000B921
x-usersessionid: f9bc29c9-9017-4451-9c2b-d2cde9705a87
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: CE3EDBF364DC44389448DCAB95522AA4 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 3726 110 KB
111 KB 346ms
345ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=f9bc29c9-9017-4451-9c2b-d2cde9705a87&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&access_token=4w6lvIUrMrE67fmDAt0zYuijeagRjMjWqf_JlHOOmC5xzgUjMXWWOCrqoJpgcR6P-Eg5wFe_gIZlWhJNTkDPeALIJ0dGfOsgH6bLjatKkZVHvVuB_TtAqzHJ-EwrmvrxNoV95kMWtFsflvJI3rcPgTHA&access_token_ttl=1657553046022&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDE5LjU&waccluster=PNL1&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3368a35ab5a69f1185f3e8389995740cdca344015d22b636daedc653009e582d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012374
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF00012374
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 112598
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&access_token=4w6lvIUrMrE67fmDAt0zYuijeagRjMjWqf%5FJlHOOmC5xzgUjMXWWOCrqoJpgcR6P%2DEg5wFe%5FgIZlWhJNTkDPeALIJ0dGfOsgH6bLjatKkZVHvVuB%5FTtAqzHJ%2DEwrmvrxNoV95kMWtFsflvJI3rcPgTHA&access_token_ttl=1657553046022&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDE5LjU00000000-0000-0000-0000-000000000802p1.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: ebc195e3-fa5d-41c2-a885-66ec3bbb1264
x-officefd: AM4PEPF00012374
x-usersessionid: f9bc29c9-9017-4451-9c2b-d2cde9705a87
date: Mon, 20 Jun 2022 15:24:07 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 36B66CBD94944EF6A608A070EA188270 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:08 GMT

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 3726 95 KB
96 KB 605ms
604ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=f9bc29c9-9017-4451-9c2b-d2cde9705a87&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&access_token=4w6lvIUrMrE67fmDAt0zYuijeagRjMjWqf_JlHOOmC5xzgUjMXWWOCrqoJpgcR6P-Eg5wFe_gIZlWhJNTkDPeALIJ0dGfOsgH6bLjatKkZVHvVuB_TtAqzHJ-EwrmvrxNoV95kMWtFsflvJI3rcPgTHA&access_token_ttl=1657553046022&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDE5LjU&waccluster=PNL1&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2aa51764c5200105895b45e253cc972f772ea61870ff2d605b9318870d690e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF000131EC
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF000131EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 97398
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&access_token=4w6lvIUrMrE67fmDAt0zYuijeagRjMjWqf%5FJlHOOmC5xzgUjMXWWOCrqoJpgcR6P%2DEg5wFe%5FgIZlWhJNTkDPeALIJ0dGfOsgH6bLjatKkZVHvVuB%5FTtAqzHJ%2DEwrmvrxNoV95kMWtFsflvJI3rcPgTHA&access_token_ttl=1657553046022&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDE5LjU00000000-0000-0000-0000-000000000802p2.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7d53789e-7d82-4343-9f11-46809d91c9cd
x-officefd: AM4PEPF000131EC
x-usersessionid: f9bc29c9-9017-4451-9c2b-d2cde9705a87
date: Mon, 20 Jun 2022 15:24:07 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 2D527A815FA44FC0BB3F578B5D99ECC2 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:08 GMT

GET
H2 200 ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 3726 29 KB
30 KB 577ms
577ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p3.img&v=00000000-0000-0000-0000-000000000802&usid=f9bc29c9-9017-4451-9c2b-d2cde9705a87&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&access_token=4w6lvIUrMrE67fmDAt0zYuijeagRjMjWqf_JlHOOmC5xzgUjMXWWOCrqoJpgcR6P-Eg5wFe_gIZlWhJNTkDPeALIJ0dGfOsgH6bLjatKkZVHvVuB_TtAqzHJ-EwrmvrxNoV95kMWtFsflvJI3rcPgTHA&access_token_ttl=1657553046022&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDE5LjU&waccluster=PNL1&PdfMode=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

94a5651861ff222a2eff8bcb5ddfaeb7225a86db54b5547779dee22867b2dbad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF0001237C
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF0001237C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 29915
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&access_token=4w6lvIUrMrE67fmDAt0zYuijeagRjMjWqf%5FJlHOOmC5xzgUjMXWWOCrqoJpgcR6P%2DEg5wFe%5FgIZlWhJNTkDPeALIJ0dGfOsgH6bLjatKkZVHvVuB%5FTtAqzHJ%2DEwrmvrxNoV95kMWtFsflvJI3rcPgTHA&access_token_ttl=1657553046022&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDE5LjU00000000-0000-0000-0000-000000000802p3.img"
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 667954c6-4e90-48da-b82e-afa398becb6b
x-officefd: AM4PEPF0001237C
x-usersessionid: f9bc29c9-9017-4451-9c2b-d2cde9705a87
date: Mon, 20 Jun 2022 15:24:07 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 95D61F36F7A6452F8CAF5419D36054A6 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:08 GMT

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3726 0
349 B 237ms
236ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: f9bc29c9-9017-4451-9c2b-d2cde9705a87
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":1199,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BAFD
x-officeversion: 16.0.15413.41023
x-officefe: BL6PEPF0000BAFD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: aeea7541-54ca-4dec-9645-cdfa1531f7d3
x-officecluster: PGTUS4
x-usersessionid: f9bc29c9-9017-4451-9c2b-d2cde9705a87
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 222E588F8B4341669B6223078BA7A21B Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 officebrowserfeedback.css
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/ Frame C144 18 KB
3 KB 55ms
55ms Stylesheet
text/css 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e6352f2e637fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069E2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2711
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:21:36 GMT
x-officefd: AM4PEPF000069E2
x-msedge-ref: Ref A: 1DC4C7C4D7184617A65570A7DE4A3DBD Ref B: AMS04EDGE1706 Ref C: 2022-06-13T20:21:36Z
x-usersessionid: 902c8a22-d600-49e6-9bea-db15619f8955
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 902c8a22-d600-49e6-9bea-db15619f8955
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedbackstrings.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/Intl/en-gb/ Frame C144 2 KB
2 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/Intl/en-gb/officebrowserfeedbackstrings.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4a2f0d29c06c3abd747ca2772b8e3068e60ec2d416f69c3eb46642171e7b42e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"af1f1aaebb7fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069E6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1157
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 14 Jun 2022 06:55:06 GMT
x-officefd: AM4PEPF000069E6
x-msedge-ref: Ref A: 6C05A010E6474427B076486504C06A95 Ref B: VIEEDGE4114 Ref C: 2022-06-14T06:55:06Z
x-usersessionid: 087cd1ea-1c0f-4c08-9577-3255774f290d
date: Mon, 20 Jun 2022 15:24:07 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 087cd1ea-1c0f-4c08-9577-3255774f290d
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame D6AA 42 KB
16 KB 433ms
61ms Script
application/javascript 104.92.80.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.92.80.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-80-28.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:08 GMT
X-MSNServer: RD0003FF1DA9E7
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11040, public
X-ODWebServer: westeurope0-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H2 200 ResReader.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3726 22 KB
7 KB 167ms
166ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=f9bc29c9-9017-4451-9c2b-d2cde9705a87&build=16.0.15409.41003&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&access_token=4w6lvIUrMrE67fmDAt0zYuijeagRjMjWqf%5FJlHOOmC5xzgUjMXWWOCrqoJpgcR6P%2DEg5wFe%5FgIZlWhJNTkDPeALIJ0dGfOsgH6bLjatKkZVHvVuB%5FTtAqzHJ%2DEwrmvrxNoV95kMWtFsflvJI3rcPgTHA&access_token_ttl=1657553045618&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDE5LjU&waccluster=PNL1&PdfMode=1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

165edc4e0acd9eb1c53e90849f67b68f28c9f84cc5910c54e6d20a53d4708da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012934
X-UserSessionId: f9bc29c9-9017-4451-9c2b-d2cde9705a87
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: IzyLieNtcYU03ovxJMKqMYuD+EpdSl9s8kSGU9+3CN8=,637913354464509008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012934
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF00012934
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 6423
etag: "WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&access_token=4w6lvIUrMrE67fmDAt0zYuijeagRjMjWqf%5FJlHOOmC5xzgUjMXWWOCrqoJpgcR6P%2DEg5wFe%5FgIZlWhJNTkDPeALIJ0dGfOsgH6bLjatKkZVHvVuB%5FTtAqzHJ%2DEwrmvrxNoV95kMWtFsflvJI3rcPgTHA&access_token_ttl=1657553045618&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDE5LjU00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 31340ff6-d1a2-4c3e-bfee-fa9c66d4136b
x-officefd: AM4PEPF00012934
x-usersessionid: f9bc29c9-9017-4451-9c2b-d2cde9705a87
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
x-msedge-ref: Ref A: 40D111FF5F5A4536A2028A7F633878AC Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z
timing-allow-origin: *
expires: Tue, 20 Jun 2023 15:24:07 GMT

OPTIONS
H2 200 campaignmetadataaggregator
messaging.office.com/lifecycle/ Frame 0
0 556ms
178ms Preflight 52.109.8.50
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://messaging.office.com/lifecycle/campaignmetadataaggregator?country=GB&locale=en-GB&app=2155&platform=Web&version=16.0.15409.41003&campaignParams=pageWidth%3D1000%26pageHeight%3D500%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPIE1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3B&ageGroup=0&sessionUserType=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.8.50 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Access-Control-Request-Method: GET
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: *
access-control-max-age: 86400
cache-control: private
content-length: 0
date: Mon, 20 Jun 2022 15:24:07 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-correlationid: 15d13970-cc52-429a-869f-b5e5509489cf
x-frame-options: deny
x-gateids: AirTrafficControl.GovernanceRule
x-machine: cus-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_5
x-officecluster: cus-000.omexmessaging.osi.office.net
x-officefe: OmexMessagingStorefront_IN_5
x-officeversion: 22.4.10530.12308
x-ua-compatible: IE=edge
x-usersessionid: 15d13970-cc52-429a-869f-b5e5509489cf
x-xss-protection: 1; mode=block

GET
H2 200 campaignmetadataaggregator Show response
messaging.office.com/lifecycle/ Frame D6AA 324 B
993 B 223ms
223ms Fetch
application/json 52.109.8.50
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.8.50 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04d665f864fd62714caaa53532b12d06b0e0f399dcf4926e46929773504d5f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://word-view.officeapps.live.com/
x-correlationid: fb9f6f9d-aa60-4a57-fb6c-971818a5fee6
x-usersessionid: aa0958b2-097a-4312-0b1f-46faa89439bd
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: cus-000.omexmessaging.osi.office.net
x-gateids: AirTrafficControl.GovernanceRule
x-officeversion: 22.4.10530.12308
x-officefe: OmexMessagingStorefront_IN_5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
vary: Accept-Encoding
content-length: 243
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
x-correlationid: b48ab898-8b46-4d28-aa90-de1b8f96c354
server
x-usersessionid: aa0958b2-097a-4312-0b1f-46faa89439bd
date: Mon, 20 Jun 2022 15:24:07 GMT
x-frame-options: deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: *
cache-control: private, no-store
x-machine: cus-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_5
access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type

GET
H2 200 campaignmetadataaggregator Show response
messaging.office.com/lifecycle/ Frame EDEA 324 B
583 B 219ms
218ms Fetch
application/json 52.109.8.50
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.8.50 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04d665f864fd62714caaa53532b12d06b0e0f399dcf4926e46929773504d5f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://word-view.officeapps.live.com/
x-correlationid: dd1d5e8c-d29d-4b99-bc45-f6c829798f53
x-usersessionid: d20231b4-f264-448a-e5d8-6a932868fb37
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: cus-000.omexmessaging.osi.office.net
x-gateids: AirTrafficControl.GovernanceRule
x-officeversion: 22.4.10530.12308
x-officefe: OmexMessagingStorefront_IN_5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
vary: Accept-Encoding
content-length: 243
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
x-correlationid: e4e33835-22cf-45c0-b5bc-2af75f08753e
server
x-usersessionid: d20231b4-f264-448a-e5d8-6a932868fb37
date: Mon, 20 Jun 2022 15:24:07 GMT
x-frame-options: deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: *
cache-control: private, no-store
x-machine: cus-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_5
access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type

OPTIONS
H2 200 campaignmetadataaggregator
messaging.office.com/lifecycle/ Frame 0
0 550ms
178ms Preflight 52.109.8.50
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.8.50 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Access-Control-Request-Method: GET
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: *
access-control-max-age: 86400
cache-control: private
content-length: 0
date: Mon, 20 Jun 2022 15:24:07 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-correlationid: 8d8faa92-64fa-41b4-845d-fdc4a853f3c8
x-frame-options: deny
x-gateids: AirTrafficControl.GovernanceRule
x-machine: cus-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_5
x-officecluster: cus-000.omexmessaging.osi.office.net
x-officefe: OmexMessagingStorefront_IN_5
x-officeversion: 22.4.10530.12308
x-ua-compatible: IE=edge
x-usersessionid: 8d8faa92-64fa-41b4-845d-fdc4a853f3c8
x-xss-protection: 1; mode=block

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame D6AA 0
284 B 240ms
240ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=yRnFL8VqV0+uDjv5uH0Q6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1246,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: SN3PEPF0000B3A8
x-officeversion: 16.0.15409.41003
x-officefe: SN3PEPF0000B3A8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 53c39b9c-ca93-459e-9f42-3a89bfb59cb8
x-officecluster: PGTUS5
x-usersessionid: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
date: Mon, 20 Jun 2022 15:24:07 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 7688BB2F4195415D8220F3EF0368F1CF Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2CA3 0
435 B 197ms
196ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1247,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000E93D
x-officeversion: 16.0.15409.41003
x-officefe: BL6PEPF0000E93D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 04849858-da75-450e-ad4a-5379bb73710e
x-officecluster: PGTUS6
x-usersessionid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
date: Mon, 20 Jun 2022 15:24:06 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 8FC92F77F93A4DF1B8AA6A5DF59E3A68 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame EDEA 42 KB
16 KB 408ms
60ms Script
application/javascript 104.92.80.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.92.80.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-80-28.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:08 GMT
X-MSNServer: RD0003FF1DA9E7
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11040, public
X-ODWebServer: westeurope0-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H2 200 otelFull.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/ Frame D6AA 99 KB
29 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/otelFull.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"5d31a6cc627fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000C62B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 28874
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:18:52 GMT
x-officefd: DB5PEPF0000C62B
x-msedge-ref: Ref A: 2448181F14F14626916B17B6291F647D Ref B: AM3EDGE0708 Ref C: 2022-06-13T20:18:52Z
x-usersessionid: 8e34400b-c9cf-477e-b73c-e93ebdfb7acb
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8e34400b-c9cf-477e-b73c-e93ebdfb7acb
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 2CA3 42 KB
16 KB 409ms
62ms Script
application/javascript 104.92.80.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.92.80.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-80-28.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:08 GMT
X-MSNServer: RD0003FF1DA9E7
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11040, public
X-ODWebServer: westeurope0-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H2 200 campaignmetadataaggregator Show response
messaging.office.com/lifecycle/ Frame 2CA3 324 B
483 B 236ms
236ms Fetch
application/json 52.109.8.50
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.8.50 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04d665f864fd62714caaa53532b12d06b0e0f399dcf4926e46929773504d5f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://word-view.officeapps.live.com/
x-correlationid: 007f39a8-8eca-4c74-d195-15cde55c1c54
x-usersessionid: ce06b72e-0c71-4d25-336a-09a9d5e06b2d
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: cus-000.omexmessaging.osi.office.net
x-gateids: AirTrafficControl.GovernanceRule
x-officeversion: 22.4.10530.12308
x-officefe: OmexMessagingStorefront_IN_5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
vary: Accept-Encoding
content-length: 243
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
x-correlationid: d815defd-a382-4919-8930-22bee2dcd9e4
server
x-usersessionid: ce06b72e-0c71-4d25-336a-09a9d5e06b2d
date: Mon, 20 Jun 2022 15:24:07 GMT
x-frame-options: deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: *
cache-control: private, no-store
x-machine: cus-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_5
access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type

OPTIONS
H2 200 campaignmetadataaggregator
messaging.office.com/lifecycle/ Frame 0
0 538ms
178ms Preflight 52.109.8.50
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.8.50 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Access-Control-Request-Method: GET
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: *
access-control-max-age: 86400
cache-control: private
content-length: 0
date: Mon, 20 Jun 2022 15:24:07 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-correlationid: 80d134d4-c8c0-4676-a01b-64034b686a84
x-frame-options: deny
x-gateids: AirTrafficControl.GovernanceRule
x-machine: cus-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_5
x-officecluster: cus-000.omexmessaging.osi.office.net
x-officefe: OmexMessagingStorefront_IN_5
x-officeversion: 22.4.10530.12308
x-ua-compatible: IE=edge
x-usersessionid: 80d134d4-c8c0-4676-a01b-64034b686a84
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame C144 42 KB
16 KB 397ms
60ms Script
application/javascript 104.92.80.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.92.80.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-80-28.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:08 GMT
X-MSNServer: RD0003FF1DA9E7
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11040, public
X-ODWebServer: westeurope0-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H2 200 officebrowserfeedback.css
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/ Frame 3726 18 KB
3 KB 54ms
54ms Stylesheet
text/css 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e6352f2e637fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069E2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2711
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:21:36 GMT
x-officefd: AM4PEPF000069E2
x-msedge-ref: Ref A: 1DC4C7C4D7184617A65570A7DE4A3DBD Ref B: AMS04EDGE1706 Ref C: 2022-06-13T20:21:36Z
x-usersessionid: 902c8a22-d600-49e6-9bea-db15619f8955
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 902c8a22-d600-49e6-9bea-db15619f8955
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedbackstrings.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/Intl/en-gb/ Frame 3726 2 KB
2 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/Intl/en-gb/officebrowserfeedbackstrings.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4a2f0d29c06c3abd747ca2772b8e3068e60ec2d416f69c3eb46642171e7b42e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"af1f1aaebb7fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15407.41018
x-officefe: AM4PEPF000069E6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1157
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 14 Jun 2022 06:55:06 GMT
x-officefd: AM4PEPF000069E6
x-msedge-ref: Ref A: 6C05A010E6474427B076486504C06A95 Ref B: VIEEDGE4114 Ref C: 2022-06-14T06:55:06Z
x-usersessionid: 087cd1ea-1c0f-4c08-9577-3255774f290d
date: Mon, 20 Jun 2022 15:24:07 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 087cd1ea-1c0f-4c08-9577-3255774f290d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 otelFull.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/ Frame 2CA3 99 KB
29 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/otelFull.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"5d31a6cc627fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000C62B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 28874
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:18:52 GMT
x-officefd: DB5PEPF0000C62B
x-msedge-ref: Ref A: 2448181F14F14626916B17B6291F647D Ref B: AM3EDGE0708 Ref C: 2022-06-13T20:18:52Z
x-usersessionid: 8e34400b-c9cf-477e-b73c-e93ebdfb7acb
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8e34400b-c9cf-477e-b73c-e93ebdfb7acb
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 campaignmetadataaggregator Show response
messaging.office.com/lifecycle/ Frame C144 324 B
484 B 236ms
235ms Fetch
application/json 52.109.8.50
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.8.50 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04d665f864fd62714caaa53532b12d06b0e0f399dcf4926e46929773504d5f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://word-view.officeapps.live.com/
x-correlationid: 3a7bee9d-c7bb-4c78-619e-02cc620e54db
x-usersessionid: 10176b2f-2d2f-498a-277d-db3a96939953
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: cus-000.omexmessaging.osi.office.net
x-gateids: AirTrafficControl.GovernanceRule
x-officeversion: 22.4.10530.12308
x-officefe: OmexMessagingStorefront_IN_5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
vary: Accept-Encoding
content-length: 243
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
x-correlationid: af16b846-c819-40ca-acdf-9d682b2cde7d
server
x-usersessionid: 10176b2f-2d2f-498a-277d-db3a96939953
date: Mon, 20 Jun 2022 15:24:07 GMT
x-frame-options: deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: *
cache-control: private, no-store
x-machine: cus-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_5
access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type

OPTIONS
H2 200 campaignmetadataaggregator
messaging.office.com/lifecycle/ Frame 0
0 497ms
189ms Preflight 52.109.8.50
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.8.50 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Access-Control-Request-Method: GET
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: *
access-control-max-age: 86400
cache-control: private
content-length: 0
date: Mon, 20 Jun 2022 15:24:07 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-correlationid: e3bba2e5-fee6-44ec-a226-ab78c8de9cd5
x-frame-options: deny
x-gateids: AirTrafficControl.GovernanceRule
x-machine: cus-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_5
x-officecluster: cus-000.omexmessaging.osi.office.net
x-officefe: OmexMessagingStorefront_IN_5
x-officeversion: 22.4.10530.12308
x-ua-compatible: IE=edge
x-usersessionid: e3bba2e5-fee6-44ec-a226-ab78c8de9cd5
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame D6AA 4 B
333 B 679ms
160ms XHR
application/json 52.182.143.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:07 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 campaignmetadataaggregator Show response
messaging.office.com/lifecycle/ Frame 3726 324 B
482 B 357ms
357ms Fetch
application/json 52.109.8.50
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://messaging.office.com/lifecycle/campaignmetadataaggregator?country=GB&locale=en-GB&app=2155&platform=Web&version=16.0.15409.41003&campaignParams=pageWidth%3D1000%26pageHeight%3D350%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3B&ageGroup=0&sessionUserType=2

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.8.50 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04d665f864fd62714caaa53532b12d06b0e0f399dcf4926e46929773504d5f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://word-view.officeapps.live.com/
x-correlationid: acfd2d59-aaca-4eec-c90c-101e718ebad5
x-usersessionid: 9aeb45df-1dac-4328-eb72-6c4ce117cb0e
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: cus-000.omexmessaging.osi.office.net
x-gateids: AirTrafficControl.GovernanceRule
x-officeversion: 22.4.10530.12308
x-officefe: OmexMessagingStorefront_IN_5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
vary: Accept-Encoding
content-length: 243
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
x-correlationid: 9be59dcd-67bd-42d2-a777-fa87bcfc3f81
server
x-usersessionid: 9aeb45df-1dac-4328-eb72-6c4ce117cb0e
date: Mon, 20 Jun 2022 15:24:07 GMT
x-frame-options: deny
content-type: application/json; charset=utf-8
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: *
cache-control: private, no-store
x-machine: cus-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_5
access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type

OPTIONS
H2 200 campaignmetadataaggregator
messaging.office.com/lifecycle/ Frame 0
0 445ms
190ms Preflight 52.109.8.50
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://messaging.office.com/lifecycle/campaignmetadataaggregator?country=GB&locale=en-GB&app=2155&platform=Web&version=16.0.15409.41003&campaignParams=pageWidth%3D1000%26pageHeight%3D350%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3B&ageGroup=0&sessionUserType=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.8.50 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlationid,x-usersessionid
Access-Control-Request-Method: GET
Origin: https://word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: authorization,X-CorrelationId,X-UserSessionId,Content-Type
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: *
access-control-max-age: 86400
cache-control: private
content-length: 0
date: Mon, 20 Jun 2022 15:24:07 GMT
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-correlationid: 9ad9b4a3-4af7-467d-b66e-a8998c5dd6a6
x-frame-options: deny
x-gateids: AirTrafficControl.GovernanceRule
x-machine: cus-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_5
x-officecluster: cus-000.omexmessaging.osi.office.net
x-officefe: OmexMessagingStorefront_IN_5
x-officeversion: 22.4.10530.12308
x-ua-compatible: IE=edge
x-usersessionid: 9ad9b4a3-4af7-467d-b66e-a8998c5dd6a6
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 2CA3 4 B
333 B 648ms
161ms XHR
application/json 52.182.143.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:08 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 3726 42 KB
16 KB 280ms
60ms Script
application/javascript 104.92.80.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.92.80.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-80-28.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:08 GMT
X-MSNServer: RD0003FF1DA9E7
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=11040, public
X-ODWebServer: westeurope0-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame EDEA 0
315 B 154ms
153ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1579,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BAFC
x-officeversion: 16.0.15413.41023
x-officefe: BL6PEPF0000BAFC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: 7dd6c921-c8f3-4a0a-9a45-e575b034296b
x-officecluster: PGTUS4
x-usersessionid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
date: Mon, 20 Jun 2022 15:24:07 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: F988CF3F81DA4AA1B75A7444E8E609C6 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 otelFull.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/ Frame EDEA 99 KB
29 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/otelFull.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"5d31a6cc627fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000C62B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 28874
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:18:52 GMT
x-officefd: DB5PEPF0000C62B
x-msedge-ref: Ref A: 2448181F14F14626916B17B6291F647D Ref B: AM3EDGE0708 Ref C: 2022-06-13T20:18:52Z
x-usersessionid: 8e34400b-c9cf-477e-b73c-e93ebdfb7acb
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8e34400b-c9cf-477e-b73c-e93ebdfb7acb
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame C144 0
473 B 206ms
206ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: 190f961c-87fa-4ef0-93fb-bd4c06296aae
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1531,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: MW1PEPF000078B1
x-officeversion: 16.0.15413.41023
x-officefe: MW1PEPF000078B1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: a7313f77-a3f1-403e-9976-60d9613319cd
x-officecluster: PGTUS2
x-usersessionid: 190f961c-87fa-4ef0-93fb-bd4c06296aae
date: Mon, 20 Jun 2022 15:24:07 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: A09A07614A1943E8A8F9C902CC5FD1C3 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:07Z

GET
H2 200 otelFull.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/ Frame C144 99 KB
29 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/otelFull.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"5d31a6cc627fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000C62B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 28874
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:18:52 GMT
x-officefd: DB5PEPF0000C62B
x-msedge-ref: Ref A: 2448181F14F14626916B17B6291F647D Ref B: AM3EDGE0708 Ref C: 2022-06-13T20:18:52Z
x-usersessionid: 8e34400b-c9cf-477e-b73c-e93ebdfb7acb
date: Mon, 20 Jun 2022 15:24:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8e34400b-c9cf-477e-b73c-e93ebdfb7acb
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame EDEA 4 B
333 B 644ms
160ms XHR
application/json 52.182.143.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:07 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame C144 4 B
333 B 669ms
162ms XHR
application/json 52.182.143.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:08 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3726 0
440 B 209ms
209ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: f9bc29c9-9017-4451-9c2b-d2cde9705a87
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1562,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BY3PEPF0000C92C
x-officeversion: 16.0.15409.41003
x-officefe: BY3PEPF0000C92C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 95625d97-142d-41e2-90ce-dba4d57e9cfc
x-officecluster: PGTUS1
x-usersessionid: f9bc29c9-9017-4451-9c2b-d2cde9705a87
date: Mon, 20 Jun 2022 15:24:07 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 5FA39C2DE62F4770B88CD638FA6415E9 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:08Z

GET
H2 200 otelFull.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/ Frame 3726 99 KB
29 KB 54ms
54ms Script
application/javascript 2a02:26f0:3500:782::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/otelFull.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7CCA78B6998790B2_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:782::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://word-view.officeapps.live.com/
Origin: https://word-view.officeapps.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"5d31a6cc627fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15407.41018
x-officefe: DB5PEPF0000C62B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 28874
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Jun 2022 20:18:52 GMT
x-officefd: DB5PEPF0000C62B
x-msedge-ref: Ref A: 2448181F14F14626916B17B6291F647D Ref B: AM3EDGE0708 Ref C: 2022-06-13T20:18:52Z
x-usersessionid: 8e34400b-c9cf-477e-b73c-e93ebdfb7acb
date: Mon, 20 Jun 2022 15:24:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8e34400b-c9cf-477e-b73c-e93ebdfb7acb
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 3726 4 B
333 B 546ms
161ms XHR
application/json 52.182.143.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:07 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H3-Q050 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 167D 47 KB
14 KB 56ms
56ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:08 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ea603572-001e-0054-47e3-d5f758000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=12093016
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 167D 203 KB
68 KB 54ms
54ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:08 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 449c47a3-c01e-000d-37a6-eaf2de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14375946
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 167D 15 KB
6 KB 62ms
62ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:08 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 14332129-701e-0024-0947-43708d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=24100922
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2 200 translation.ashx Show response
word-view.officeapps.live.com/wv/ Frame D6AA 2 KB
2 KB 85ms
85ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&access_token=4wems4ySx0X2QfOCadVAq5Zkjv%2DXJCnyjyrBU0gWUBDqvQwCnjAw2tUbDOpFXm0puoTveyRY7%5FecgB9PXm3Po0GilY9Z6ZhhXVyOIJlm8zEm6%5FNFPrQLr8dptxRmfKUs%2DHbqgbPwSTbxguSKSKbbjkJQ&access_token_ttl=1657553045593&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDY4LjU&uilang=en-GB

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

80c48156ef45de343bb45bf35e917968fde407e12cd42d00996bbf554186d596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF00008421
X-UserSessionId: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: IlTliXLIwOChQX2O90XldYpJozDt9FXFY+dbK9zYn48=,637913354464530388
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=yRnFL8VqV0+uDjv5uH0Q6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF00008421
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF00008421
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1418
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: fdfd9efb-a6b0-42a6-8576-133e145cda0a, fdfd9efb-a6b0-42a6-8576-133e145cda0a
x-officefd: DB5PEPF0000CE8B
x-usersessionid: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82, 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
x-powered-by: ARR/3.0
date: Mon, 20 Jun 2022 15:24:07 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: E5570C3ED09C484694866091099020D5 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:08Z
timing-allow-origin: *, *
expires: -1

GET
H3-Q050 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 515F 47 KB
14 KB 58ms
57ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211077&authkey=ALKCXSI4EJuINSc&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:08 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ea603572-001e-0054-47e3-d5f758000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=12093016
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 515F 203 KB
68 KB 58ms
57ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211077&authkey=ALKCXSI4EJuINSc&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:08 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 449c47a3-c01e-000d-37a6-eaf2de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14375946
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 515F 15 KB
6 KB 58ms
57ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211077&authkey=ALKCXSI4EJuINSc&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:08 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 14332129-701e-0024-0947-43708d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=24100922
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2 200 translation.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2CA3 2 KB
2 KB 84ms
84ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wsGCKUS8YSKS%2DGjNPxf%5FztCks4d3QGrIG1MOiUrNSAcqZB%2D6NZ9nvtQyRjqethJI81HW7V1FGAPRt1kyxEInn4FBjgIImub1kkmNJD6reHxU7nx2PcjmzSqpfrjZ0u9RtzK4Wh3%5FNrR2QadaLVUjD%5Fw&access_token_ttl=1657553045475&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ&uilang=en-GB

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

80c48156ef45de343bb45bf35e917968fde407e12cd42d00996bbf554186d596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF000064AD
X-UserSessionId: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: GZ4Vc2Nil0bcwvPkSD3TTinsI8opYTf3PTjMJH9WUwo=,637913354464608802
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000064AD
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000064AD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1418
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 3e45e47e-4b08-417a-89ec-6b3378562bc8, 3e45e47e-4b08-417a-89ec-6b3378562bc8
x-officefd: DB5PEPF0000F302
x-usersessionid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d, cf7d5f64-2e5a-4701-b858-2f74d6ba935d
x-powered-by: ARR/3.0
date: Mon, 20 Jun 2022 15:24:07 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 281024E15BFC4B18ADDB6C4E2DB0AFEE Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:08Z
timing-allow-origin: *, *
expires: -1

GET
H2 200 translation.ashx Show response
word-view.officeapps.live.com/wv/ Frame EDEA 2 KB
2 KB 83ms
83ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&access_token=4woAaoos%2Dg5HobtGCF%2DB8K1%5FZOD%5F4hfH9nDqLwHD9jCqJRBxax96TDPE%2D2gm%5FLNviUo1kH4L56nOJ6LIx5JoVu9IYq5%5FNZ5qKw9KMETAUl9RC5UMc%5F8LnkwtT437rLEqEjel8%5Fltk0vCfun%2Djmx8mJEA&access_token_ttl=1657553045371&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDc3LjU&uilang=en-GB

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

80c48156ef45de343bb45bf35e917968fde407e12cd42d00996bbf554186d596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF000083EB
X-UserSessionId: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: 7JlUCwx0HwV9cAEsLnt+yt7qSOuGeTV0NM8TRN5sbNA=,637913354459337271
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000083EB
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083EB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 1418
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 11abc2e9-2167-4455-adaa-46eeed16a36a, 11abc2e9-2167-4455-adaa-46eeed16a36a
x-officefd: DB5PEPF000083DA
x-usersessionid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723, ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
x-powered-by: ARR/3.0
date: Mon, 20 Jun 2022 15:24:07 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: CFBD9906C8874F079C8CBA594AF60819 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:08Z
timing-allow-origin: *, *
expires: -1

GET
H2 200 translation.ashx Show response
word-view.officeapps.live.com/wv/ Frame C144 2 KB
2 KB 84ms
83ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&access_token=4wNIZuG8SRBloyX54wbymqt4%5F8mcfZJ%2DMdl05AkE%5F0YTGsXyHjjNLRaL0WtWAhryjp96tQAFG5XZUfMEC7EhK3eHS3PYn8FD%2DVYDLxK6O6tj6lfOxJ6Z4%2DtpPm%5FYGZDr51pL7BGQxcwjZB%5FfFxgJgbZw&access_token_ttl=1657553045311&z=aOTQ2QjhBRkVGMEY1MkJEMiE4ODIuNQ&uilang=en-GB

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

80c48156ef45de343bb45bf35e917968fde407e12cd42d00996bbf554186d596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: DB5PEPF000083FC
X-UserSessionId: 190f961c-87fa-4ef0-93fb-bd4c06296aae
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: W/M3UZ2FLEGRvLEF3g341/jEPvSC0pIxUOHVTr1Ucis=,637913354459353433
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PIE1
x-wacfrontend: DB5PEPF000083FC
x-officeversion: 16.0.15409.41003
x-officefe: DB5PEPF000083FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1418
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 72bcf152-82fd-41d1-8631-3621fc59c0c8, 72bcf152-82fd-41d1-8631-3621fc59c0c8
x-officefd: DB5PEPF000083EB
x-usersessionid: 190f961c-87fa-4ef0-93fb-bd4c06296aae, 190f961c-87fa-4ef0-93fb-bd4c06296aae
x-powered-by: ARR/3.0
date: Mon, 20 Jun 2022 15:24:07 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: BF1B344E4E9B44999D225CE849A39A20 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:08Z
timing-allow-origin: *, *
expires: -1

GET
H3-Q050 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 6ABD 47 KB
14 KB 60ms
60ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:08 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ea603572-001e-0054-47e3-d5f758000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=12093016
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 6ABD 203 KB
68 KB 60ms
60ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:08 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 449c47a3-c01e-000d-37a6-eaf2de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14375946
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 6ABD 15 KB
6 KB 60ms
60ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%21882&authkey=AChWjTHHHhGGYEw&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:08 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 14332129-701e-0024-0947-43708d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=24100922
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame FF43 47 KB
14 KB 60ms
59ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211068&authkey=AIeCzFVl2ljE9Co&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:08 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ea603572-001e-0054-47e3-d5f758000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=12093016
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame FF43 203 KB
68 KB 60ms
60ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211068&authkey=AIeCzFVl2ljE9Co&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:08 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 449c47a3-c01e-000d-37a6-eaf2de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14375946
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame FF43 15 KB
6 KB 60ms
60ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211068&authkey=AIeCzFVl2ljE9Co&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:08 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 14332129-701e-0024-0947-43708d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=24100922
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame F33F 47 KB
14 KB 59ms
59ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211019&authkey=AGCAMq55lajKKJY&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:08 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ea603572-001e-0054-47e3-d5f758000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=12093016
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame F33F 203 KB
68 KB 60ms
59ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211019&authkey=AGCAMq55lajKKJY&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:08 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 449c47a3-c01e-000d-37a6-eaf2de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14375946
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame F33F 15 KB
6 KB 60ms
59ms Script
application/javascript 2.21.20.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211019&authkey=AGCAMq55lajKKJY&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-153.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Jun 2022 15:24:08 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 14332129-701e-0024-0947-43708d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=24100922
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2 200 translation.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3726 2 KB
2 KB 65ms
65ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&access_token=4w6lvIUrMrE67fmDAt0zYuijeagRjMjWqf%5FJlHOOmC5xzgUjMXWWOCrqoJpgcR6P%2DEg5wFe%5FgIZlWhJNTkDPeALIJ0dGfOsgH6bLjatKkZVHvVuB%5FTtAqzHJ%2DEwrmvrxNoV95kMWtFsflvJI3rcPgTHA&access_token_ttl=1657553045618&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDE5LjU&uilang=en-GB

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

80c48156ef45de343bb45bf35e917968fde407e12cd42d00996bbf554186d596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF00012934
X-UserSessionId: f9bc29c9-9017-4451-9c2b-d2cde9705a87
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: IzyLieNtcYU03ovxJMKqMYuD+EpdSl9s8kSGU9+3CN8=,637913354464509008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-wacfrontend: AM4PEPF00012934
x-officeversion: 16.0.15409.41003
x-officefe: AM4PEPF00012934
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1418
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 3905a16a-1749-46d3-bde3-312762874ba6, 3905a16a-1749-46d3-bde3-312762874ba6
x-officefd: AM4PEPF00012379
x-usersessionid: f9bc29c9-9017-4451-9c2b-d2cde9705a87, f9bc29c9-9017-4451-9c2b-d2cde9705a87
x-powered-by: ARR/3.0
date: Mon, 20 Jun 2022 15:24:07 GMT
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 54F3C33737554EA286BAFD641C56943B Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:08Z
timing-allow-origin: *, *
expires: -1

GET
H2

200

c.gif
c.live.com/ Frame 515F
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=1d68b045-f1a9-4256-b64e-94775946deeb&reqid=001ea0b9826&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D747A88%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=1d68b045-f1a9-4256-b64e-94775946deeb&reqid=001ea0b9826&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D747A88%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=1d68b045-f1a9-4256-b64e-94775946deeb&reqid=001ea0b9826&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D747A88%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
355 B

64ms
64ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=1d68b045-f1a9-4256-b64e-94775946deeb&reqid=001ea0b9826&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D747A88%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4280%26IR%3D1%26EX%3D0%26L.h%3D1190%26L.sjs%3D4149%26L.ttg%3D1190%26C.st%3D1655738644564%26N.domIn%3D1206%26N.req%3D752%26N.resp%3D15%26N.navType%3D0%26N.redirectCount%3D0&r=0.9732970642199388&CtsSyncId=61359FF7130E4F54A1E8AC25E40558E1&MUID=0456167AD85C6B0304CF07B3DC5C6F04
Requested by: Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 15:24:08 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 15:24:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7B858DE4A22F4B68B292B8BB72E3CA42 Ref B: FRAEDGE1206 Ref C: 2022-06-20T15:24:09Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=1d68b045-f1a9-4256-b64e-94775946deeb&reqid=001ea0b9826&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D747A88%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4280%26IR%3D1%26EX%3D0%26L.h%3D1190%26L.sjs%3D4149%26L.ttg%3D1190%26C.st%3D1655738644564%26N.domIn%3D1206%26N.req%3D752%26N.resp%3D15%26N.navType%3D0%26N.redirectCount%3D0&r=0.9732970642199388&CtsSyncId=61359FF7130E4F54A1E8AC25E40558E1&MUID=0456167AD85C6B0304CF07B3DC5C6F04
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

c.gif
c.live.com/ Frame 167D
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=f43e47d2-a113-4c01-aefc-8eacf213b41a&reqid=00180adfbf3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F804C%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=f43e47d2-a113-4c01-aefc-8eacf213b41a&reqid=00180adfbf3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F804C%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=f43e47d2-a113-4c01-aefc-8eacf213b41a&reqid=00180adfbf3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F804C%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
229 B

65ms
65ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=f43e47d2-a113-4c01-aefc-8eacf213b41a&reqid=00180adfbf3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F804C%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4387%26IR%3D1%26EX%3D0%26L.h%3D1138%26L.sjs%3D4297%26L.ttg%3D1138%26C.st%3D1655738644566%26N.domIn%3D1151%26N.req%3D684%26N.resp%3D3%26N.navType%3D0%26N.redirectCount%3D0&r=0.9850445230904863&CtsSyncId=3533304B59DA4171AF8E1BE9A07EA697&MUID=015882B34ADC62401CAE937A4EDC660B
Requested by: Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 15:24:08 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 15:24:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 73528E2A9C9D4942B6617E90F6632A9F Ref B: FRAEDGE1206 Ref C: 2022-06-20T15:24:09Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=f43e47d2-a113-4c01-aefc-8eacf213b41a&reqid=00180adfbf3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D6F804C%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4387%26IR%3D1%26EX%3D0%26L.h%3D1138%26L.sjs%3D4297%26L.ttg%3D1138%26C.st%3D1655738644566%26N.domIn%3D1151%26N.req%3D684%26N.resp%3D3%26N.navType%3D0%26N.redirectCount%3D0&r=0.9850445230904863&CtsSyncId=3533304B59DA4171AF8E1BE9A07EA697&MUID=015882B34ADC62401CAE937A4EDC660B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

c.gif
c.live.com/ Frame 6ABD
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=3a0d4072-2030-40dd-a515-cf7583ab5294&reqid=0013cf89a84&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D7493BD%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=3a0d4072-2030-40dd-a515-cf7583ab5294&reqid=0013cf89a84&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D7493BD%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=3a0d4072-2030-40dd-a515-cf7583ab5294&reqid=0013cf89a84&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D7493BD%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
83 B

64ms
64ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=3a0d4072-2030-40dd-a515-cf7583ab5294&reqid=0013cf89a84&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D7493BD%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4459%26IR%3D1%26EX%3D0%26L.h%3D1797%26L.sjs%3D4445%26L.ttg%3D1797%26C.st%3D1655738644564%26N.domIn%3D1836%26N.req%3D897%26N.resp%3D51%26N.navType%3D0%26N.redirectCount%3D0&r=0.450583496540478&CtsSyncId=55BFA55AF61B40ACB9CD5DDE5A74836B&MUID=28DB6D25CB4368C919107CECCF436C7B
Requested by: Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 15:24:08 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 15:24:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 70D268CD86054A769F4F7D202B7F4D22 Ref B: FRAEDGE1206 Ref C: 2022-06-20T15:24:09Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=3a0d4072-2030-40dd-a515-cf7583ab5294&reqid=0013cf89a84&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D7493BD%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4459%26IR%3D1%26EX%3D0%26L.h%3D1797%26L.sjs%3D4445%26L.ttg%3D1797%26C.st%3D1655738644564%26N.domIn%3D1836%26N.req%3D897%26N.resp%3D51%26N.navType%3D0%26N.redirectCount%3D0&r=0.450583496540478&CtsSyncId=55BFA55AF61B40ACB9CD5DDE5A74836B&MUID=28DB6D25CB4368C919107CECCF436C7B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

c.gif
c.live.com/ Frame FF43
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=278e3592-e8e3-4948-b2fb-8cfd03e62ed3&reqid=0015a387eaf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D3F4DDA%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=278e3592-e8e3-4948-b2fb-8cfd03e62ed3&reqid=0015a387eaf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D3F4DDA%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=278e3592-e8e3-4948-b2fb-8cfd03e62ed3&reqid=0015a387eaf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D3F4DDA%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
182 B

65ms
64ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=278e3592-e8e3-4948-b2fb-8cfd03e62ed3&reqid=0015a387eaf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D3F4DDA%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4461%26IR%3D1%26EX%3D0%26L.h%3D1807%26L.sjs%3D4408%26L.ttg%3D1807%26C.st%3D1655738644565%26N.domIn%3D1835%26N.req%3D1111%26N.resp%3D156%26N.navType%3D0%26N.redirectCount%3D0&r=0.4064433526841005&CtsSyncId=A594FE9FDAED4A019DAD445BC1E1963F&MUID=2C5E8399F2F16D9C3B2D9250F6F16962
Requested by: Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 15:24:08 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 20 Jun 2022 15:24:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 24D56C8DD9C5476698AB504208EC0D8A Ref B: FRAEDGE1206 Ref C: 2022-06-20T15:24:09Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=278e3592-e8e3-4948-b2fb-8cfd03e62ed3&reqid=0015a387eaf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D3F4DDA%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D4461%26IR%3D1%26EX%3D0%26L.h%3D1807%26L.sjs%3D4408%26L.ttg%3D1807%26C.st%3D1655738644565%26N.domIn%3D1835%26N.req%3D1111%26N.resp%3D156%26N.navType%3D0%26N.redirectCount%3D0&r=0.4064433526841005&CtsSyncId=A594FE9FDAED4A019DAD445BC1E1963F&MUID=2C5E8399F2F16D9C3B2D9250F6F16962
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame D6AA 0
503 B 215ms
215ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DB5PEPF00008421
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: IlTliXLIwOChQX2O90XldYpJozDt9FXFY+dbK9zYn48=,637913354464530388
X-bULS-SuppressionETag: D364F302477177B1869F1E6153FB2A84B42A10D2
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wems4ySx0X2QfOCadVAq5Zkjv-XJCnyjyrBU0gWUBDqvQwCnjAw2tUbDOpFXm0puoTveyRY7_ecgB9PXm3Po0GilY9Z6ZhhXVyOIJlm8zEm6_NFPrQLr8dptxRmfKUs-HbqgbPwSTbxguSKSKbbjkJQ
X-UserSessionId: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=yRnFL8VqV0+uDjv5uH0Q6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211068&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1657553045593
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS5
x-officeversion: 16.0.15409.41003
x-officefe: SN3PEPF0000C0FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: D364F302477177B1869F1E6153FB2A84B42A10D2
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: de291e87-5f54-4172-b2b4-3628bca82c6b
x-officefd: SN3PEPF0000C0FC
x-usersessionid: 6efdf2e8-9b05-4f36-98d7-4e6dda97af82
date: Mon, 20 Jun 2022 15:24:08 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: C91DD593E33B43159CEE60A6342D2FCC Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:09Z

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 2CA3 0
229 B 187ms
187ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DB5PEPF000064AD
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: GZ4Vc2Nil0bcwvPkSD3TTinsI8opYTf3PTjMJH9WUwo=,637913354464608802
X-bULS-SuppressionETag: D364F302477177B1869F1E6153FB2A84B42A10D2
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wsGCKUS8YSKS-GjNPxf_ztCks4d3QGrIG1MOiUrNSAcqZB-6NZ9nvtQyRjqethJI81HW7V1FGAPRt1kyxEInn4FBjgIImub1kkmNJD6reHxU7nx2PcjmzSqpfrjZ0u9RtzK4Wh3_NrR2QadaLVUjD_w
X-UserSessionId: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=6uJiwA5icky1JCprUnJ/Rg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1657553045475
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS3
x-officeversion: 16.0.15409.41003
x-officefe: BN3PEPF00003844
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: D364F302477177B1869F1E6153FB2A84B42A10D2
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5154b0ed-0330-48a8-b5d3-83967c3544fb
x-officefd: BN3PEPF00003844
x-usersessionid: cf7d5f64-2e5a-4701-b858-2f74d6ba935d
date: Mon, 20 Jun 2022 15:24:08 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 4AED5228F5AC42CF80D2B176AA60ABAD Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:09Z

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame EDEA 0
287 B 174ms
174ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DB5PEPF000083EB
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: 7JlUCwx0HwV9cAEsLnt+yt7qSOuGeTV0NM8TRN5sbNA=,637913354459337271
X-bULS-SuppressionETag: D364F302477177B1869F1E6153FB2A84B42A10D2
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4woAaoos-g5HobtGCF-B8K1_ZOD_4hfH9nDqLwHD9jCqJRBxax96TDPE-2gm_LNviUo1kH4L56nOJ6LIx5JoVu9IYq5_NZ5qKw9KMETAUl9RC5UMc_8LnkwtT437rLEqEjel8_ltk0vCfun-jmx8mJEA
X-UserSessionId: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=IPhu560coEK0gL2DSpPrtQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1657553045371
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS3
x-officeversion: 16.0.15409.41003
x-officefe: BN3PEPF00003853
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: D364F302477177B1869F1E6153FB2A84B42A10D2
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5140f384-8500-456f-9a73-d8b6e9695a97
x-officefd: BN3PEPF00003853
x-usersessionid: ffbf101e-abdd-4375-bc7a-8f1bd4ce7723
date: Mon, 20 Jun 2022 15:24:08 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 6626B39269D64A758BA6AC3A592F81D2 Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:09Z

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame C144 0
258 B 257ms
257ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PIE1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: DB5PEPF000083FC
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: W/M3UZ2FLEGRvLEF3g341/jEPvSC0pIxUOHVTr1Ucis=,637913354459353433
X-bULS-SuppressionETag: D364F302477177B1869F1E6153FB2A84B42A10D2
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4wNIZuG8SRBloyX54wbymqt4_8mcfZJ-Mdl05AkE_0YTGsXyHjjNLRaL0WtWAhryjp96tQAFG5XZUfMEC7EhK3eHS3PYn8FD-VYDLxK6O6tj6lfOxJ6Z4-tpPm_YGZDr51pL7BGQxcwjZB_fFxgJgbZw
X-UserSessionId: 190f961c-87fa-4ef0-93fb-bd4c06296aae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=r/yOVmRb50yb50TZb/ScmQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%21882&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1657553045311
X-WacCluster: PIE1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS1
x-officeversion: 16.0.15409.41003
x-officefe: BY3PEPF0000C93D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: D364F302477177B1869F1E6153FB2A84B42A10D2
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: c8ad106e-eaea-480f-a739-e6ea294cb7bf
x-officefd: BY3PEPF0000C93D
x-usersessionid: 190f961c-87fa-4ef0-93fb-bd4c06296aae
date: Mon, 20 Jun 2022 15:24:08 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 98E2ED49D6D14377860616CCA87C234B Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:09Z

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 3726 0
397 B 1044ms
482ms XHR
application/json 52.182.143.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:10 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 641
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H2 200 RemoteUls.ashx Show response
word-view.officeapps.live.com/wv/ Frame 3726 0
190 B 209ms
208ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15409.41003&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7D7FA7FB90D87E69_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: AM4PEPF00012934
accept-language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15409.41003
X-Key: IzyLieNtcYU03ovxJMKqMYuD+EpdSl9s8kSGU9+3CN8=,637913354464509008
X-bULS-SuppressionETag: D364F302477177B1869F1E6153FB2A84B42A10D2
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 4w6lvIUrMrE67fmDAt0zYuijeagRjMjWqf_JlHOOmC5xzgUjMXWWOCrqoJpgcR6P-Eg5wFe_gIZlWhJNTkDPeALIJ0dGfOsgH6bLjatKkZVHvVuB_TtAqzHJ-EwrmvrxNoV95kMWtFsflvJI3rcPgTHA
X-UserSessionId: f9bc29c9-9017-4451-9c2b-d2cde9705a87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=en-GB&rs=en-US&hid=T8hPmt2eXUuPwx6pryA5hA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211019&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1657553045618
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS1
x-officeversion: 16.0.15409.41003
x-officefe: BY3PEPF0000C92C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: D364F302477177B1869F1E6153FB2A84B42A10D2
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 3ade4e8d-8ce5-470f-af3b-9ec3622b0cdb
x-officefd: BY3PEPF0000C92C
x-usersessionid: f9bc29c9-9017-4451-9c2b-d2cde9705a87
date: Mon, 20 Jun 2022 15:24:08 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 5B0A2C8350DF40299B0F1F78F3069A9C Ref B: AM3EDGE0510 Ref C: 2022-06-20T15:24:09Z

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame D6AA 0
397 B 986ms
501ms XHR
application/json 52.182.143.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:10 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 565
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame EDEA 0
397 B 957ms
474ms XHR
application/json 52.182.143.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:09 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 559
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 2CA3 0
397 B 991ms
494ms XHR
application/json 52.182.143.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:09 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 580
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame C144 0
397 B 1094ms
487ms XHR
application/json 52.182.143.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 20 Jun 2022 15:24:10 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 685
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame D6AA 24 B
430 B 617ms
155ms XHR
application/json 52.182.143.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1655738649958&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer: https://word-view.officeapps.live.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 20 Jun 2022 15:24:10 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 532
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 2CA3 24 B
430 B 649ms
163ms XHR
application/json 52.182.143.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1655738649964&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer: https://word-view.officeapps.live.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 20 Jun 2022 15:24:09 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 560
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame EDEA 24 B
430 B 649ms
162ms XHR
application/json 52.182.143.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1655738650029&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer: https://word-view.officeapps.live.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 20 Jun 2022 15:24:10 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 572
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame C144 24 B
430 B 652ms
164ms XHR
application/json 52.182.143.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1655738650030&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer: https://word-view.officeapps.live.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 20 Jun 2022 15:24:10 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 570
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 3726 24 B
430 B 586ms
155ms XHR
application/json 52.182.143.211
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1655738650146&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161540941003_App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.143.211 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer: https://word-view.officeapps.live.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 20 Jun 2022 15:24:10 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 501
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://word-view.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

GET
H2 200 c.gif
c.live.com/ Frame F33F 42 B
104 B 64ms
64ms Image
image/gif 20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=f4887e8d-679f-4685-bfa8-d6ee40285d39&reqid=001dac8f530&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D3F4DDD%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D6542%26IR%3D1%26EX%3D0%26L.h%3D1820%26L.sjs%3D4423%26L.ttg%3D1820%26C.st%3D1655738644567%26N.domIn%3D1837%26N.req%3D1098%26N.resp%3D120%26N.navType%3D0%26N.redirectCount%3D0&r=0.06184177429835924
Requested by: Host: goristar.ucoz.ua
URL: http://goristar.ucoz.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 15:24:10 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=946B8AFEF0F52BD2&resid=946B8AFEF0F52BD2%211078&authkey=AELh0L2Qv48DrrU&em=2

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.goristar.ucoz.ua/	1970-01-20 12:41:14	Name: agoristaruzll Value: 1655738651
.goristar.ucoz.ua/	1970-01-20 12:41:14	Name: kdSspUid Value: 6a659671-7e9c-40a7-863b-6966925aa0e6
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ED5cyrqrcZQ
.youtube.com/	1970-01-20 08:14:50	Name: VISITOR_INFO1_LIVE Value: nZGJFAFUMsw
.uuidksinc.net/	1970-01-20 12:41:14	Name: jcsuuid Value: QrCrsz43ytAFNqW2Xihd
.hdbcode.com/	1970-01-20 12:41:14	Name: dmpUid Value: QrCrsz43ytAFNqW2Xihd
.yadro.ru/	1970-01-20 12:40:08	Name: FTID Value: 1Yi94K0uicuL1Yi94K0020JT
.yadro.ru/	1970-01-20 12:40:08	Name: VID Value: 1oSF5Q2YGiOL1Yi94L002I5k
.goristar.ucoz.ua/	1970-01-20 04:05:43	Name: kdDmpUid Value: QrCrsz43ytAFNqW2Xihd
.cdn.adtarget.me/	1970-01-24 13:06:03	Name: AU Value: 8f5411fd66cd6f1d
.ads.go2net.com.ua/	1970-01-20 06:05:14	Name: am-uid Value: 348455e404144836b660e604afad2422
.yandex.ru/	1970-01-23 19:31:38	Name: yuidss Value: 9942684851655738645
.yandex.ru/	1970-01-23 19:31:38	Name: yandexuid Value: 9942684851655738645
.ucoz.ua/	1970-01-20 12:41:14	Name: _ym_uid Value: 1655738646426444373
.ucoz.ua/	1970-01-20 12:41:14	Name: _ym_d Value: 1655738646
.dmg.digitaltarget.ru/	1970-01-21 05:50:50	Name: viuserid Value: Wlq.XbQ4yodkZm57PuBU
.acint.net/	1970-01-20 03:55:39	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: wQO4iWKwkRWzcAAieSQ4AgbCmCxUTn7I7iUA5CukauULGIqw
.acint.net/	1970-01-20 04:38:50	Name: cSyncDp14v3 Value: 1655738645
.mc.yandex.com/	1970-01-20 03:55:39	Name: sync_cookie_csrf Value: 2043080032fake
.ucoz.ua/	1970-01-20 03:56:50	Name: _ym_isad Value: 2
word-view.officeapps.live.com/	1970-01-20 06:08:07	Name: DcLcid Value: ui=2057&data=1033
word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
.mc.yandex.ru/	1970-01-20 03:55:39	Name: sync_cookie_csrf Value: 904446353fake
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: dMpV8GKwkRZmkQAcB9bvAgrJvU3IILjQ53el6Mkl8TMc2WXe
.yandex.com/	1970-01-20 12:41:14	Name: yandexuid Value: 9942684851655738645
.yandex.com/	1970-01-20 12:41:14	Name: yuidss Value: 9942684851655738645
.mc.yandex.com/	1970-01-20 03:57:05	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 220360801655738646
.yandex.com/	1970-01-23 19:31:38	Name: i Value: O+HBu+9R0TS3TH8HFbdRwH/TkZXQBZ68q1Bmbt2p9KU9Am4+rl0xuSrK1z9ReI7p7QvU7N1Fmtvwh+MU+PI6Tc95fek=
.yandex.com/	1970-01-20 12:41:14	Name: ymex Value: 1687274646.yrts.1655738646#1687274646.yrtsi.1655738646
.ucoz.ua/	1970-01-20 03:55:40	Name: _ym_visorc Value: b
.bing.com/	1970-01-20 13:17:14	Name: MUID Value: 2C5E8399F2F16D9C3B2D9250F6F16962
.c.bing.com/	1970-01-20 13:17:14	Name: SRM_B Value: 2C5E8399F2F16D9C3B2D9250F6F16962
.c.bing.com/	1970-01-20 13:17:14	Name: SRM_L Value: 2C5E8399F2F16D9C3B2D9250F6F16962
.c.live.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.live.com/	1970-01-20 03:55:39	Name: ANONCHK Value: 0
.live.com/	1970-01-20 13:17:14	Name: MUID Value: 2C5E8399F2F16D9C3B2D9250F6F16962
.c.live.com/	1970-01-20 13:17:14	Name: SRM_L Value: 2C5E8399F2F16D9C3B2D9250F6F16962

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://uguide.ru/templates/uguide_ru.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://uuidksinc.net/kadam-sync.rutarget.ru/sync Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F946B8AFEF0F52BD2%211077&access_token=4woAaoos%2Dg5HobtGCF%2DB8K1%5FZOD%5F4hfH9nDqLwHD9jCqJRBxax96TDPE%2D2gm%5FLNviUo1kH4L56nOJ6LIx5JoVu9IYq5%5FNZ5qKw9KMETAUl9RC5UMc%5F8LnkwtT437rLEqEjel8%5Fltk0vCfun%2Djmx8mJEA&access_token_ttl=1657553045371&z=aOTQ2QjhBRkVGMEY1MkJEMiExMDc3LjU&v=00000000-0000-0000-0000-000000000802&usid=ffbf101e-abdd-4375-bc7a-8f1bd4ce7723&splashscreen=1&build=16.0.15409.41003&PdfMode=1&waccluster=PIE1 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acint.net
ads.go2net.com.ua
an.yandex.ru
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.live.com
c1h-word-view-15.cdn.office.net
counter.yadro.ru
d.uuidksinc.net
dmg.digitaltarget.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
goristar.ucoz.ua
hdbcode.com
hfa2gw.bn.files.1drv.com
hfa9yg.bn.files.1drv.com
hfybpw.bn.files.1drv.com
hfyi7g.bn.files.1drv.com
i.cdnkimg.com
i.ytimg.com
jnn-pa.googleapis.com
js.live.net
mc.yandex.com
mc.yandex.ru
messaging.office.com
news.2xclick.ru
onedrive.live.com
s.uuidksinc.net
s.viixty.com
s27.ucoz.net
spoprod-a.akamaihd.net
ssp-rtb.sape.ru
static.doubleclick.net
uguide.ru
uuidksinc.net
word-view.officeapps.live.com
www.acint.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
z.cdn.adtarget.me
onedrive.live.com
104.92.80.28
13.107.42.12
13.107.43.12
13.107.43.13
146.0.227.107
157.90.179.218
185.12.125.25
185.15.175.130
185.98.54.153
193.109.246.19
193.109.247.35
2.21.20.153
20.234.93.27
212.32.253.229
2620:1ec:a92::171
2620:1ec:c11::200
2a00:1450:4001:802::200e
2a00:1450:4001:803::2003
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2016
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2006
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::200a
2a02:26f0:3500:782::1c24
2a02:6b8::1:119
2a02:6b8::90
31.220.27.134
31.220.27.135
31.220.27.155
45.133.44.37
52.109.8.50
52.182.143.211
88.212.201.204
93.95.100.117
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
04d665f864fd62714caaa53532b12d06b0e0f399dcf4926e46929773504d5f12
0936e323adeda3d6bda1d6310feef803410334d4aebe9698cc39ae4142bf991a
0b58c41090052f037c17ce294253e6a27f982de1a4e576b36ecdeb870896609b
0d68f6176468c0ca382dfe39fa0dae9a5b2b1a24b1fb8fe3d1af580a5ebc5f32
108fac151b070ef44a9d4f81664d2064b2504ed0c7a3035594a15d23a531fc78
11710c2b3aaf87ca225ff47d8e33813214c76c9a14067a3473b5d80fe07e299e
12c919cc8994233c2f67bdcf1185997781ccfe1ce3405308e31bfd33d260bd74
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
164f95a36b72a70adca5707424e5c8fcfcd74c866d4052565022835233cfeac2
165edc4e0acd9eb1c53e90849f67b68f28c9f84cc5910c54e6d20a53d4708da2
1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29
20e7cf657640bad091589b217b7e8431e567b0d095d915c942603e3d701a688f
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
24b93fa162c6079784bcc712b4169f0b96a6044a43e9eeeac4d85bb84d2a73ae
2aa51764c5200105895b45e253cc972f772ea61870ff2d605b9318870d690e6a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3035159fc8cf0668d4ce7bad908f88a7e0fbfdb45bb33eaef0daab30634796f4
31dd6ea0b2545e0597be27bea0a525b2abe30cddf28676d2a21ce675aaac246f
3368a35ab5a69f1185f3e8389995740cdca344015d22b636daedc653009e582d
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3907e3bf2936ab9dc1712ef5daac0dba9f4f493d8e474ff2cdf563e42d88b275
3c4c34b9ac8774be08b5a28994c7d5470039a043588781850e31e969c6ec2397
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f775b8c24cb5569fa824b47bca6c26a2e3ec53812e4c5010e7cc72da837215d
40652385091f04310f4cff52d962dc695a21854b7ebf0f428e39aee78dfc67f7
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49ad1723cdc1dddd016c2a17b15111e249b34ed524b244cc1880b8f26032351c
4a2f0d29c06c3abd747ca2772b8e3068e60ec2d416f69c3eb46642171e7b42e1
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
4e4b5169d06eff023272537845c061cd30f1cf39a6e47ede3efc5bcf8842844b
518304925d9ebb212cad6e475f624aa50054433415b6577768c616e0d5ab78a5
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
531d2640a95f554623d5706cf41c4dba112c6980589de484eebb9841e5934b38
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552e3716b8889b43b533d305787f5a744d2714fe9b1d5ff9fda11d2ddce0f22e
55912cfc0ebd0cfdaea7cb26393660daf8c0d03029368e5113f70453fd915ac0
57a3d01a0770b6859e43427f3ea373cd2e8f2254ffa4fb0dfe31efa2efb94efb
5a96a506c12e0afe8e4fe79353a8cda7d1821ac53fc5397e5785c71b3b0c8b77
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
5c23aabe6e7022629d24a84edc627cbfb90318069476de5aa9423be162773a79
5ddb669cd05d5c481a798631d2bd02b041950600ebaa4d419833fe0f01a04955
5fd0c318f9cee7853dc1b9aadcdbcb5e112aa19239967e96cb54b54e06b04bfe
6099d43a20a20cbd919ed66bcb1fcdf56008b5be0de0aa18e613e00d9803f4e6
617e04b068960a71d00105ce3a2825448d9ca811345d27f0f367060a561bfe5c
63db4cf8655267b837e882ed7ee7c0470d37849cfe0ed2b88ed2c8fc357cd10a
6420d7ba90d1d2e55b77111c3e11a70d1eada7d5e2e13188230cccbae11376e5
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66f25311b67a7902147f13ce7e321d14b0bb549e3b1d2a01bbf1b36ceb8d2080
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68c66290ff9cfdc3863623a3533b742ad62ce6045395a8460d7ca8a8a9d2ee8c
68fc0cd1b945e47f9572345a29bcefc6577b1da712be678ec56043b6c4415c47
6b700822e8a44f77f93e681d30cfc8d1f72cf09178bd7daee96892a54ba13671
6cafc80c79f9effe87f62754b8bbc2e97f3e372e2d40ef4b6731ccc88e1580ce
7019ec764d8b79a5b92f049dd4a436a7a97595f4351cc3f795fdaddaa7292aef
70cd5366e26d943884b899bbb472b0b4660928d04c457fb45045339312fb5e41
7394cc0158bd83bdfd6c63cebb7fb96a873394f273c873f3cdbddf1f2a43e436
7528ee1ccbf090a2b61d0b3b63b1552bc1e2cf5be23c01b7518836a96b925fda
767ec6820d829a50a4b456fc54951ff22a26ad2f1ffc0acd2c24d963986cbf6e
7c65ffea96ffcebf0411825f94f16061afccdc3f25c91c02ff44c6f853bebc98
7cca78b6998790b29556944615d6918487e36819fc8c5233565121ac4ddb351c
7d7fa7fb90d87e699218623828dc3fc14eca17ea1b4f771b84acb4e4ea3ec222
7f26cd6b0e760c97d73b108b7e49866479124a551007c710d9f8bb7a9a2be43c
80c48156ef45de343bb45bf35e917968fde407e12cd42d00996bbf554186d596
814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392
841018aa4cf71c514ce6c78d9f60ae186ef4b06a7fc066f1db23cd050b3acf0e
8445e9465ffebf940db252a354544a1b63560c505433dd876660040cbf79b120
85154a52418baa72f42d512fe10f79d6f8c4a2c6b2e4ba9fed4edf416f3d9d94
8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad
8a58e71496d547cc6ab3cfb6165221a82dc74ae386801d7a4379ec1bd7535749
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
91a9ab6fec61c170a5eafdd7480c9237a87086e10d1c8bd9aa186971fb6bcc49
928946bba7a44be8869f37002d9e1615eb8da828d20b93f53782ed4bf2fa3627
9436e99eb987558967070f5fb6b45b9a26d1ac5b889339fc1a4043d3ec23b1ca
9453a0d46bcb5bb3ef1982975b93214e05fc901c61cda2917fda568d7a3d4704
94a5651861ff222a2eff8bcb5ddfaeb7225a86db54b5547779dee22867b2dbad
97e0b27e12cf8314ff8b05fe5d177c2657a124ae0b6d37b24fa5455a89281045
97f64480ab12ab8961b7e489a6cac8b7ed495234639c954ddef5de63c9b2ad4e
98ef8240733673f0a3033c41dc341b2257b546bebf39e6e4303ee907366d78a9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b5860c4fc33cdcbe492a935480e3fdead5c97b9e615f0b09938b66739d405be
9de2d6af3410c2b2ee4a32ee9e30e5f163b6e455bba78be5346c0edefd7120d0
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a4fe098ec19109cab72d8a3688796e2de91f491318cc83268aa8d7c00be7921f
a657a4d5d05c6cd9b9f881ab6941e71f725c7eb451c9f37ceb514e45fdfd441d
a7251097afbc7a7ed08c618f7b56b27562496792fa0a41dadb42d46cf3b0815b
a9265d79c9ff74d4deeab5dce9643ed838018a6b4346605e002867858534f4bf
ab9cfa01cbe91d36d800e7bea7876bd9332438a23c6c0a904c6b70f12c5cf6db
ac537dd98f88004d7bc29c453889e553da64e318c18a30d2d589261475f5541a
acb47a21292db74397a8b5ad5f28eee547fb50aa095d2ec2e571e3f31466ea9f
ad7bb213b9b9f0c7cf02f2a177b1e3c23b95fc8f27faa1b285b1fd38390f1e6f
adaf0fb79970c2c655dbf88a622f4c21139d49a4fcb7bae4c71c59f6d2148492
aea68df31c22fedd60b0fb27d60d19fd575df18f96627ddb0480d8f44b11d43d
b264ac01cc97c822112417f5fad88c29dfc1b48d06d468c1cdbca97d7d7ff9cd
b51878a3480a1aaf9b908740495d8d0cb2386a587cb37fede061d86d1c0a4b74
b556530f20aa5ee66ee77e6d38cd4f811a6cf9b4aed2277b2e4adf9976537e5e
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c3f105763108f06e21e3e7ad5f439748d31e78a6380b3bfb040cb7e4df60f380
c433a5100d2ecb2565bc2b8c6134ab2a26f989a8c8cf5005a62bdd5c7d067406
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c6855c894b788b6cf0b8daac3633d3ca1d789dec111b07a58464bc2abb43ff18
c69650ab0b68842c0938498b0be309cff9c4c246f471aac4f25af29de9147cc7
c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74
c7a88166e49b47fefe48e84a8ab4f6a2a7eecefc1d1df4702a99049ad094338a
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
ce72190ad6b4d0cdec7cf3b488ce0e201010c001f61f005cc8e05cac5d51f4c7
d0608cf0c4aff79f20a198427f7df73300d643face9bea72b8d406b432b84df9
d369812aabb4b8152f7dd5883622e3cc08ac79442b64cb79cc802c4f44e30051
d3c8ed0b348ae2381f39ad119be9ecb38c708cd2632f3a19d7f85626ae0335fb
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
df98f270279c9989ab51e0329dbe8ec90e96dc3d2d20523d0c26e91176ab2de5
e0dd5a5a859482ce12dc539a0a92d38320d6074192d4cc1522ebe93fbce3bc01
e10a14029b9d9b79ac02bc347de746a75d97d63df5b54c7f8ce1e7810a80304d
e11c551a0b3e3664210dfb9963aa7e1f408a9b4aa8f86f1e5e94938e54242352
e2c2683c75736d84db85be4f4d684806c3aa1aa12c8dc4b80fcdf0e2d1dc51f1
e3062a5aef31dd58a33970aa854a03935348c80452dced9fd4114aaff3b44246
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e68e5adae8bb8bc4dd27ab6d101afb7d54a0eadb522c41e1bf470f79de6b09
e638694e4d5377c70059ccac39d4d8d1da864a1d6ff0c24df041f7e1585676a2
e6464ecb9dfbfeb8b9a7dff33004b7b94b5044f66dde50d776729876196090f5
e7017586dd11abbec9ebdc1ca72312f5ba88f15f7c5e8601d2df1b0da5f83153
e873a255adc7044c02c91415cba18a4ded4cdff268003035a108ffc908e69ef3
eb2476907f027bd6dcf4f61cecffcd85dd4aaf66ee6615d32fba5359615edad7
ec78c2c3871dea83585c1d83439c798fb40fa47f885cc1caf314a6daff0c6f53
ed132c64c4008f3048414bf8506edd464a95035f4552c6452e4f2671f1c1ab9f
ed9ddc739c5387008773f690d4ccd41dadbb81238e2426c8aba53514790fd58b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef66779e89f08319ebfa2484f931cfce3716f826647006792aa442083cc09cd5
f1ae7e118bbf61cae02ce379e55ab106d1fba274742f3be8c111e545855a1072
f6eeee3ccb35c54e1d593eb2960b5c48534ebac1c9b5adbad2bf5dda38234abc
f73b49c717fcf1415f383a07b7ad26a616848efe31bbfdaab31b1cffa0e43b2c
f781f3b2c376e32077f83aaf0b30dad9a154d92b6840046cfab39c894c506692
f7c8e7d56e567853f315f2289ecff51c2f23854de5389b2feb6392df8ea6f32d
f7f709f61930a52fef012dae4b22acaff2b5aa8f11946a6274317cb3147f88ca
ff4f1971d3e73ba2580e09f2d1bc36a45fdbe4121776a5a904eeebc92bf516ec

goristar.ucoz.ua Open in urlscan Pro 193.109.246.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

341 Requests

81 %HTTPS

41 %IPv6

31 Domains

44 Subdomains

34 IPs

6 Countries

27639 kBTransfer

55423 kBSize

39 Cookies

1 Outgoing links

Redirected requests

341 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

goristar.ucoz.ua Open in urlscan Pro
193.109.246.19 Public Scan

Screenshot
Live screenshot

Full Image

341
Requests

81 %
HTTPS

41 %
IPv6

31
Domains

44
Subdomains

34
IPs

6
Countries

27639 kB
Transfer

55423 kB
Size

39
Cookies

341 HTTP transactions
1 data transactions