srv186287.hoster-test.ru Open in urlscan Pro
31.28.24.115 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://srv186287.hoster-test.ru/
Submission: On February 10 via manual (February 10th 2023, 6:42:19 am UTC) from RU — Scanned from DE

Summary HTTP 78 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 9 domains to perform 78 HTTP transactions. The main IP is 31.28.24.115, located in Russian Federation and belongs to CITYTELECOM-AS Filanco LTD, RU. The main domain is srv186287.hoster-test.ru.

This is the only time srv186287.hoster-test.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	31.28.24.115 31.28.24.115	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
15	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
30	2a02:26f0:480... 2a02:26f0:480:28e::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2011	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:480... 2a02:26f0:480:1e::217:d1b1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.108.5.25 104.108.5.25	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	13.105.28.32 13.105.28.32	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.126.31.71 40.126.31.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	51.11.192.50 51.11.192.50	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.69.109.131 13.69.109.131	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
78	15

4 31.28.24.115 (Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)
PTR: c05w.hoster.ru

srv186287.hoster-test.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pnl1-word-view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a02:26f0:480:28e::1c24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1h-word-view-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:1e::217:d1b1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res-1.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.5.25 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-5-25.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.105.28.32 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

storage.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.31.71 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.11.192.50 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.109.131 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eu-office.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	office.net c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 4828 res-1.cdn.office.net — Cisco Umbrella Rank: 378	2 MB
17	live.com 1 redirects view.officeapps.live.com — Cisco Umbrella Rank: 22988 pnl1-word-view.officeapps.live.com — Cisco Umbrella Rank: 108991 storage.live.com — Cisco Umbrella Rank: 145 login.live.com — Cisco Umbrella Rank: 92	162 KB
13	google.com docs.google.com — Cisco Umbrella Rank: 124 apis.google.com — Cisco Umbrella Rank: 97	234 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 298 content.googleapis.com — Cisco Umbrella Rank: 1502	31 KB
4	hoster-test.ru srv186287.hoster-test.ru	2 MB
3	microsoft.com browser.events.data.microsoft.com — Cisco Umbrella Rank: 243 eu-office.events.data.microsoft.com — Cisco Umbrella Rank: 2469	863 B
2	gstatic.com www.gstatic.com	476 KB
1	live.net js.live.net — Cisco Umbrella Rank: 4667	16 KB
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 466
78	9

	Domain	Requested by
30	c1h-word-view-15.cdn.office.net	pnl1-word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
14	pnl1-word-view.officeapps.live.com	srv186287.hoster-test.ru pnl1-word-view.officeapps.live.com c1h-word-view-15.cdn.office.net
9	docs.google.com	srv186287.hoster-test.ru docs.google.com www.gstatic.com
4	apis.google.com	docs.google.com apis.google.com content.googleapis.com
4	srv186287.hoster-test.ru	srv186287.hoster-test.ru
3	res-1.cdn.office.net	c1h-word-view-15.cdn.office.net
3	content.googleapis.com	apis.google.com
2	eu-office.events.data.microsoft.com	c1h-word-view-15.cdn.office.net
2	www.gstatic.com	docs.google.com
1	browser.events.data.microsoft.com	c1h-word-view-15.cdn.office.net
1	login.live.com
1	storage.live.com	1 redirects
1	js.live.net	c1h-word-view-15.cdn.office.net
1	csp.withgoogle.com	srv186287.hoster-test.ru
1	view.officeapps.live.com	srv186287.hoster-test.ru
1	ajax.googleapis.com	srv186287.hoster-test.ru
78	16

This site contains links to these domains. Also see Links.

Domain
account.mail.ru
trk.mail.ru
help.mail.ru

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2022-04-19` - `2023-04-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.cdn.office.net Microsoft Azure TLS Issuing CA 02	`2023-01-11` - `2024-01-06`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.res.outlook.com DigiCert SHA2 Secure Server CA	`2022-11-15` - `2023-11-15`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2022-08-12` - `2023-08-12`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2022-12-07` - `2023-12-02`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://srv186287.hoster-test.ru/
Frame ID: D76903B7E6E5C0AE34EBF625B8597E41
Requests: 9 HTTP requests in this frame

Frame: https://view.officeapps.live.com/op/view.aspx?src=http://srv186287.hoster-test.ru/autocentr3.docx
Frame ID: AF8C65EC6E50AB061DF2CB23672044EA
Requests: 2 HTTP requests in this frame

Frame: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true
Frame ID: D5E5854FF68C028699494D58EF76366B
Requests: 13 HTTP requests in this frame

Frame: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863
Frame ID: A48CD560317C29CA84DBF90816B7270E
Requests: 54 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
Frame ID: C0CB4D3DEE15884C91708A4735D30C3B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ЗАЯВКА.docx - Почта Mail.ru

Detected technologies

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

78
Requests

92 %
HTTPS

60 %
IPv6

9
Domains

16
Subdomains

15
IPs

6
Countries

5549 kB
Transfer

17410 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://account.mail.ru/recovery?back_url=https%3A%2F%2Faccount.mail.ru%2Flogin%3Fpage%3Dhttps%253A%252F%252Faccount.mail.ru%252F%253F%26&dwhsplit=s10273.b1s&success_redirect=https%3A%2F%2Faccount.mail.ru%2F%3Fauthid%3Dkltby1iv.cck%26dwhsplit%3Ds10273.b1s%26from%3Dlogin&utm_source=login
Title: Восстановить доступ

Search URL Search Domain Scan URL

URL: https://account.mail.ru/signup?back=https%3A%2F%2Faccount.mail.ru%2F%3Fauthid%3Dkltby1iv.cck%26dwhsplit%3Ds10273.b1s%26from%3Dlogin&dwhsplit=s10273.b1s&from=login
Title: Создать аккаунт

Search URL Search Domain Scan URL

URL: https://trk.mail.ru/c/fuopc3
Title: Почта Mail.ru

Search URL Search Domain Scan URL

URL: https://help.mail.ru/mail/account/login/qr#hint
Title: Подробнее

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1676011336409 HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1676011336&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

78 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
srv186287.hoster-test.ru/ 1 MB
1 MB 288ms
62ms Document
text/html 31.28.24.115
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to

Full URL: http://srv186287.hoster-test.ru/
Protocol: HTTP/1.1
Server: 31.28.24.115 , Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS: c05w.hoster.ru
Software: Apache/2.2.15 (CentOS) / PHP/8.1.11
Resource Hash: 218fc460ead1aef8c46e58920927542759608ca5dbce982a5270db0e689bea88

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 10 Feb 2023 06:42:13 GMT
Server: Apache/2.2.15 (CentOS)
Transfer-Encoding: chunked
X-Cache: MISS from t0.hoster.ru
X-Cache-Lookup: MISS from t0.hoster.ru:6666
X-Powered-By: PHP/8.1.11

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
30 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: srv186287.hoster-test.ru
URL: http://srv186287.hoster-test.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://srv186287.hoster-test.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 09:19:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 09:19:06 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7c5d7ce87ea3f94933445ab0b11f0425b68d6c6fb15c3591dd7c2ba4117e404

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://srv186287.hoster-test.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK qr.png
srv186287.hoster-test.ru/ 3 KB
3 KB 64ms
64ms Image
image/png 31.28.24.115
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://srv186287.hoster-test.ru/qr.png
Requested by: Host: srv186287.hoster-test.ru
URL: http://srv186287.hoster-test.ru/
Protocol: HTTP/1.1
Server: 31.28.24.115 , Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS: c05w.hoster.ru
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fd7007994e9326288852a7f330970b9b98edc32e64924c71022c2569d35129f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://srv186287.hoster-test.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 06:42:14 GMT
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Last-Modified: Tue, 07 Feb 2023 15:08:49 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "c240ea-b89-5f41d8664ad73"
X-Cache: MISS from t0.hoster.ru
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2953
Expires: Sat, 11 Feb 2023 06:42:14 GMT

GET
H/1.1 200
OK qr_big.png
srv186287.hoster-test.ru/ 12 KB
12 KB 131ms
68ms Image
image/png 31.28.24.115
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://srv186287.hoster-test.ru/qr_big.png
Requested by: Host: srv186287.hoster-test.ru
URL: http://srv186287.hoster-test.ru/
Protocol: HTTP/1.1
Server: 31.28.24.115 , Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS: c05w.hoster.ru
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9de26d1f5da8e98ab08b6110aaf9f5f713ccd5b342039076a9ff42762f392059

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://srv186287.hoster-test.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 06:42:14 GMT
X-Cache-Lookup: HIT from t0.hoster.ru:6666
Last-Modified: Tue, 07 Feb 2023 15:08:49 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "c240e9-2ee6-5f41d8662b58a"
X-Cache: MISS from t0.hoster.ru
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12006
Expires: Sat, 11 Feb 2023 06:42:14 GMT

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 436016caee68b71d4aaa5d3ed729d8ec8831119a281bcb0efc030bfb3772c19a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://srv186287.hoster-test.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view.aspx Show response
view.officeapps.live.com/op/ Frame AF8C 4 KB
2 KB 169ms
57ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.officeapps.live.com/op/view.aspx?src=http://srv186287.hoster-test.ru/autocentr3.docx

Requested by

Host: srv186287.hoster-test.ru
URL: http://srv186287.hoster-test.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ba036504b61b16648928fe5aa78ec76e99281410473c73c65b2dfa503ac3f5df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://srv186287.hoster-test.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 10 Feb 2023 06:42:14 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: 96c2f461-437e-4f33-b95e-5772a23cb863
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: 7F739D50E4B543DFACF35D30E706EE10 Ref B: AMS231032609021 Ref C: 2023-02-10T06:42:14Z
x-officecluster: PNL1
x-officefd: AM4PEPF0000601C
x-officefe: AM4PEPF00010420
x-officeversion: 16.0.16130.41016

GET
H2 200 viewer Show response
docs.google.com/ Frame D5E5 9 KB
4 KB 330ms
281ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true

Requested by

Host: srv186287.hoster-test.ru
URL: http://srv186287.hoster-test.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

88798412d3dd8fd0408e44f3b0f4773c078de17d8bb24388a760bf920f15bea4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s4LUovMd4CDhyvW4dh8wzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://srv186287.hoster-test.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-s4LUovMd4CDhyvW4dh8wzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
date: Fri, 10 Feb 2023 06:42:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae1a512c4dfaa16d2160fd6333ccda10d58d7cfea4e203b6c4fe665f25d40aff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://srv186287.hoster-test.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 30 KB
30 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72256b3ac149b5fcab20c9b2f7cbe3d9e9fae600fa0da6b1ac9c93e6cc6f30dc

Request headers

Referer: http://srv186287.hoster-test.ru/
Origin: http://srv186287.hoster-test.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H/1.1 200
OK ArialRegular.ttf
srv186287.hoster-test.ru/ 874 KB
875 KB 111ms
60ms Font
application/octet-stream 31.28.24.115
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to

Full URL: http://srv186287.hoster-test.ru/ArialRegular.ttf
Requested by: Host: srv186287.hoster-test.ru
URL: http://srv186287.hoster-test.ru/
Protocol: HTTP/1.1
Server: 31.28.24.115 , Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS: c05w.hoster.ru
Software: Apache/2.2.15 (CentOS) /
Resource Hash: de39875f5204548bbb5279a816ebe68fe2e1dd9f25d551ee2b55786d9fbd1d6e

Request headers

Referer: http://srv186287.hoster-test.ru/
Origin: http://srv186287.hoster-test.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 06:42:14 GMT
X-Cache-Lookup: MISS from t0.hoster.ru:6666
Last-Modified: Tue, 07 Feb 2023 15:08:51 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "c240ed-da8e0-5f41d86882b6d"
X-Cache: MISS from t0.hoster.ru
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 895200

GET
DATA 200
OK truncated
/ Frame AF8C 695 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 wordviewerframe.aspx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame A48C 93 KB
95 KB 111ms
65ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863

Requested by

Host: srv186287.hoster-test.ru
URL: http://srv186287.hoster-test.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

649e0176d5dff67aac71f19607c6127034b2746b64f6751532bf6da906357346

Security Headers

Name	Value
Content-Security-Policy	font-src data: 'self' c1h-word-view-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net .azureedge.net fs.microsoft.com res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; media-src .skype.com .skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://view.officeapps.live.com
Referer: https://view.officeapps.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: font-src data: 'self' c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Fri, 10 Feb 2023 06:42:14 GMT
document-policy: js-profiling
expires: -1
origin-trial: Aj5A5IHJD7yaPWBBB4m2LuQYPqNGQs5q2BJbhUyaTsfQMjkrAtPUL4ytOZISMpA8FOWp1rjpHGhp+BqXcpDN68EAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjc5NTI5NjAwfQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: EE89F4BA64E94806B4A778DBC94AE1DE Ref B: AMS231032609021 Ref C: 2023-02-10T06:42:14Z
x-officecluster: PNL1
x-officefd: AM4PEPF000131F5
x-officefe: AM4PEPF000131F5
x-officeversion: 16.0.16206.41000
x-usersessionid: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d

GET
H2 200 rs=AC2dHMIpsIEnpVQr23URS5uRDPNUq3-ywA
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.ZND1S3ypMJw.L.W.O/d=0/ Frame D5E5 329 KB
42 KB 72ms
26ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.ZND1S3ypMJw.L.W.O/d=0/rs=AC2dHMIpsIEnpVQr23URS5uRDPNUq3-ywA

Requested by

Host: docs.google.com
URL: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24181b0d7de1ee426b524365d3c27cca04aea1bbbdca131f451d609f2d404a83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42197
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 20:00:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 13:51:50 GMT

GET
H2 200 thumb
docs.google.com/viewerng/ Frame D5E5 33 KB
33 KB 84ms
83ms Image
image/webp 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.google.com/viewerng/thumb?ds=AON1mFwhy9fyCBX8OMytNkVZgJt5ox5JSZyVz4_WV51hHiSX8hwt9D92oiKsO2Txg8QDvxSkWoDgKj76Ndm7xLqVsZuCKPkehaPDyqncS5JSxgiTFDAgqDcFe07HyCd-dITVJgr-SI-PLNAkTQK332OMFocMv5Q3ZKXBYVbN9AOYyXJrd_C4bKLeBRSxwIWIyVjUjGswEf3jZtH1HxqG0osW7cWsXPmRBGmODoozq_ddJU9nMwY-NQYzwYKhqDtY1Ds202wlt39o3HOaPJofUOM9Ah2DMAJ3Wxwr_ZMvGE3kRO6T9SlTDmqrfR6mJTCsVYn-fl0OXLc2tKpig_7dljZ1qID4fo_qYg%3D%3D&ck=lantern&authuser&w=800&webp=true&r=gp&p=proj

Requested by

Host: docs.google.com
URL: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

25fd85f03c2b60ce01302d6ba09622ce7f9c886c15867cbd55476b93b9d6f8c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fEyfx5xEAhTkQMB5vY0Zkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 06:42:14 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-fEyfx5xEAhTkQMB5vY0Zkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/webp
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Fri, 10 Feb 2023 06:42:14 GMT

GET
H2 200 m=main Show response
www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.CwJ5fFKkLmU.O/d=1/rs=AC2dHMKV7GzfyyJYXhc29-Qa_ZWugC3lhw/ Frame D5E5 1 MB
434 KB 95ms
50ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.CwJ5fFKkLmU.O/d=1/rs=AC2dHMKV7GzfyyJYXhc29-Qa_ZWugC3lhw/m=main

Requested by

Host: docs.google.com
URL: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

805883a3d55f1f91c93ab6f29964bb4697a795f983a7b763ec4ee8f5e7ab8751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 22:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 444296
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 14:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 22:55:33 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ Frame D5E5 17 KB
7 KB 75ms
28ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js

Requested by

Host: docs.google.com
URL: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d8f0346de54c48e42e7b8d2a5f69645f5083e9704376e93c69c59f196722f31

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 06:42:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "559fae76344fc747"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Feb 2023 06:42:14 GMT

POST
H2 404 cspreport
docs.google.com/ Frame D5E5 141 B
514 B 128ms
127ms Other
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/cspreport

Requested by

Host: docs.google.com
URL: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uGapaX5IbFW8U8VEMbHx7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: script-src 'report-sample' 'nonce-uGapaX5IbFW8U8VEMbHx7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 06:42:14 GMT
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Fri, 10 Feb 2023 06:42:14 GMT

POST
H2 404 cspreport
docs.google.com/ Frame D5E5 141 B
345 B 134ms
134ms Other
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/cspreport

Requested by

Host: docs.google.com
URL: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3mRTmeZt24jV18h5mImohQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: script-src 'report-sample' 'nonce-3mRTmeZt24jV18h5mImohQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 06:42:14 GMT
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Fri, 10 Feb 2023 06:42:14 GMT

GET
H2 200 WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/h5001B2DC70F3F563_resources/1031/ Frame A48C 272 KB
34 KB 98ms
19ms Stylesheet
text/css 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h5001B2DC70F3F563_resources/1031/WordViewer.css

Requested by

Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5001b2dc70f3f5632ec403d473a75cb956b4ecebfdf048597f2335b9582c838d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16130.41000
x-officefe: AM4PEPF00010312
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 33924
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 02 Feb 2023 00:43:33 GMT
x-correlationid: c65b0149-2d35-48cd-82b3-8adfdda55721
x-usersessionid: c65b0149-2d35-48cd-82b3-8adfdda55721
x-msedge-ref: Ref A: A55D4037D2E84CED9EF622F833DC6B30 Ref B: AMS231032604037 Ref C: 2023-02-02T01:27:34Z
x-officecluster: PNL1
etag: "c484d3609f36d91:0"
x-officefd: AM4PEPF00010312
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clientManifest.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hE819A07700BB48DF_resources/de-DE/ Frame A48C 208 KB
55 KB 142ms
64ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hE819A07700BB48DF_resources/de-DE/clientManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e819a07700bb48dfcddc3ae3318dc299ee54252c2c8bb573530f95878e78ae9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16201.41002
x-officefe: DB5PEPF00011AB3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 55867
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 08 Feb 2023 01:22:43 GMT
x-correlationid: d30a9c1f-5079-49dd-b5a9-298a2fae4201
x-usersessionid: d30a9c1f-5079-49dd-b5a9-298a2fae4201
x-msedge-ref: Ref A: 78123235044242FCA04C08745C435EE3 Ref B: AMS231032608049 Ref C: 2023-02-08T01:22:43Z
x-officecluster: PIE1
etag: W/"837cdd85b3bd91:0"
x-officefd: DB5PEPF00011AB3
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h67BB5D3F0BABDB61_App_Scripts/ Frame A48C 121 KB
27 KB 132ms
56ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h67BB5D3F0BABDB61_App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

67bb5d3f0babdb618b617da4323de8bd0776f5476ee9e9894d1cb17c108e5e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16130.41000
x-officefe: DB5PEPF00011AA3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27322
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 02 Feb 2023 20:39:04 GMT
x-correlationid: 173ae1c9-6b8f-421b-b036-17edbe61a063
x-usersessionid: 173ae1c9-6b8f-421b-b036-17edbe61a063
x-msedge-ref: Ref A: 295DAA0AC47A43DDAE6FFBB44BDE4988 Ref B: AMS231032605045 Ref C: 2023-02-02T20:39:04Z
x-officecluster: PIE1
etag: W/"cc8795634637d91:0"
x-officefd: DB5PEPF00011AA3
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 CommonIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h1FD2C1259E83BF69_App_Scripts/1031/ Frame A48C 176 KB
35 KB 117ms
41ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h1FD2C1259E83BF69_App_Scripts/1031/CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8b104b2fea2acd4b164a95a24f40b2cdbfbc3cbf4a9ae07dac3fe2077bbcffee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16201.41002
x-officefe: AM4PEPF00012378
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35347
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 08 Feb 2023 01:22:43 GMT
x-correlationid: 24853a80-f06b-4437-986a-c3118d2d558c
x-usersessionid: 24853a80-f06b-4437-986a-c3118d2d558c
x-msedge-ref: Ref A: 74ABC365ABF248DC939CA4766EC77289 Ref B: AMS231032602021 Ref C: 2023-02-08T01:22:43Z
x-officecluster: PNL1
etag: W/"0ea4d85b3bd91:0"
x-officefd: AM4PEPF00012378
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Compat.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame A48C 6 KB
2 KB 61ms
61ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16130.41016
x-officefe: DB5PEPF00011AB8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1373
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Feb 2023 01:25:45 GMT
x-correlationid: 201875d6-a036-45dc-856c-84b9d510711c
x-usersessionid: 201875d6-a036-45dc-856c-84b9d510711c
x-msedge-ref: Ref A: 0730456E70E24A2EB560D4AC86E6B1C7 Ref B: AMS231032605045 Ref C: 2023-02-03T08:19:46Z
x-officecluster: PIE1
etag: "727778706e37d91:0"
x-officefd: DB5PEPF00011AB8
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerIntl.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h916862A4B8003C5B_App_Scripts/1031/ Frame A48C 21 KB
5 KB 62ms
61ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h916862A4B8003C5B_App_Scripts/1031/WordViewerIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

54016b28da521e3b7cc8e80f5666067addb10b1ade446497a132dca999558524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16130.41016
x-officefe: DB5PEPF00011AA6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4354
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Feb 2023 00:43:34 GMT
x-correlationid: 7811c3cb-9574-42ae-abf4-19c3cd34769e
x-usersessionid: 7811c3cb-9574-42ae-abf4-19c3cd34769e
x-msedge-ref: Ref A: 44858F250A22488388D03F7778D1C3A8 Ref B: AMS231032607003 Ref C: 2023-02-03T16:28:27Z
x-officecluster: PIE1
etag: "49f5c38b6837d91:0"
x-officefd: DB5PEPF00011AA6
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hF0D788BA51394C39_App_Scripts/1031/ Frame A48C 517 KB
79 KB 98ms
20ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hF0D788BA51394C39_App_Scripts/1031/word-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f0d788ba51394c394730fb391af4978971e5629a8cdf3fc470e943b207c9bad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16201.41002
x-officefe: AM4PEPF00010AB7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 80484
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 08 Feb 2023 01:22:43 GMT
x-correlationid: 02a8049a-f4d8-43e7-8f04-64f985c2896b
x-usersessionid: 02a8049a-f4d8-43e7-8f04-64f985c2896b
x-msedge-ref: Ref A: 5718AE413F0544D2997AD734681F3960 Ref B: AMS231032601037 Ref C: 2023-02-08T01:22:43Z
x-officecluster: PNL1
etag: W/"21172d85b3bd91:0"
x-officefd: AM4PEPF00010AB7
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appResourceLoader.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hD2CACF91237152C2_App_Scripts/exp/ Frame A48C 16 KB
4 KB 96ms
18ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hD2CACF91237152C2_App_Scripts/exp/appResourceLoader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d2cacf91237152c21a1d3fc660492b1e8dd9564e2c0ffba69241594e8c3704b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16201.41010
x-officefe: DM3PEPF00012E77
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3557
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 07 Feb 2023 23:45:07 GMT
x-correlationid: a0da3dc3-0ce4-4ec9-b1cb-9a33441277e8
x-usersessionid: a0da3dc3-0ce4-4ec9-b1cb-9a33441277e8
x-msedge-ref: Ref A: 864FF4F0C3854EF8A44DB0B13598EF4B Ref B: AMS231032603035 Ref C: 2023-02-07T23:45:06Z
x-officecluster: US3C
etag: W/"a76d5d354e3bd91:0"
x-officefd: DM3PEPF00012E77
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WordViewerDS.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h44876F1660FB9559_App_Scripts/ Frame A48C 3 MB
477 KB 62ms
62ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h44876F1660FB9559_App_Scripts/WordViewerDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

44876f1660fb9559c9153a1abc2fc7eee4f24a041934d5f996c7c754fd56c2f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16201.41002
x-officefe: AM4PEPF0001030F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 486212
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 07 Feb 2023 23:45:06 GMT
x-correlationid: afac35b2-2b66-4fb1-88ea-d6a1637abbed
x-usersessionid: afac35b2-2b66-4fb1-88ea-d6a1637abbed
x-msedge-ref: Ref A: E2F20C36B01A41BC9E15072E8A4BCC24 Ref B: AMS231032602007 Ref C: 2023-02-07T23:45:06Z
x-officecluster: PNL1
etag: W/"456c7354e3bd91:0"
x-officefd: AM4PEPF0001030F
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame A48C 0
644 B 31ms
31ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16206.41000&waccluster=PNL1&usid=1b670ceb-3f70-4b83-96af-ef5f05eb5d7d

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863
X-UserSessionId: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 06:42:14 GMT
x-officeversion: 16.0.16206.41000
x-officefe: AM4PEPF0001030D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: ed4624cf-1f44-42f1-b3e8-e233b099752a
x-officecluster: PNL1
x-usersessionid: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
x-msedge-ref: Ref A: 56765A6C2FE14597A8F469D05E358992 Ref B: AMS231032609021 Ref C: 2023-02-10T06:42:14Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame A48C 0
255 B 52ms
51ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16206.41000&waccluster=PNL1&usid=1b670ceb-3f70-4b83-96af-ef5f05eb5d7d

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863
X-UserSessionId: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":124,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/h5001B2DC70F3F563_resources/1031/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 06:42:14 GMT
x-officeversion: 16.0.16206.41000
x-officefe: AM4PEPF000069EA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: ee344128-e25a-4c19-9c1d-fb535d27cb46
x-officecluster: PNL1
x-usersessionid: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
x-msedge-ref: Ref A: DE018A9C571C4A938052E57386B02476 Ref B: AMS231032609021 Ref C: 2023-02-10T06:42:15Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame A48C 22 KB
22 KB 102ms
102ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token=1&access_token_ttl=0&z=1fc56558f35f1d9338b0e5b8fbb9fff16fc7d09cd372a411541f464a01358aa6&v=00000000-0000-0000-0000-000000000802&usid=1b670ceb-3f70-4b83-96af-ef5f05eb5d7d&splashscreen=1&build=16.0.16206.41000&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2fc5ac37e0525878318a3545db34c7684ef1d53447c846ae9b056a1a7d62ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 06:42:14 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF0001030D
x-officeversion: 16.0.16206.41000
x-officefe: AM4PEPF0001030D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22420
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 2ebad31c-d7e0-45cf-a3c8-66f21cc1378b
x-officecluster: PNL1
x-usersessionid: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
x-msedge-ref: Ref A: 38F49E71654140DB86EA8568B8805A1B Ref B: AMS231032609021 Ref C: 2023-02-10T06:42:15Z
x-officefd: AM4PEPF0001030D
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token=1&access_token_ttl=0&z=1fc56558f35f1d9338b0e5b8fbb9fff16fc7d09cd372a411541f464a01358aa600000000-0000-0000-0000-000000000802p1.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Sat, 10 Feb 2024 06:42:15 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ Frame D5E5 314 KB
108 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ed2f1c5e15079f95a1a4cb3af72a70830fb79e2709a6c6c9b3524315d0762bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 17:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109671
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 17:45:47 GMT

GET
H3 200 meta Show response
docs.google.com/viewerng/ Frame D5E5 100 B
136 B 42ms
42ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/meta?id=ACFrOgDqHXF-DOwnyH_SNRwkPvTl6BkAX2NRwtLdJyDXw9xbGrAdbAdTPABQ84ggTS6rtsP_9FEVCeG_aaFMZtyaz3KfPpET6XpyDySpS8-o9-O6tPkOycPnYfFEY9IENYG317tWIUx32hB-SSo8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.CwJ5fFKkLmU.O/d=1/rs=AC2dHMKV7GzfyyJYXhc29-Qa_ZWugC3lhw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

412d87ed273908195f1eabb541a5806339218afff763e467e14c87419d100903

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6f68S1HPViDsaxd69Ufllg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 06:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-6f68S1HPViDsaxd69Ufllg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame C0CB 382 B
1 KB 102ms
26ms Document
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918db8b4979068a9cb734d829db09aee6bba5a032ff1da8b3bad15d753a4a58e

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-hwUCb8OhTQ1NkBLxexT_yQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 273
content-security-policy: script-src 'nonce-hwUCb8OhTQ1NkBLxexT_yQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 06:42:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 17 Jul 2020 22:45:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpaper Show response
docs.google.com/viewerng/ Frame D5E5 93 KB
31 KB 55ms
55ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/gpaper?id=ACFrOgDqHXF-DOwnyH_SNRwkPvTl6BkAX2NRwtLdJyDXw9xbGrAdbAdTPABQ84ggTS6rtsP_9FEVCeG_aaFMZtyaz3KfPpET6XpyDySpS8-o9-O6tPkOycPnYfFEY9IENYG317tWIUx32hB-SSo8&page=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.CwJ5fFKkLmU.O/d=1/rs=AC2dHMKV7GzfyyJYXhc29-Qa_ZWugC3lhw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d262c0c8e3174b69d5fab4723e0c61b224a12bee57de62c63eb123261d8f42de

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6TtmB_20D8_199jn2AG4bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 06:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-6TtmB_20D8_199jn2AG4bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame D5E5 6 KB
2 KB 66ms
65ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/presspage?id=ACFrOgDqHXF-DOwnyH_SNRwkPvTl6BkAX2NRwtLdJyDXw9xbGrAdbAdTPABQ84ggTS6rtsP_9FEVCeG_aaFMZtyaz3KfPpET6XpyDySpS8-o9-O6tPkOycPnYfFEY9IENYG317tWIUx32hB-SSo8&page=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.CwJ5fFKkLmU.O/d=1/rs=AC2dHMKV7GzfyyJYXhc29-Qa_ZWugC3lhw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a6ef522b2ae7a9e061f3524c8cbf6cd9b790e743f5cd447a421e36f27115ac56

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gfNOU8S7gWcFOTTCeV-vDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 06:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-gfNOU8S7gWcFOTTCeV-vDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpaper Show response
docs.google.com/viewerng/ Frame D5E5 46 KB
16 KB 67ms
66ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/gpaper?id=ACFrOgDqHXF-DOwnyH_SNRwkPvTl6BkAX2NRwtLdJyDXw9xbGrAdbAdTPABQ84ggTS6rtsP_9FEVCeG_aaFMZtyaz3KfPpET6XpyDySpS8-o9-O6tPkOycPnYfFEY9IENYG317tWIUx32hB-SSo8&page=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.CwJ5fFKkLmU.O/d=1/rs=AC2dHMKV7GzfyyJYXhc29-Qa_ZWugC3lhw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

020bd9ce061443a4733bdfff67fbb6c6d71cf7d7e7905af2ba4e12e23a5e59d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1btF0fSlTU2poJsdTeUW4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 06:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-1btF0fSlTU2poJsdTeUW4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame D5E5 6 KB
2 KB 64ms
64ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de.CwJ5fFKkLmU.O/d=1/rs=AC2dHMKV7GzfyyJYXhc29-Qa_ZWugC3lhw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

038ea1d9e628834c6a38609de0058ad6807943f75044c219798bcdea4828f596

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--UgGwXm7ms1xAcDjirOiog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 06:42:15 GMT
content-security-policy: script-src 'report-sample' 'nonce--UgGwXm7ms1xAcDjirOiog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
content-encoding: gzip
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame A48C 0
249 B 31ms
31ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16206.41000&waccluster=PNL1&usid=1b670ceb-3f70-4b83-96af-ef5f05eb5d7d

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863
X-UserSessionId: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":397,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 06:42:14 GMT
x-officeversion: 16.0.16206.41000
x-officefe: AM4PEPF00012380
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 70fb2a7f-70cc-43c5-828d-c90aa754b4b0
x-officecluster: PNL1
x-usersessionid: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
x-msedge-ref: Ref A: 3D157CFB8D654B05AD3E26DB94516782 Ref B: AMS231032609021 Ref C: 2023-02-10T06:42:15Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame A48C 0
173 B 42ms
42ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteTelemetry.ashx?usid=1b670ceb-3f70-4b83-96af-ef5f05eb5d7d&build=16.0.16206.41000

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h44876F1660FB9559_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 06:42:14 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.16206.41000
x-officefe: AM4PEPF00012381
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 897a9f1d-e696-45b0-8cb0-6bfb083c70b9
x-officecluster: PNL1
x-usersessionid: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
x-msedge-ref: Ref A: A25F7EE9AE394758962B2107134867A5 Ref B: AMS231032609021 Ref C: 2023-02-10T06:42:15Z
x-download-options: noopen
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
cache-control: private
timing-allow-origin: *

GET
H2 200 docdatahandler.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame A48C 444 B
790 B 45ms
44ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token=1&access_token_ttl=0&z=1fc56558f35f1d9338b0e5b8fbb9fff16fc7d09cd372a411541f464a01358aa6&type=png&o15=1&ui=de-DE

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h67BB5D3F0BABDB61_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

9f599724618924b51219094b945d3fa021e415ad53b8a6e505248899c87ecb50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF000131F5
X-UserSessionId: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.16206.41000
X-Key: iYjB0beqO+L2cjeU3B+nKjjeP1mdHohc+FGUPeSpgl4=,638116081348331962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 06:42:14 GMT
x-wacfrontend: AM4PEPF000131F5
x-officeversion: 16.0.16206.41000
x-powered-by: ARR/3.0
x-officefe: AM4PEPF000131F5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 412
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 6854fb60-6e13-49f5-aae3-038b2251f3d3, 6854fb60-6e13-49f5-aae3-038b2251f3d3
x-officecluster: PNL1
x-usersessionid: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d, 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
x-msedge-ref: Ref A: B2E3AAB7C3144367B06E60D4BB4D59AD Ref B: AMS231032609021 Ref C: 2023-02-10T06:42:15Z
x-officefd: AM4PEPF00012376
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
timing-allow-origin: *, *
expires: Sat, 10 Feb 2024 06:42:15 GMT

GET
H2 200 wacairspaceanimationlibrary.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hDD4039F8AFAC6FD7_App_Scripts/ Frame A48C 41 KB
7 KB 19ms
19ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hDD4039F8AFAC6FD7_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h44876F1660FB9559_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dd4039f8afac6fd76b462c4fd4f90374b18db762719108491ac2e365196d71ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16201.41010
x-officefe: DM3PEPF00012E7D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 6113
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 04 Feb 2023 03:44:19 GMT
x-correlationid: 5b270227-9830-4209-91a8-1e2c1fb57f2f
x-usersessionid: 5b270227-9830-4209-91a8-1e2c1fb57f2f
x-msedge-ref: Ref A: 64715512A932477BAA1A29450D2CB6F3 Ref B: AMS231032602025 Ref C: 2023-02-07T01:37:39Z
x-officecluster: US3C
etag: "71bc3df64a38d91:0"
x-officefd: DM3PEPF00012E7D
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 apiserving
csp.withgoogle.com/csp/ Frame C0CB 0
0 88ms
33ms Other
text/html 2a00:1450:4001:831::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/apiserving
Requested by: Host: srv186287.hoster-test.ru
URL: http://srv186287.hoster-test.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://content.googleapis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame C0CB 17 KB
7 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2fa0a048c5d86fd5a08c19befc4d4c039fb61e0ca8453bbc72111a21873a044

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 06:42:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6894
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "6c49a48b0a122494"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Feb 2023 06:42:15 GMT

GET
BLOB 200
OK 3e9046e3-4305-49bf-b514-5967d2ab423f
https://pnl1-word-view.officeapps.live.com/ Frame A48C 189 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pnl1-word-view.officeapps.live.com/3e9046e3-4305-49bf-b514-5967d2ab423f
Requested by: Host: pnl1-word-view.officeapps.live.com
URL: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Length: 189
Content-Type: application/javascript

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ Frame C0CB 70 KB
25 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

449ff15b1ea450f54ff637e6e6f234b8820e73eea995c94d1b8aecf8f548c399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25091
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 11:30:41 GMT

POST
H2 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame C0CB 0
181 B 134ms
133ms XHR
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.77%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.77%20Safari%2F537.36
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 06:42:15 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame C0CB 0
47 B 143ms
143ms XHR
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.77%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.77%20Safari%2F537.36
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.IpWeeLsup8c.O%2Fd%3D1%2Frs%3DAHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Fri, 10 Feb 2023 06:42:15 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame A48C 0
649 B 32ms
32ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16206.41000&waccluster=PNL1&usid=1b670ceb-3f70-4b83-96af-ef5f05eb5d7d

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863
X-UserSessionId: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":642,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16206.41000
x-officefe: AM4PEPF000131F1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 56c5c8c5-235f-4ed9-afd8-ed5d8110e905
x-officecluster: PNL1
x-usersessionid: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
x-msedge-ref: Ref A: 0C6163D7BC7741E1B87BEFC4BDDAFD77 Ref B: AMS231032609021 Ref C: 2023-02-10T06:42:15Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H2 200 WordViewerDS.dll1.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h8103F55CA9E452EE_App_Scripts/ Frame A48C 842 KB
138 KB 19ms
19ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h8103F55CA9E452EE_App_Scripts/WordViewerDS.dll1.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h44876F1660FB9559_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8103f55ca9e452eecf15583e1e249e9aae64f1cbe9b1ee298615850a4b1feb09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16201.41002
x-officefe: AM4PEPF0001237B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 140694
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 07 Feb 2023 23:45:10 GMT
x-correlationid: b3050316-d273-4d2a-ad8e-fa46f5dabcae
x-usersessionid: b3050316-d273-4d2a-ad8e-fa46f5dabcae
x-msedge-ref: Ref A: 8E0E03B0BE3742DDABA66E22C04EB0C9 Ref B: AMS231032605037 Ref C: 2023-02-07T23:45:10Z
x-officecluster: PNL1
etag: W/"5e9d46374e3bd91:0"
x-officefd: AM4PEPF0001237B
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1031/ Frame A48C 695 B
1 KB 20ms
19ms Image
image/gif 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1031/progress.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16130.41000
x-officefe: DB5PEPF00011AA6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 01 Feb 2023 23:19:19 GMT
x-correlationid: 95e7e3ae-01fc-4b94-9cda-9dd794a0b7e1
x-usersessionid: 95e7e3ae-01fc-4b94-9cda-9dd794a0b7e1
x-msedge-ref: Ref A: C71FE4D4925340B59B054DB5D84CEB57 Ref B: AMS231032608005 Ref C: 2023-02-03T00:18:39Z
x-officecluster: PIE1
etag: "11f9229c9336d91:0"
x-officefd: DB5PEPF00011AA6
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame A48C 22 KB
22 KB 35ms
34ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=1b670ceb-3f70-4b83-96af-ef5f05eb5d7d&build=16.0.16206.41000&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token=1&access_token_ttl=0&z=1fc56558f35f1d9338b0e5b8fbb9fff16fc7d09cd372a411541f464a01358aa6&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2fc5ac37e0525878318a3545db34c7684ef1d53447c846ae9b056a1a7d62ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 06:42:15 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF000131F5
x-officeversion: 16.0.16206.41000
x-officefe: AM4PEPF000131F5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22420
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 0d34d47c-6cbf-4f27-93ca-831ff1e7b575
x-officecluster: PNL1
x-usersessionid: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
x-msedge-ref: Ref A: 913115EB5E9B4AE8AA3B1048DEA5F01C Ref B: AMS231032609021 Ref C: 2023-02-10T06:42:15Z
x-officefd: AM4PEPF000131F5
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token=1&access_token_ttl=0&z=1fc56558f35f1d9338b0e5b8fbb9fff16fc7d09cd372a411541f464a01358aa600000000-0000-0000-0000-000000000802p1.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Sat, 10 Feb 2024 06:42:15 GMT

GET
H2 200 ResReader.ashx
pnl1-word-view.officeapps.live.com/wv/ Frame A48C 9 KB
10 KB 88ms
87ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=1b670ceb-3f70-4b83-96af-ef5f05eb5d7d&build=16.0.16206.41000&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token=1&access_token_ttl=0&z=1fc56558f35f1d9338b0e5b8fbb9fff16fc7d09cd372a411541f464a01358aa6&waccluster=PNL1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3dbe5fdfd86954b1176a7170097994df7c9757bf4aca118a54891448aa00ec2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 06:42:15 GMT
x-content-type-options: nosniff
x-wacfrontend: AM4PEPF00010AB5
x-officeversion: 16.0.16206.41000
x-officefe: AM4PEPF00010AB5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 9397
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 20806063-3779-482b-8b84-8be489fa116e
x-officecluster: PNL1
x-usersessionid: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
x-msedge-ref: Ref A: E4966001FC42474E8B905AE303103431 Ref B: AMS231032609021 Ref C: 2023-02-10T06:42:15Z
x-officefd: AM4PEPF00010AB5
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token=1&access_token_ttl=0&z=1fc56558f35f1d9338b0e5b8fbb9fff16fc7d09cd372a411541f464a01358aa600000000-0000-0000-0000-000000000802p2.img"
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Sat, 10 Feb 2024 06:42:15 GMT

GET
H2 200 word-app-intl.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161620641000_App_Scripts/1031/ Frame A48C 517 KB
79 KB 19ms
19ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161620641000_App_Scripts/1031/word-app-intl.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD2CACF91237152C2_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f0d788ba51394c394730fb391af4978971e5629a8cdf3fc470e943b207c9bad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16201.41002
x-officefe: DB5PEPF00011AE9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 80484
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 08 Feb 2023 01:22:44 GMT
x-correlationid: dfabe4b4-a451-425e-a26e-77949dc39d3a
x-usersessionid: dfabe4b4-a451-425e-a26e-77949dc39d3a
x-msedge-ref: Ref A: CE74F77736D04C69AA5E761D00F80E83 Ref B: AMS231032602051 Ref C: 2023-02-08T01:22:44Z
x-officecluster: PIE1
etag: W/"32fa69d85b3bd91:0"
x-officefd: DB5PEPF00011AE9
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hF1FD3ED583A7FCC0_App_Scripts/exp/ Frame A48C 1 MB
273 KB 23ms
23ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hF1FD3ED583A7FCC0_App_Scripts/exp/common.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD2CACF91237152C2_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f1fd3ed583a7fcc059d605ddeb63985e522712d3ad6e5de3b0764fd0879fee3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16201.41002
x-officefe: DB5PEPF00011AC1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 277880
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 07 Feb 2023 23:45:12 GMT
x-correlationid: 6d93ae00-62d1-4aff-9965-001d0b2ce7c1
x-usersessionid: 6d93ae00-62d1-4aff-9965-001d0b2ce7c1
x-msedge-ref: Ref A: 2E6EF02C43054E848A34E04B519780B6 Ref B: AMS231032604053 Ref C: 2023-02-07T23:45:11Z
x-officecluster: PIE1
etag: W/"2d943e384e3bd91:0"
x-officefd: DB5PEPF00011AC1
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChrome.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h4A38881C4B1098A9_App_Scripts/exp/ Frame A48C 261 KB
49 KB 20ms
20ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h4A38881C4B1098A9_App_Scripts/exp/appChrome.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD2CACF91237152C2_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4a38881c4b1098a9487f3378dd9ddd8290d3cf545a9d8823b310ebe05276ba8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16201.41002
x-officefe: AM4PEPF00011BBF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 48979
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 07 Feb 2023 23:45:12 GMT
x-correlationid: a13ec05c-b59b-4dac-876c-f4ca1541f084
x-usersessionid: a13ec05c-b59b-4dac-876c-f4ca1541f084
x-msedge-ref: Ref A: F378420975204A1BB4C9409C23E5B350 Ref B: AMS231032607045 Ref C: 2023-02-07T23:45:12Z
x-officecluster: PNL1
etag: W/"ba4f48384e3bd91:0"
x-officefd: AM4PEPF00011BBF
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1031/ Frame A48C 695 B
1 KB 19ms
19ms Image
image/gif 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hA3596C17DAD9A003_resources/1031/progress.gif

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h44876F1660FB9559_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16130.41000
x-officefe: DB5PEPF00011AA6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 695
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 01 Feb 2023 23:19:19 GMT
x-correlationid: 95e7e3ae-01fc-4b94-9cda-9dd794a0b7e1
x-usersessionid: 95e7e3ae-01fc-4b94-9cda-9dd794a0b7e1
x-msedge-ref: Ref A: C71FE4D4925340B59B054DB5D84CEB57 Ref B: AMS231032608005 Ref C: 2023-02-03T00:18:39Z
x-officecluster: PIE1
etag: "11f9229c9336d91:0"
x-officefd: DB5PEPF00011AA6
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wv.png
c1h-word-view-15.cdn.office.net/wv/s/161620641000_resources/1031/ Frame A48C 34 KB
35 KB 23ms
18ms Image
image/png 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161620641000_resources/1031/wv.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16201.41010
x-officefe: DM3PEPF00012E90
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 35196
x-msedge-features: typeheadertest,afd_waccluster,afd_powerpointslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Wed, 08 Feb 2023 01:22:44 GMT
x-correlationid: 0e5e56ad-cc29-434d-a368-268915883bdf
x-usersessionid: 0e5e56ad-cc29-434d-a368-268915883bdf
x-msedge-ref: Ref A: B775E455CE404C19B7771D44E43BD2E6 Ref B: AMS231032607023 Ref C: 2023-02-08T01:52:15Z
x-officecluster: US3C
etag: "1b1474d85b3bd91:0"
x-officefd: DM3PEPF00012E90
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress16.gif
c1h-word-view-15.cdn.office.net/wv/s/h38E88B6AF6C65319_resources/1031/ Frame A48C 668 B
1 KB 30ms
26ms Image
image/gif 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h38E88B6AF6C65319_resources/1031/progress16.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16124.41002
x-officefe: AM4PEPF000069FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 668
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 28 Jan 2023 00:07:14 GMT
x-correlationid: 48c8eadf-1cd0-4bbe-b1d2-4906ce058c4a
x-usersessionid: 48c8eadf-1cd0-4bbe-b1d2-4906ce058c4a
x-msedge-ref: Ref A: 9E610AB77D9942F495A6548CC5F7B8EC Ref B: AMS231032608011 Ref C: 2023-01-29T05:38:12Z
x-officecluster: PNL1
etag: "92fb207aac32d91:0"
x-officefd: AM4PEPF000069FC
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame A48C 0
281 B 35ms
33ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16206.41000&waccluster=PNL1&usid=1b670ceb-3f70-4b83-96af-ef5f05eb5d7d

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863
X-UserSessionId: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":738,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16206.41000
x-officefe: AM4PEPF000069EA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_onenoteslice_control,afd_visioslice,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 08f88ae4-e1c8-45b9-813a-0375ea3533c1
x-officecluster: PNL1
x-usersessionid: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
x-msedge-ref: Ref A: F6E6B401895C4AF497A0B6F35A925959 Ref B: AMS231032609021 Ref C: 2023-02-10T06:42:15Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame A48C 0
374 B 32ms
30ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.16206.41000&waccluster=PNL1&usid=1b670ceb-3f70-4b83-96af-ef5f05eb5d7d

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h67BB5D3F0BABDB61_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacFrontEnd: AM4PEPF000131F5
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.16206.41000
X-Key: iYjB0beqO+L2cjeU3B+nKjjeP1mdHohc+FGUPeSpgl4=,638116081348331962
X-bULS-SuppressionETag: 86A1126169A84F6ADBBF1A07FB8BDF95FAE4810A
X-Requested-With: XMLHttpRequest
X-xhr: 1
haep: 1
X-AccessToken: 1
X-UserSessionId: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
X-AccessTokenTtl: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863
X-UserType: WOPI
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16206.41000
x-officefe: AM4PEPF00006A0A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 86A1126169A84F6ADBBF1A07FB8BDF95FAE4810A
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: 57e520ed-4cec-4320-a3d1-c9ae655f27d2
x-officecluster: PNL1
x-usersessionid: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
x-msedge-ref: Ref A: 00D532C4E0DE47D7A3CBD4F601B82A1F Ref B: AMS231032609021 Ref C: 2023-02-10T06:42:15Z
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-word-view.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H2 200 common50.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/hD9E2053C23F94718_App_Scripts/exp/ Frame A48C 2 MB
429 KB 21ms
20ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/hD9E2053C23F94718_App_Scripts/exp/common50.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD2CACF91237152C2_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d9e2053c23f9471813289f707de26d43df403fdc2ebd0d556dc1ea6db21f2738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16201.41002
x-officefe: AM4PEPF000131EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 437681
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 07 Feb 2023 23:45:12 GMT
x-correlationid: b598c5cf-2aa3-4310-9a25-094334a082b6
x-usersessionid: b598c5cf-2aa3-4310-9a25-094334a082b6
x-msedge-ref: Ref A: C59AA7DB231F4BE5951263EC975746E8 Ref B: AMS231032605033 Ref C: 2023-02-07T23:45:12Z
x-officecluster: PNL1
etag: W/"bce291384e3bd91:0"
x-officefd: AM4PEPF000131EC
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChromeLazy.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h7AD2B4D9CB03BD95_App_Scripts/exp/ Frame A48C 596 KB
122 KB 19ms
19ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h7AD2B4D9CB03BD95_App_Scripts/exp/appChromeLazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD2CACF91237152C2_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7ad2b4d9cb03bd95b411f9948831be7c1e73184737e18c0b63762439fad9395d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16201.41002
x-officefe: DB5PEPF00011AA2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 124309
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 07 Feb 2023 23:45:12 GMT
x-correlationid: fb10bb98-c0a1-4df3-971b-6babc38ad298
x-usersessionid: fb10bb98-c0a1-4df3-971b-6babc38ad298
x-msedge-ref: Ref A: 678464BFC53E40DFA299347DB1118B87 Ref B: AMS231032605031 Ref C: 2023-02-07T23:45:12Z
x-officecluster: PIE1
etag: W/"5712a3384e3bd91:0"
x-officefd: DB5PEPF00011AA2
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ResReader.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame A48C 11 KB
4 KB 47ms
46ms XHR
text/xml 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=1b670ceb-3f70-4b83-96af-ef5f05eb5d7d&build=16.0.16206.41000&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token=1&access_token_ttl=0&z=1fc56558f35f1d9338b0e5b8fbb9fff16fc7d09cd372a411541f464a01358aa6&waccluster=PNL1

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h67BB5D3F0BABDB61_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e7f5b646778bda4e458cc439225628bfdfb41a1077e9aaa656ee3d42e8378ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF000131F5
X-UserSessionId: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.16206.41000
X-Key: iYjB0beqO+L2cjeU3B+nKjjeP1mdHohc+FGUPeSpgl4=,638116081348331962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 06:42:15 GMT
x-wacfrontend: AM4PEPF000131F5
x-officeversion: 16.0.16206.41000
x-powered-by: ARR/3.0
x-officefe: AM4PEPF000131F5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3099
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 8c5e3828-6293-4c5e-8f70-8c59287ea2d2, 8c5e3828-6293-4c5e-8f70-8c59287ea2d2
x-officecluster: PNL1
x-usersessionid: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d, 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
x-msedge-ref: Ref A: 3B8F11544DAA40DFA5D52F8FC67F0BBE Ref B: AMS231032609021 Ref C: 2023-02-10T06:42:15Z
x-officefd: AM4PEPF0001030D
etag: "WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token=1&access_token_ttl=0&z=1fc56558f35f1d9338b0e5b8fbb9fff16fc7d09cd372a411541f464a01358aa600000000-0000-0000-0000-000000000802p_1_10.xml"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private
timing-allow-origin: *, *
expires: Sat, 10 Feb 2024 06:42:15 GMT

GET
H2 200 word-app-intl-lazy.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h770985BAFB62D356_App_Scripts/1031/ Frame A48C 725 KB
83 KB 19ms
19ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h770985BAFB62D356_App_Scripts/1031/word-app-intl-lazy.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h44876F1660FB9559_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

770985bafb62d3563efdf3a4936b8c716a169d411d5690e3c558ff1cebaa30eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16127.41003
x-officefe: AM4PEPF00006A20
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 84491
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 01 Feb 2023 19:22:45 GMT
x-correlationid: 5dfdbe10-76ed-4e78-b82c-69bbcd997574
x-usersessionid: 5dfdbe10-76ed-4e78-b82c-69bbcd997574
x-msedge-ref: Ref A: AC6DD5A165C3459FAA4D4C5CF0886CA1 Ref B: AMS231032607021 Ref C: 2023-02-01T19:22:45Z
x-officecluster: PNL1
etag: W/"f36f4e907236d91:0"
x-officefd: AM4PEPF00006A20
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uiSlice20.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h08D0F0105C6B49B0_App_Scripts/exp/ Frame A48C 1 MB
215 KB 19ms
19ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h08D0F0105C6B49B0_App_Scripts/exp/uiSlice20.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/hD2CACF91237152C2_App_Scripts/exp/appResourceLoader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

08d0f0105c6b49b09f439027c1858707a8c7d2967e22c1b811e2d7c71e75d962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16201.41002
x-officefe: DB5PEPF00011ACE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 218645
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 07 Feb 2023 23:45:13 GMT
x-correlationid: c30255a1-d558-441c-8c65-2ebf75a75aaa
x-usersessionid: c30255a1-d558-441c-8c65-2ebf75a75aaa
x-msedge-ref: Ref A: B8E306CBB08348B4AD126E84B1324BD6 Ref B: AMS231032607009 Ref C: 2023-02-07T23:45:12Z
x-officecluster: PIE1
etag: W/"49fc6384e3bd91:0"
x-officefd: DB5PEPF00011ACE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sharedheaderplaceholder-icons.woff
c1h-word-view-15.cdn.office.net/wv/s/h0A8049C5627A132D_App_Scripts/fonts/ Frame A48C 3 KB
3 KB 19ms
19ms Font
font/x-woff 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h0A8049C5627A132D_App_Scripts/fonts/sharedheaderplaceholder-icons.woff

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0a8049c5627a132d4c0be08579b2a33f7e8fd285a122795cabadabf08ddb6858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 06:42:15 GMT
x-officeversion: 16.0.16124.41002
x-officefe: AM4PEPF00011BC2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2796
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 28 Jan 2023 02:10:45 GMT
x-correlationid: 4385052e-4f4a-402d-906e-a7148ce4cb44
x-usersessionid: 4385052e-4f4a-402d-906e-a7148ce4cb44
x-msedge-ref: Ref A: 5E78627A96944956B17CDC292B6CA1BC Ref B: AMS231032604019 Ref C: 2023-01-30T00:38:25Z
x-officecluster: PNL1
etag: "984cfebabd32d91:0"
x-officefd: AM4PEPF00011BC2
content-type: font/x-woff
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 de-de Show response
res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/ Frame A48C 25 KB
5 KB 97ms
20ms XHR
application/json 2a02:26f0:480:1e::217:d1b1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/shellux/api/ShellBootInfo/consumer/OneShell/de-de

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7AD2B4D9CB03BD95_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:1e::217:d1b1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

12b486c01b2832080aeca55b9ba417bf9a2d706f33504e3b81c5986f4a24db0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=2592000, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 06:42:16 GMT
x-cdn-provider: Akamai
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC
cache-control: max-age=300
timing-allow-origin: *
x-o365suiteuxshell-correlationid: baa03f47-2a5f-43dc-80c9-a935e3e6fd22
content-length: 5119

GET
H2 200 shellstrings.json Show response
c1h-word-view-15.cdn.office.net/wv/s/161620641000_App_Scripts/suiteux-shell/strings/de/ Frame A48C 15 KB
6 KB 19ms
19ms XHR
application/json 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161620641000_App_Scripts/suiteux-shell/strings/de/shellstrings.json

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7AD2B4D9CB03BD95_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d03e78b6659950e76ac5aa720c8111f717a6994b96c1c7d12bff40af7ac18fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 10 Feb 2023 06:42:16 GMT
x-officeversion: 16.0.16201.41002
x-officefe: DB5PEPF00011AEA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5071
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 08 Feb 2023 01:22:44 GMT
x-correlationid: a913a246-0b63-4f4b-963a-658dac216d78
x-usersessionid: a913a246-0b63-4f4b-963a-658dac216d78
x-msedge-ref: Ref A: CC3B09053B69413498D10AAFAAC27C88 Ref B: AMS231032606007 Ref C: 2023-02-08T01:22:44Z
x-officecluster: PIE1
etag: W/"0ca3bd85b3bd91:0"
x-officefd: DB5PEPF00011AEA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/h5001B2DC70F3F563_resources/1031/ Frame A48C 22 KB
23 KB 19ms
19ms Font
font/x-woff 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h5001B2DC70F3F563_resources/1031/segoeui.woff

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h5001B2DC70F3F563_resources/1031/WordViewer.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1h-word-view-15.cdn.office.net/wv/s/h5001B2DC70F3F563_resources/1031/WordViewer.css
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Feb 2023 06:42:16 GMT
x-officeversion: 16.0.16201.41002
x-officefe: AM4PEPF0001293E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 05 Feb 2023 07:55:42 GMT
x-correlationid: 58df2360-6692-427c-ae8a-337fc2cfd370
x-usersessionid: 58df2360-6692-427c-ae8a-337fc2cfd370
x-msedge-ref: Ref A: C82BCB5EC1F541BCADB75AE4BBFD2F8B Ref B: AMS231032603023 Ref C: 2023-02-05T07:55:42Z
x-officecluster: PNL1
etag: W/"be20fb3e3739d91:0"
x-officefd: AM4PEPF0001293E
content-type: font/x-woff
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui-semibold.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/ Frame A48C 31 KB
31 KB 19ms
19ms Font
font/woff2 2a02:26f0:480:1e::217:d1b1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:1e::217:d1b1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 06:42:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Dec 2022 21:53:31 GMT
x-cdn-provider: Akamai
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: 346b9e01-101e-004d-7550-14307b000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: public, max-age=630720000
timing-allow-origin: *
content-length: 31824

GET
H2 200 suiteux.shell.core.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161620641000_App_Scripts/suiteux-shell/js/ Frame A48C 285 KB
77 KB 19ms
19ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161620641000_App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7AD2B4D9CB03BD95_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

90208ed29dceaf2ef6221fa41d42119f982ad7329ba7f7036fe587d8d4e79efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:16 GMT
x-officeversion: 16.0.16201.41002
x-officefe: DB5PEPF00011AC6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 78118
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 07 Feb 2023 23:45:13 GMT
x-correlationid: 602ed92d-9a5e-493a-a25a-f34b2d00aec3
x-usersessionid: 602ed92d-9a5e-493a-a25a-f34b2d00aec3
x-msedge-ref: Ref A: CD52AB9198484E40825B58C70C6999F9 Ref B: AMS231032601005 Ref C: 2023-02-07T23:45:13Z
x-officecluster: PIE1
etag: W/"7c97da384e3bd91:0"
x-officefd: DB5PEPF00011AC6
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui-regular.woff2
res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/ Frame A48C 35 KB
36 KB 19ms
19ms Font
font/woff2 2a02:26f0:480:1e::217:d1b1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/files/fabric-cdn-prod_20221209.001/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:1e::217:d1b1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 06:42:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Dec 2022 21:53:29 GMT
x-cdn-provider: Akamai
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: 1fc271d7-801e-004f-6650-148ec3000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: public, max-age=630720000
timing-allow-origin: *
content-length: 36344

GET
H2 200 suiteux.shell.consappdata.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161620641000_App_Scripts/suiteux-shell/js/ Frame A48C 7 KB
3 KB 19ms
18ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161620641000_App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7AD2B4D9CB03BD95_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

86fc2aaa509a1232bf93a6caea92aea0bfc60e857291e7a57576d3427ed24c81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:16 GMT
x-officeversion: 16.0.16206.41000
x-officefe: AM4PEPF00006A6F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2024
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 07 Feb 2023 14:25:31 GMT
x-correlationid: fdec3285-3479-4d98-a892-ecf1be87835c
x-usersessionid: fdec3285-3479-4d98-a892-ecf1be87835c
x-msedge-ref: Ref A: 85091BFCDD1844A4A1A338BBFD40D131 Ref B: AMS231032606033 Ref C: 2023-02-07T23:57:45Z
x-officecluster: SNL1
etag: "3e8b4803bd91:0"
x-officefd: AM4PEPF00006A6F
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 suiteux.shell.plus.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161620641000_App_Scripts/suiteux-shell/js/ Frame A48C 219 KB
47 KB 19ms
19ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161620641000_App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7AD2B4D9CB03BD95_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ce54c0435f6bb41736fdf5a11a1c2dc450ad32d5277672f42262ef8e3029713d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:16 GMT
x-officeversion: 16.0.16201.41002
x-officefe: DB5PEPF00011AA6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 47615
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 07 Feb 2023 23:45:13 GMT
x-correlationid: c0df68b6-ce58-460a-a837-9b56e01c022a
x-usersessionid: c0df68b6-ce58-460a-a837-9b56e01c022a
x-msedge-ref: Ref A: 5B3F952FD1E0454C9A39BCC952A9F3ED Ref B: AMS231032609011 Ref C: 2023-02-07T23:45:13Z
x-officecluster: PIE1
etag: W/"deb523394e3bd91:0"
x-officefd: DB5PEPF00011AA6
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame A48C 42 KB
16 KB 148ms
29ms Script
application/javascript 104.108.5.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h44876F1660FB9559_App_Scripts/WordViewerDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.108.5.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-5-25.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 06:42:16 GMT
X-MSNServer: RD00155D8D6235
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
X-ODWebServer: northeurope1-odwebp
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=48287, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16199

GET
H2 200 suiteux.shell.otellogging.js Show response
c1h-word-view-15.cdn.office.net/wv/s/161620641000_App_Scripts/suiteux-shell/js/ Frame A48C 101 KB
32 KB 20ms
18ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/161620641000_App_Scripts/suiteux-shell/js/suiteux.shell.otellogging.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h7AD2B4D9CB03BD95_App_Scripts/exp/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6595729f6b1ffd5a1824115388ef9dc7b70eef861f015c542ecbd000fe86ca62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:16 GMT
x-officeversion: 16.0.16201.41010
x-officefe: DM3PEPF00013876
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 32250
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wordcapacity_2,afd_pptcapacity_control,afd_pptcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 07 Feb 2023 23:45:13 GMT
x-correlationid: 77474cea-18e2-4d3f-9fbb-865a3f9a3e78
x-usersessionid: 77474cea-18e2-4d3f-9fbb-865a3f9a3e78
x-msedge-ref: Ref A: 5FC29EB573864749AD746B89A5500704 Ref B: AMS231032604053 Ref C: 2023-02-07T23:45:13Z
x-officecluster: US4C
etag: W/"b2b243394e3bd91:0"
x-officefd: DM3PEPF00013876
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame A48C 2 KB
2 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df

Request headers

Referer
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A48C 18 KB
18 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bc4f3fa66d42fd1999cb018d3e4024325dd6a96ee9e0a942d71f37ac875153d

Request headers

Referer
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H/1.1

200
OK

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1676011336409
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1676011336&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252f...

0
0

279ms
121ms

Image
text/html

40.126.31.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1676011336&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
Protocol: HTTP/1.1
Server: 40.126.31.71 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: AM2PPF52AFACAA1
x-qosstats: {"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-asmversion: UNKNOWN; 19.1084.124.2003
date: Fri, 10 Feb 2023 06:42:15 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1676011336&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
x-throwsite: 4212.9205
x-clienterrorcode: PassportAuthFail
ms-cv: neu5GXHHOkinRTReNLb4PA.0
content-length: 0
x-errorcodechain: Unauthenticated

GET
H2 200 otelFull.min.js Show response
c1h-word-view-15.cdn.office.net/wv/s/h353F80F6CEC86712_App_Scripts/ Frame A48C 120 KB
36 KB 19ms
19ms Script
application/javascript 2a02:26f0:480:28e::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-word-view-15.cdn.office.net/wv/s/h353F80F6CEC86712_App_Scripts/otelFull.min.js

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h44876F1660FB9559_App_Scripts/WordViewerDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:28e::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

353f80f6cec8671262a823793403ca0aa5e59b8dc027a6ffb1ddf14b3252ad41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-word-view.officeapps.live.com/
Origin: https://pnl1-word-view.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Fri, 10 Feb 2023 06:42:16 GMT
x-officeversion: 16.0.16125.41000
x-officefe: AM4PEPF0001030F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 35710
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 31 Jan 2023 19:16:49 GMT
x-correlationid: f9a4a5a9-61d4-4636-bfbb-c726af4bc638
x-usersessionid: f9a4a5a9-61d4-4636-bfbb-c726af4bc638
x-msedge-ref: Ref A: 7BC14939BF674C4EAB576354A371FE81 Ref B: AMS231032608045 Ref C: 2023-01-31T19:16:49Z
x-officecluster: PNL1
etag: W/"aa9da991a835d91:0"
x-officefd: AM4PEPF0001030F
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame A48C 4 B
383 B 145ms
29ms XHR
application/json 51.11.192.50
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/ping

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h353F80F6CEC86712_App_Scripts/otelFull.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.11.192.50 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-word-view.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 10 Feb 2023 06:42:15 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://pnl1-word-view.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 translation.ashx Show response
pnl1-word-view.officeapps.live.com/wv/ Frame A48C 2 KB
2 KB 37ms
37ms XHR
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token=1&access_token_ttl=0&z=1fc56558f35f1d9338b0e5b8fbb9fff16fc7d09cd372a411541f464a01358aa6&uilang=de-DE

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h67BB5D3F0BABDB61_App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

eb37bb6de598a600e2f4a86ad5c47ad6a0580e8f43bfaded9e6684a1535016bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-WacFrontEnd: AM4PEPF000131F5
X-UserSessionId: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.16206.41000
X-Key: iYjB0beqO+L2cjeU3B+nKjjeP1mdHohc+FGUPeSpgl4=,638116081348331962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Referer: https://pnl1-word-view.officeapps.live.com/wv/wordviewerframe.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fsrv186287%252Ehoster%252Dtest%252Eru%253A80%252Fautocentr3%252Edocx&access_token_ttl=0&hid=96c2f461-437e-4f33-b95e-5772a23cb863
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Feb 2023 06:42:16 GMT
x-wacfrontend: AM4PEPF000131F5
x-officeversion: 16.0.16206.41000
x-powered-by: ARR/3.0
x-officefe: AM4PEPF000131F5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1439
pragma: no-cache
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path: WAC_WFE_AFFINITY_TARGET_URL
x-correlationid: 04c898af-22c7-4acb-9194-f4e38761e156, 04c898af-22c7-4acb-9194-f4e38761e156
x-officecluster: PNL1
x-usersessionid: 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d, 1b670ceb-3f70-4b83-96af-ef5f05eb5d7d
x-msedge-ref: Ref A: 5724A187381245D3B0571BDAFA1B31B4 Ref B: AMS231032609021 Ref C: 2023-02-10T06:42:16Z
x-officefd: AM4PEPF00012376
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
timing-allow-origin: *, *
expires: -1

POST
H/1.1 200
OK / Show response
eu-office.events.data.microsoft.com/OneCollector/1.0/ Frame A48C 24 B
480 B 118ms
32ms XHR
application/json 13.69.109.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-office.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2

Requested by

Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h353F80F6CEC86712_App_Scripts/otelFull.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.109.131 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

f8a95719f97006bd286f678a38eb1d7871ba84a84bef75c7107a78f2e17b0583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1676011338521
accept-language: de-DE,de;q=0.9
client-version: 1DS-Web-JS-3.2.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
Referer: https://pnl1-word-view.officeapps.live.com/
apikey: 79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045,7e7959aac92e41d6892c69a87259ed58-de5c63ef-10f5-45e1-bef2-d23e9cac2fab-6830
Client-Id: NO_AUTH

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 10 Feb 2023 06:42:18 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 223
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://pnl1-word-view.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

OPTIONS
H/1.1 200
OK /
eu-office.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 129ms
24ms Preflight 13.69.109.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-office.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.109.131 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://pnl1-word-view.officeapps.live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://pnl1-word-view.officeapps.live.com
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Fri, 10 Feb 2023 06:42:18 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.view.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: 9cf90d0b60f5b57d59aa26fd99ca8b94b84a2107277c0921529a1c9820af230c
.google.com/	1970-01-20 13:57:02	Name: NID Value: 511=rYSCGUQ46_qd501qMx3_a2GcSdsvd11VSeGr676g-k-TSdjesW4NB9ObyYY88T4V8vOfEvGGaiVl0NmuXfenXhIuyAeTGT4Bx5GtUmZBk-vWUs8IkMZ97uYvBfn9NrRgEjrNrnKOiVg7t-_XfvRFshOCBQpIdf2z9Z6hcq1gjrc
pnl1-word-view.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: ff7f440d8d9c4dc3a0c8b8115ed602fd
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=63539&lt=1676011336&co=1
.login.live.com/	1970-01-20 18:55:07	Name: MSCC Value: 217.114.218.27-DE
.login.live.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.DXwzkwJrhYfvoxWt55rY0EP88QuQLG8fZ70h3sgejkt3kscoAbyJXgRs3Q!VtWa5F2gTVzXUVlzh!xX1Ue6kQU2pJiAlPLZqdYIBmK!5Ilc2Djgl!jvaq2pBu8dd4UkNZFDMFNnsBScUmcSuzQnpWaE4Ys9AdetA7bCjsl4Kv0VrOOVeZDzyYqO4fMmsFbW1Ei9NWZtEHnuucFmOea5NTRry8CUpnpybFVe2dZL3HyHzRmsuUJ9o8IK4pohW1lWeptBIsjru2Tkce8liWN!0ob3c4eVpd7HBVg69s!OFlA1qAURdVXGojX7PNOLmmLYLSqnOtSAookrsYS4JXbD55GNOmH7ecVCIZzgerZdG9qlFVxJepr0inbXzfJLbm!wnNJxn79PQyYwY24kkwShP0wNBGq04gCsm8BCuF5TDt90e6!boVigGZiRoiCvtXzQ9GrC3xSq8f!vjxPJ8Atcr91bws7YnU*3S5UmS
.login.live.com/	1969-12-31 23:59:59	Name: MSPOK Value: $uuid-9a425a78-7050-4aa1-a430-54729616438a

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-s4LUovMd4CDhyvW4dh8wzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://docs.google.com/viewer?url=http://srv186287.hoster-test.ru/autocentr3.docx&embedded=true(Line 8) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-s4LUovMd4CDhyvW4dh8wzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
network	error	URL: https://docs.google.com/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://docs.google.com/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apis.google.com
browser.events.data.microsoft.com
c1h-word-view-15.cdn.office.net
content.googleapis.com
csp.withgoogle.com
docs.google.com
eu-office.events.data.microsoft.com
js.live.net
login.live.com
pnl1-word-view.officeapps.live.com
res-1.cdn.office.net
srv186287.hoster-test.ru
storage.live.com
view.officeapps.live.com
www.gstatic.com
104.108.5.25
13.105.28.32
13.69.109.131
2620:1ec:a92::171
2a00:1450:4001:802::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:813::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2011
2a02:26f0:480:1e::217:d1b1
2a02:26f0:480:28e::1c24
31.28.24.115
40.126.31.71
51.11.192.50
020bd9ce061443a4733bdfff67fbb6c6d71cf7d7e7905af2ba4e12e23a5e59d2
038ea1d9e628834c6a38609de0058ad6807943f75044c219798bcdea4828f596
08d0f0105c6b49b09f439027c1858707a8c7d2967e22c1b811e2d7c71e75d962
0a8049c5627a132d4c0be08579b2a33f7e8fd285a122795cabadabf08ddb6858
12b486c01b2832080aeca55b9ba417bf9a2d706f33504e3b81c5986f4a24db0c
1b94e2b772665fc07a3057c1cc72922540bf9cd0fa5a205afff3dca051bebd29
218fc460ead1aef8c46e58920927542759608ca5dbce982a5270db0e689bea88
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
24181b0d7de1ee426b524365d3c27cca04aea1bbbdca131f451d609f2d404a83
25fd85f03c2b60ce01302d6ba09622ce7f9c886c15867cbd55476b93b9d6f8c5
353f80f6cec8671262a823793403ca0aa5e59b8dc027a6ffb1ddf14b3252ad41
38e88b6af6c6531959a5ad70f5310b60878dc948086a1d4107168b08cc44ecf7
3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
3d8f0346de54c48e42e7b8d2a5f69645f5083e9704376e93c69c59f196722f31
3dbe5fdfd86954b1176a7170097994df7c9757bf4aca118a54891448aa00ec2b
412d87ed273908195f1eabb541a5806339218afff763e467e14c87419d100903
436016caee68b71d4aaa5d3ed729d8ec8831119a281bcb0efc030bfb3772c19a
44876f1660fb9559c9153a1abc2fc7eee4f24a041934d5f996c7c754fd56c2f9
449ff15b1ea450f54ff637e6e6f234b8820e73eea995c94d1b8aecf8f548c399
4a38881c4b1098a9487f3378dd9ddd8290d3cf545a9d8823b310ebe05276ba8b
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
5001b2dc70f3f5632ec403d473a75cb956b4ecebfdf048597f2335b9582c838d
54016b28da521e3b7cc8e80f5666067addb10b1ade446497a132dca999558524
5ed2f1c5e15079f95a1a4cb3af72a70830fb79e2709a6c6c9b3524315d0762bc
649e0176d5dff67aac71f19607c6127034b2746b64f6751532bf6da906357346
6595729f6b1ffd5a1824115388ef9dc7b70eef861f015c542ecbd000fe86ca62
67bb5d3f0babdb618b617da4323de8bd0776f5476ee9e9894d1cb17c108e5e0a
72256b3ac149b5fcab20c9b2f7cbe3d9e9fae600fa0da6b1ac9c93e6cc6f30dc
770985bafb62d3563efdf3a4936b8c716a169d411d5690e3c558ff1cebaa30eb
7ad2b4d9cb03bd95b411f9948831be7c1e73184737e18c0b63762439fad9395d
7bc4f3fa66d42fd1999cb018d3e4024325dd6a96ee9e0a942d71f37ac875153d
805883a3d55f1f91c93ab6f29964bb4697a795f983a7b763ec4ee8f5e7ab8751
8103f55ca9e452eecf15583e1e249e9aae64f1cbe9b1ee298615850a4b1feb09
86fc2aaa509a1232bf93a6caea92aea0bfc60e857291e7a57576d3427ed24c81
88798412d3dd8fd0408e44f3b0f4773c078de17d8bb24388a760bf920f15bea4
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8b104b2fea2acd4b164a95a24f40b2cdbfbc3cbf4a9ae07dac3fe2077bbcffee
90208ed29dceaf2ef6221fa41d42119f982ad7329ba7f7036fe587d8d4e79efd
918db8b4979068a9cb734d829db09aee6bba5a032ff1da8b3bad15d753a4a58e
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
9de26d1f5da8e98ab08b6110aaf9f5f713ccd5b342039076a9ff42762f392059
9f599724618924b51219094b945d3fa021e415ad53b8a6e505248899c87ecb50
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a6ef522b2ae7a9e061f3524c8cbf6cd9b790e743f5cd447a421e36f27115ac56
ae1a512c4dfaa16d2160fd6333ccda10d58d7cfea4e203b6c4fe665f25d40aff
b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df
ba036504b61b16648928fe5aa78ec76e99281410473c73c65b2dfa503ac3f5df
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
ce54c0435f6bb41736fdf5a11a1c2dc450ad32d5277672f42262ef8e3029713d
d03e78b6659950e76ac5aa720c8111f717a6994b96c1c7d12bff40af7ac18fa7
d262c0c8e3174b69d5fab4723e0c61b224a12bee57de62c63eb123261d8f42de
d2cacf91237152c21a1d3fc660492b1e8dd9564e2c0ffba69241594e8c3704b7
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d9e2053c23f9471813289f707de26d43df403fdc2ebd0d556dc1ea6db21f2738
dd4039f8afac6fd76b462c4fd4f90374b18db762719108491ac2e365196d71ac
de39875f5204548bbb5279a816ebe68fe2e1dd9f25d551ee2b55786d9fbd1d6e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c5d7ce87ea3f94933445ab0b11f0425b68d6c6fb15c3591dd7c2ba4117e404
e7f5b646778bda4e458cc439225628bfdfb41a1077e9aaa656ee3d42e8378ca6
e819a07700bb48dfcddc3ae3318dc299ee54252c2c8bb573530f95878e78ae9e
eb37bb6de598a600e2f4a86ad5c47ad6a0580e8f43bfaded9e6684a1535016bd
f0d788ba51394c394730fb391af4978971e5629a8cdf3fc470e943b207c9bad4
f1fd3ed583a7fcc059d605ddeb63985e522712d3ad6e5de3b0764fd0879fee3d
f2fa0a048c5d86fd5a08c19befc4d4c039fb61e0ca8453bbc72111a21873a044
f2fc5ac37e0525878318a3545db34c7684ef1d53447c846ae9b056a1a7d62ab5
f8a95719f97006bd286f678a38eb1d7871ba84a84bef75c7107a78f2e17b0583
fd7007994e9326288852a7f330970b9b98edc32e64924c71022c2569d35129f8

srv186287.hoster-test.ru Open in urlscan Pro 31.28.24.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

92 %HTTPS

60 %IPv6

9 Domains

16 Subdomains

15 IPs

6 Countries

5549 kBTransfer

17410 kBSize

8 Cookies

4 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

srv186287.hoster-test.ru Open in urlscan Pro
31.28.24.115 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

92 %
HTTPS

60 %
IPv6

9
Domains

16
Subdomains

15
IPs

6
Countries

5549 kB
Transfer

17410 kB
Size

8
Cookies

78 HTTP transactions
7 data transactions