urlscan.io logo urlscan.io
SecurityTrails logo

www.allfordrugs.com Open in urlscan Pro
162.241.24.224  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://allfordrugs.com/
Effective URL: http://www.allfordrugs.com/
Submission Tags: falconsandbox
Submission: On May 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 86 IPs in 10 countries across 78 domains to perform 441 HTTP transactions. The main IP is 162.241.24.224, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.allfordrugs.com.
This is the only time www.allfordrugs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 88 162.241.24.224 46606 (UNIFIEDLA...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
2 192.0.77.2 2635 (AUTOMATTIC)
1 45.58.124.226 23470 (RELIABLESITE)
2 192.0.72.28 2635 (AUTOMATTIC)
2 144.76.166.55 24940 (HETZNER-AS)
1 2600:9000:214... 16509 (AMAZON-02)
2 204.11.58.210 46606 (UNIFIEDLA...)
33 2620:0:862:ed... 14907 (WIKIMEDIA)
1 18.66.122.42 16509 (AMAZON-02)
1 65.9.63.85 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 148.62.49.124 33070 (RMH-14)
1 2606:4700::68... 13335 (CLOUDFLAR...)
15 166.62.28.131 26496 (AS-26496-...)
2 2 2a00:1450:401... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
1 2 52.1.22.171 14618 (AMAZON-AES)
1 1 62.141.56.200 31103 (KEYWEB-AS)
1 87.118.73.226 31103 (KEYWEB-AS)
2 52.217.80.68 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a01:238:20a:... 6724 (STRATO ST...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.216.241.164 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 85.233.160.146 8622 (ISIONUK N...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 185.94.140.20 35280 (ACORUS)
1 9 104.75.88.126 16625 (AKAMAI-AS)
4 2a00:f820:425::3 34549 (MEER-AS m...)
1 52.216.141.222 16509 (AMAZON-02)
1 104.243.42.114 23470 (RELIABLESITE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 108.157.4.120 16509 (AMAZON-02)
1 14.1.22.220 55778 (WEBWEB-HK...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 151.101.2.114 54113 (FASTLY)
1 172.106.80.2 40676 (AS40676)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 34.102.136.180 396982 (GOOGLE-CL...)
1 2 193.189.143.34 34948 (TYPHON-AS)
1 63.135.106.45 203 (CENTURYLI...)
1 143.204.214.127 16509 (AMAZON-02)
1 1 76.223.65.111 16509 (AMAZON-02)
1 2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2 163.172.62.39 12876 (Online SAS)
2 2a00:1450:400... 15169 (GOOGLE)
1 82.99.3.235 12552 (IPO-EU)
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 199.232.194.2 54113 (FASTLY)
1 4 209.124.74.201 55293 (A2HOSTING)
1 2 2600:9000:205... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 13.107.42.13 8068 (MICROSOFT...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
2 104.20.229.67 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 23.216.77.216 20940 (AKAMAI-ASN1)
1 23.35.237.151 16625 (AKAMAI-AS)
60 2620:1ec:a92:... 8068 (MICROSOFT...)
1 2 104.117.200.54 16625 (AKAMAI-AS)
54 2a02:26f0:de:... 20940 (AKAMAI-ASN1)
3 143.204.214.142 16509 (AMAZON-02)
2 3.65.88.85 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.200 13414 (TWITTER)
1 2a05:d014:d43... 16509 (AMAZON-02)
1 4 52.142.114.2 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 104.92.80.28 16625 (AKAMAI-AS)
4 52.109.88.96 8075 (MICROSOFT...)
9 13.69.239.72 8075 (MICROSOFT...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 54.230.99.75 16509 (AMAZON-02)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a03:2880:f12... 32934 (FACEBOOK)
441 86
88    162.241.24.224 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5904.bluehost.com
allfordrugs.com
www.allfordrugs.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
jnn-pa.googleapis.com
3    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
1    45.58.124.226 (United States)

ASN23470 (RELIABLESITE, US)
PTR: s11.flagcounter.com
s08.flagcounter.com
2    192.0.72.28 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
newdrugapprovals.files.wordpress.com
2    144.76.166.55 (Tettnang, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.166.76.144.clients.your-server.de
slideplayer.com
1    2600:9000:214f:a200:6:2114:f4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.ema.europa.eu
2    204.11.58.210 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: plesk-web26.webhostbox.net
www.pragmetis.com
33    2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
1    18.66.122.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-42.fra60.r.cloudfront.net
media.cheggcdn.com
1    65.9.63.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-85.fra56.r.cloudfront.net
d2vlcm61l7u1fs.cloudfront.net
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    148.62.49.124 (United States)

ASN33070 (RMH-14, US)
PTR: 899288-db2.igem.org
parts.igem.org
1    2606:4700::6811:8e24 (United States)

ASN13335 (CLOUDFLARENET, US)
ars.els-cdn.com
15    166.62.28.131 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-166-62-28-131.ip.secureserver.net
drugapprovalsint.com
2    2a00:1450:4014:80a::2005 (Ireland)

ASN15169 (GOOGLE, US)
mail.google.com
4    2a00:1450:4001:82a::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
4    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh6.googleusercontent.com
images-blogger-opensocial.googleusercontent.com
s2.googleusercontent.com
2    52.1.22.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-22-171.compute-1.amazonaws.com
www.easycounter.com
1    62.141.56.200 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: ns.server10.newgrafix.com
www.123gifs.eu
1    87.118.73.226 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: server4.newgrafix.com
www.123gif.de
2    52.217.80.68 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
files.bannersnack.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
feeds.feedburner.com
1    2a01:238:20a:202:1143:: (Germany)

ASN6724 (STRATO STRATO AG, DE)
www.labcompliance.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t1.gstatic.com
1    52.216.241.164 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
twitter-badges.s3.amazonaws.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t3.gstatic.com
1    85.233.160.146 (United Kingdom)

ASN8622 (ISIONUK Namesco Limited, GB)
PTR: ztoa.namesco.net
www.chemistryrules.me.uk
1    2606:4700::6811:2169 (United States)

ASN13335 (CLOUDFLARENET, US)
www.researchgate.net
3    185.94.140.20 (France)

ASN35280 (ACORUS, FR)
PTR: 185-94-140-20.acorus.net
www.scoop.it
9    104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
api-public.addthis.com
4    2a00:f820:425::3 (Germany)

ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE)
jc.revolvermaps.com
rc.revolvermaps.com
1    52.216.141.222 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    104.243.42.114 (United States)

ASN23470 (RELIABLESITE, US)
PTR: s04.flagcounter.com
s04.flagcounter.com
3    2606:4700:20::681a:65d (United States)

ASN13335 (CLOUDFLARENET, US)
www.w3counter.com
pulse.w3counter.com
2    108.157.4.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-120.dus51.r.cloudfront.net
amcrasto.simplesite.com
1    14.1.22.220 (Los Angeles, United States)

ASN55778 (WEBWEB-HK International Trade Centre, HK)
www.scrubtheweb.com
2    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
buttons.googlesyndication.com
www.google.com
2    151.101.2.114 (United States)

ASN54113 (FASTLY, US)
www.bloglines.com
1    172.106.80.2 (United States)

ASN40676 (AS40676, US)
PTR: ns3.farlex.com
img.tfd.com
3    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.feedburner.com
translate.google.com
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
us.i1.yimg.com
1    34.102.136.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.136.102.34.bc.googleusercontent.com
www.newsgator.com
2    193.189.143.34 (Magny-les-Hameaux, France)

ASN34948 (TYPHON-AS, FR)
PTR: www.netvibes.com
www.netvibes.com
1    63.135.106.45 (United States)

ASN203 (CENTURYLINK-LEGACY-LVLT-203, US)
PTR: DomainID228526.com
www.bitty.com
1    143.204.214.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-127.fra53.r.cloudfront.net
image.excite.co.uk
1    76.223.65.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: afdda383cf24ec8c3.awsglobalaccelerator.com
www.fwicki.com
2    2a02:26f0:6c00:2a0::364d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.afternic.com
2    163.172.62.39 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-62-39.rev.poneytelecom.eu
www.webwag.com
2    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4.bp.blogspot.com
yt3.ggpht.com
1    82.99.3.235 (Stockholm, Sweden)

ASN12552 (IPO-EU, SE)
PTR: uklon0001-rc2.ip-only.net
www.blogkeen.com
2    2a06:98c1:3120::a (United States)

ASN13335 (CLOUDFLARENET, US)
www.synthesiswithcatalysts.com
2    199.232.194.2 (United States)

ASN54113 (FASTLY, US)
media.giphy.com
4    209.124.74.201 (United States)

ASN55293 (A2HOSTING, US)
PTR: 209.124.74.201.static.a2webhosting.com
www.albinoblacksheep.com
2    2600:9000:2057:8200:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
w.sharethis.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
onedrive.live.com
3    2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
9    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    104.20.229.67 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
2    2a00:1450:400f:805::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
21    23.216.77.216 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-216.deploy.static.akamaitechnologies.com
spoprod-a.akamaihd.net
1    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
60    2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
word-view.officeapps.live.com
2    104.117.200.54 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-54.deploy.static.akamaitechnologies.com
mc.us14.list-manage.com
54    2a02:26f0:de:591::1c24 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
c1h-word-view-15.cdn.office.net
3    143.204.214.142 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-142.fra53.r.cloudfront.net
d2fbkzyicji7c4.cloudfront.net
2    3.65.88.85 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-88-85.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a05:d014:d43:3101:c6ee:ea42:3836:6cbf (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
www.fourmilab.ch
4    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.live.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    104.92.80.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-80-28.deploy.static.akamaitechnologies.com
js.live.net
4    52.109.88.96 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
messaging.office.com
9    13.69.239.72 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
2    2606:4700:3030::ac43:dadd (United States)

ASN13335 (CLOUDFLARENET, US)
freychang.fun
3    54.230.99.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-99-75.arn1.r.cloudfront.net
audiosech.xyz
3    2a06:98c1:3121::a (United States)

ASN13335 (CLOUDFLARENET, US)
ckgroundan.xyz
1    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
88 allfordrugs.com
allfordrugs.com
www.allfordrugs.com
1 MB
72 live.com
onedrive.live.com — Cisco Umbrella Rank: 2631
word-view.officeapps.live.com — Cisco Umbrella Rank: 8360
c.live.com — Cisco Umbrella Rank: 9255
3 MB
54 office.net
c1h-word-view-15.cdn.office.net — Cisco Umbrella Rank: 5726
3 MB
33 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2213
438 KB
21 akamaihd.net
spoprod-a.akamaihd.net — Cisco Umbrella Rank: 6179
896 KB
15 drugapprovalsint.com
drugapprovalsint.com
180 KB
11 google.com
apis.google.com — Cisco Umbrella Rank: 100
mail.google.com — Cisco Umbrella Rank: 170
accounts.google.com — Cisco Umbrella Rank: 82
translate.google.com — Cisco Umbrella Rank: 1238
www.google.com — Cisco Umbrella Rank: 7
114 KB
9 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 280
browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 151
3 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
736 KB
8 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1493
m.addthis.com — Cisco Umbrella Rank: 1449
api-public.addthis.com — Cisco Umbrella Rank: 4078
218 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
ajax.googleapis.com — Cisco Umbrella Rank: 295
jnn-pa.googleapis.com — Cisco Umbrella Rank: 276
translate.googleapis.com — Cisco Umbrella Rank: 997
109 KB
6 gstatic.com
encrypted-tbn0.gstatic.com
t1.gstatic.com
t3.gstatic.com
fonts.gstatic.com
www.gstatic.com
45 KB
4 office.com
messaging.office.com — Cisco Umbrella Rank: 727
1 KB
4 sharethis.com
w.sharethis.com — Cisco Umbrella Rank: 18786
l.sharethis.com — Cisco Umbrella Rank: 4718
9 KB
4 albinoblacksheep.com
www.albinoblacksheep.com
10 KB
4 revolvermaps.com
jc.revolvermaps.com
rc.revolvermaps.com
10 KB
4 googleusercontent.com
lh6.googleusercontent.com — Cisco Umbrella Rank: 368
images-blogger-opensocial.googleusercontent.com — Cisco Umbrella Rank: 401887
s2.googleusercontent.com — Cisco Umbrella Rank: 33485
8 KB
4 cloudfront.net
d2vlcm61l7u1fs.cloudfront.net
d2fbkzyicji7c4.cloudfront.net
92 KB
3 ckgroundan.xyz
ckgroundan.xyz
2 KB
3 audiosech.xyz
audiosech.xyz
4 KB
3 live.net
js.live.net — Cisco Umbrella Rank: 5774
49 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
static.doubleclick.net — Cisco Umbrella Rank: 358
1 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 4114
60 KB
3 w3counter.com
www.w3counter.com — Cisco Umbrella Rank: 157019
pulse.w3counter.com — Cisco Umbrella Rank: 340821
5 KB
3 scoop.it
www.scoop.it — Cisco Umbrella Rank: 215984
2 KB
3 feedburner.com
feeds.feedburner.com — Cisco Umbrella Rank: 13449
www.feedburner.com — Cisco Umbrella Rank: 156588
2 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 664
syndication.twitter.com — Cisco Umbrella Rank: 954
133 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
86 KB
2 freychang.fun
freychang.fun — Cisco Umbrella Rank: 21790
101 KB
2 list-manage.com
mc.us14.list-manage.com — Cisco Umbrella Rank: 94738
1 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 12454
c.statcounter.com — Cisco Umbrella Rank: 8099
16 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 giphy.com
media.giphy.com — Cisco Umbrella Rank: 8318
668 KB
2 synthesiswithcatalysts.com
www.synthesiswithcatalysts.com
748 B
2 webwag.com
www.webwag.com
339 B
2 afternic.com
www.afternic.com — Cisco Umbrella Rank: 56794
2 KB
2 netvibes.com
www.netvibes.com — Cisco Umbrella Rank: 122441
1 KB
2 bloglines.com
www.bloglines.com — Cisco Umbrella Rank: 396888
306 B
2 simplesite.com
amcrasto.simplesite.com
7 KB
2 amazonaws.com
twitter-badges.s3.amazonaws.com — Cisco Umbrella Rank: 173407
s3.amazonaws.com
131 KB
2 linkedin.com
www.linkedin.com — Cisco Umbrella Rank: 616
4 KB
2 bannersnack.com
files.bannersnack.com
2 easycounter.com
www.easycounter.com — Cisco Umbrella Rank: 357965
798 B
2 pragmetis.com
www.pragmetis.com
88 KB
2 slideplayer.com
slideplayer.com — Cisco Umbrella Rank: 29747
134 KB
2 wordpress.com
newdrugapprovals.files.wordpress.com
301 KB
2 flagcounter.com
s08.flagcounter.com — Cisco Umbrella Rank: 649483
s04.flagcounter.com — Cisco Umbrella Rank: 257335
30 KB
2 wp.com
i0.wp.com — Cisco Umbrella Rank: 3053
36 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
1 bing.com
c.bing.com — Cisco Umbrella Rank: 232
1 KB
1 fourmilab.ch
www.fourmilab.ch — Cisco Umbrella Rank: 956256
15 KB
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1736
556 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 374
1 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 105
22 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 211
3 KB
1 blogkeen.com
www.blogkeen.com
1 blogspot.com
4.bp.blogspot.com — Cisco Umbrella Rank: 11004
5 KB
1 fwicki.com
www.fwicki.com
334 B
1 excite.co.uk
image.excite.co.uk
2 KB
1 bitty.com
www.bitty.com
850 B
1 newsgator.com
www.newsgator.com — Cisco Umbrella Rank: 785814
1 yimg.com
us.i1.yimg.com — Cisco Umbrella Rank: 228342
2 KB
1 tfd.com
img.tfd.com — Cisco Umbrella Rank: 50498
912 B
1 googlesyndication.com
buttons.googlesyndication.com — Cisco Umbrella Rank: 769701
3 KB
1 scrubtheweb.com
www.scrubtheweb.com
2 KB
1 researchgate.net
www.researchgate.net — Cisco Umbrella Rank: 12296
3 KB
1 chemistryrules.me.uk
www.chemistryrules.me.uk
5 KB
1 labcompliance.com
www.labcompliance.com
1 123gif.de
www.123gif.de
24 KB
1 123gifs.eu
www.123gifs.eu
274 B
1 els-cdn.com
ars.els-cdn.com — Cisco Umbrella Rank: 24750
36 KB
1 igem.org
parts.igem.org
44 KB
1 cheggcdn.com
media.cheggcdn.com — Cisco Umbrella Rank: 32252
122 KB
1 europa.eu
www.ema.europa.eu — Cisco Umbrella Rank: 136890
10 KB
0 podcastready.com Failed
www.podcastready.com Failed
0 networkedblogs.com Failed
static.networkedblogs.com Failed
nwidget.networkedblogs.com Failed
0 feedjit.com Failed
feedjit.com Failed
0 ntlworld.com Failed
homepage.ntlworld.com Failed
441 78
Domain Requested by
87 www.allfordrugs.com www.allfordrugs.com
60 word-view.officeapps.live.com onedrive.live.com
word-view.officeapps.live.com
c1h-word-view-15.cdn.office.net
www.allfordrugs.com
54 c1h-word-view-15.cdn.office.net word-view.officeapps.live.com
c1h-word-view-15.cdn.office.net
33 upload.wikimedia.org www.allfordrugs.com
21 spoprod-a.akamaihd.net onedrive.live.com
15 drugapprovalsint.com www.allfordrugs.com
9 www.youtube.com www.allfordrugs.com
www.youtube.com
8 onedrive.live.com www.allfordrugs.com
spoprod-a.akamaihd.net
onedrive.live.com
6 browser.events.data.microsoft.com c1h-word-view-15.cdn.office.net
4 messaging.office.com c1h-word-view-15.cdn.office.net
4 c.live.com 1 redirects www.allfordrugs.com
4 jnn-pa.googleapis.com www.youtube.com
4 www.albinoblacksheep.com 1 redirects www.allfordrugs.com
www.albinoblacksheep.com
4 s7.addthis.com 1 redirects www.allfordrugs.com
s7.addthis.com
4 accounts.google.com www.allfordrugs.com
3 browser.pipe.aria.microsoft.com c1h-word-view-15.cdn.office.net
3 ckgroundan.xyz www.allfordrugs.com
3 audiosech.xyz d2fbkzyicji7c4.cloudfront.net
3 api-public.addthis.com s7.addthis.com
3 js.live.net c1h-word-view-15.cdn.office.net
3 d2fbkzyicji7c4.cloudfront.net www.albinoblacksheep.com
audiosech.xyz
3 static.addtoany.com www.allfordrugs.com
static.addtoany.com
3 jc.revolvermaps.com www.allfordrugs.com
3 www.scoop.it 1 redirects www.allfordrugs.com
www.scoop.it
3 connect.facebook.net www.allfordrugs.com
connect.facebook.net
2 freychang.fun d2fbkzyicji7c4.cloudfront.net
2 translate.googleapis.com
2 l.sharethis.com w.sharethis.com
www.allfordrugs.com
2 mc.us14.list-manage.com 1 redirects www.allfordrugs.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 www.google-analytics.com www.allfordrugs.com
www.google-analytics.com
2 translate.google.com 1 redirects www.allfordrugs.com
2 w.sharethis.com 1 redirects www.allfordrugs.com
2 media.giphy.com www.allfordrugs.com
2 www.synthesiswithcatalysts.com 1 redirects www.allfordrugs.com
2 www.webwag.com 1 redirects www.allfordrugs.com
2 www.afternic.com 1 redirects www.allfordrugs.com
2 www.netvibes.com 1 redirects www.allfordrugs.com
2 www.bloglines.com 1 redirects www.allfordrugs.com
2 amcrasto.simplesite.com www.allfordrugs.com
2 www.w3counter.com www.allfordrugs.com
2 s2.googleusercontent.com 2 redirects
2 www.linkedin.com 1 redirects www.allfordrugs.com
2 feeds.feedburner.com www.allfordrugs.com
2 files.bannersnack.com www.allfordrugs.com
2 www.easycounter.com 1 redirects www.allfordrugs.com
2 mail.google.com 2 redirects
2 www.pragmetis.com www.allfordrugs.com
2 slideplayer.com www.allfordrugs.com
2 newdrugapprovals.files.wordpress.com www.allfordrugs.com
2 i0.wp.com www.allfordrugs.com
2 platform.twitter.com www.allfordrugs.com
platform.twitter.com
2 apis.google.com www.allfordrugs.com
apis.google.com
1 www.facebook.com www.allfordrugs.com
1 rc.revolvermaps.com jc.revolvermaps.com
1 c.bing.com 1 redirects
1 www.fourmilab.ch www.albinoblacksheep.com
1 syndication.twitter.com platform.twitter.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 pulse.w3counter.com www.w3counter.com
1 z.moatads.com s7.addthis.com
1 www.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.allfordrugs.com
1 www.blogkeen.com www.allfordrugs.com
1 4.bp.blogspot.com www.allfordrugs.com
1 www.fwicki.com 1 redirects
1 image.excite.co.uk www.allfordrugs.com
1 www.bitty.com www.allfordrugs.com
1 www.newsgator.com www.allfordrugs.com
1 us.i1.yimg.com www.allfordrugs.com
1 www.feedburner.com www.allfordrugs.com
1 img.tfd.com www.allfordrugs.com
1 buttons.googlesyndication.com www.allfordrugs.com
1 www.scrubtheweb.com www.allfordrugs.com
1 s04.flagcounter.com www.allfordrugs.com
1 s3.amazonaws.com www.allfordrugs.com
1 www.researchgate.net www.allfordrugs.com
1 www.chemistryrules.me.uk www.allfordrugs.com
1 t3.gstatic.com www.allfordrugs.com
1 twitter-badges.s3.amazonaws.com www.allfordrugs.com
1 t1.gstatic.com www.allfordrugs.com
1 www.labcompliance.com www.allfordrugs.com
1 www.123gif.de www.allfordrugs.com
1 www.123gifs.eu 1 redirects
1 images-blogger-opensocial.googleusercontent.com www.allfordrugs.com
1 lh6.googleusercontent.com www.allfordrugs.com
1 ars.els-cdn.com www.allfordrugs.com
1 parts.igem.org www.allfordrugs.com
1 encrypted-tbn0.gstatic.com www.allfordrugs.com
1 d2vlcm61l7u1fs.cloudfront.net www.allfordrugs.com
1 media.cheggcdn.com www.allfordrugs.com
1 www.ema.europa.eu www.allfordrugs.com
1 s08.flagcounter.com www.allfordrugs.com
1 ajax.googleapis.com www.allfordrugs.com
1 fonts.googleapis.com www.allfordrugs.com
1 allfordrugs.com 1 redirects
0 www.podcastready.com Failed www.allfordrugs.com
0 nwidget.networkedblogs.com Failed www.allfordrugs.com
0 static.networkedblogs.com Failed www.allfordrugs.com
0 feedjit.com Failed www.allfordrugs.com
0 homepage.ntlworld.com Failed www.allfordrugs.com
441 108

This site contains links to these domains. Also see Links.

Domain
simplesharebuttons.com
www.facebook.com
plus.google.com
twitter.com
reddit.com
www.linkedin.com
www.stumbleupon.com
flattr.com
www.tumblr.com
bufferapp.com
www.digg.com
data.pharmacodiaglobal.com
www.addtoany.com
www.laurelmes.com
laurusis.com
www.youtube.com
www.google.co.in
www.researchgate.net
www.ema.europa.eu
esubmission.ema.europa.eu
www.hma.eu
www.pragmetis.com
en.wikipedia.org
de.wikipedia.org
www.commonchemistry.org
chemapps.stolaf.edu
www.ebi.ac.uk
www.chemspider.com
echa.europa.eu
www.wikidata.org
pubchem.ncbi.nlm.nih.gov
fdasis.nlm.nih.gov
comptox.epa.gov
doi.org
archive.org
www.coyuchi.com
history.evonik.com
web.archive.org
www.ingenious.org.uk
ui.adsabs.harvard.edu
www.ncbi.nlm.nih.gov
pubmed.ncbi.nlm.nih.gov
www.worldcat.org
books.google.com
cwh.ucsc.edu
api.semanticscholar.org
www.wildcolours.co.uk
gallica.bnf.fr
www.nature.com
www.paradisefibers.com
www.timesonline.co.uk
eprints.gla.ac.uk
jchemed.chem.wisc.edu
www.accessdata.fda.gov
en.wiktionary.org
desktoppub.about.com
www.colorhexa.com
drugapprovalsint.com
www.w3.org
www.harappa.com
www.perseus.tufts.edu
www.nwhm.org
vanessafrance.wordpress.com
www.huris.com
www.mathworks.com
science-edu.larc.nasa.gov
apps.isiknowledge.com
www.newtonproject.sussex.ac.uk
www1.umn.edu
web.forret.com
www.irregulartimes.com
www.wdl.org
www.wired.com
wiccaliving.com
en.wikisource.org
www.ld-didactic.de
www.agexpharma.com
newdrugapprovals.org
newdrugapprovals.wordpress.com
worlddrugtracker.blogspot.in
medcheminternational.blogspot.in
drugsynthesisint.blogspot.in
drug-scaleup-and-manufacturing.webnode.com
amcrasto.webs.com
amcrasto.theeurekamoments.com
apisynthesisint.blogspot.in
sreenilabs.com
anthonymelvincrasto.brandyourself.com
www.easycounter.com
wordpress.org
google.feedburner.com
feeds2.feedburner.com
in.linkedin.com
www.twitter.com
orgspectroscopyint.blogspot.in
www.statcounter.com
statcounter.com
www.123gifs.eu
feeds.feedburner.com
http
www.tppharma.com
www.qijianbio.com
theturekclinic.com
www.ledenez.com
www.hengshuiwuliuwang.com
www.chinaboxing.com.cn
www.zjrunxin.net
www.hebeirunjie.com
www.zhongguodiping.com
www.slideshare.net
amcrasto.tumblr.com
info.flagcounter.com
www.w3counter.com
www.networkedblogs.com
www.bloglovin.com
about.me
greenchemclips.wordpress.com
anthonycrasto.wordpress.com
amcrasto.wix.com
sites.google.com
feedvalidator.org
www.scrubtheweb.com
fusion.google.com
www.bloglines.com
www.thefreedictionary.com
www.feedburner.com
add.my.yahoo.com
www.newsgator.com
www.netvibes.com
www.bitty.com
mix.excite.eu
www.fwicki.com
www.webwag.com
www.podcastready.com
100topblog.blogspot.com
www.blogkeen.com
www.synthesiswithcatalysts.com
www.carbanio.com
aquoid.com
www.ignitesocialmedia.com
www.addthis.com
Subject Issuer Validity Valid
*.apis.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.files.wordpress.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-28 -
2023-01-28		 a year crt.sh
*.slideplayer.com
R3		 2022-03-21 -
2022-06-19		 3 months crt.sh
ema.europa.eu
Amazon		 2021-07-03 -
2022-08-01		 a year crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-10-19 -
2022-11-17		 a year crt.sh
*.cheggcdn.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
els-cdn.com
Cloudflare Inc ECC CA-3		 2021-07-13 -
2022-07-12		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.researchgate.net
AlphaSSL CA - SHA256 - G2		 2021-09-15 -
2022-10-17		 a year crt.sh
*.giphy.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-04 -
2023-03-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-27 -
2022-05-28		 3 months crt.sh
onedrive.com
Microsoft RSA TLS CA 02		 2022-02-01 -
2023-02-01		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-06 -
2022-12-06		 a year crt.sh
*.scoop.it
Sectigo RSA Domain Validation Secure Server CA		 2020-03-30 -
2022-07-02		 2 years crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
officeapps.live.com
DigiCert Cloud Services CA-1		 2022-04-19 -
2023-04-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-15 -
2023-05-15		 a year crt.sh
*.cdn.office.net
Microsoft RSA TLS CA 01		 2022-01-05 -
2023-01-05		 a year crt.sh
mindfuldesignschool.com
R3		 2022-04-01 -
2022-06-30		 3 months crt.sh
sharethis.com
Amazon		 2021-09-01 -
2022-09-30		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
fourmilab.ch
R3		 2022-04-23 -
2022-07-22		 3 months crt.sh
p.sfx.ms
Microsoft RSA TLS CA 01		 2021-09-29 -
2022-09-29		 a year crt.sh
messaging.office.com
Microsoft RSA TLS CA 02		 2022-03-02 -
2023-03-02		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2022-03-02 -
2023-02-25		 a year crt.sh
c.msn.com
Microsoft Azure TLS Issuing CA 01		 2022-02-08 -
2023-02-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
audiosech.xyz
Amazon		 2022-05-15 -
2023-06-13		 a year crt.sh

This page contains 17 frames:

Primary Page: http://www.allfordrugs.com/
Frame ID: 92D27527BCA99531023A43168EA2D09F
Requests: 244 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21698&authkey=AEyGmKgcCfylBYQ&em=2
Frame ID: A8D4066537FC16E07E55C2AFD74F33F2
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NTOtI7HfE9I
Frame ID: C897B9367F901017A8CB686F466513BC
Requests: 19 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21696&authkey=AAiBHyhY5FXhPpo&em=2
Frame ID: AD965F5C1F1DEA787DD61C4404F0C844
Requests: 11 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21695&authkey=AFGZEzonZ2jUUMA&em=2
Frame ID: 6F84CD96A9925DEDB3CA821091C4AF18
Requests: 11 HTTP requests in this frame

Frame: https://www.scoop.it/button?url=http%3A%2F%2Fwww.allfordrugs.com%2F&position=horizontal
Frame ID: E929501A10C5086E31FED576722B0764
Requests: 1 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Frame ID: 3509A2C6D3BACBF055002A14B87717A7
Requests: 42 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Frame ID: D247DDA1A90A2F4A3529A08151A06F14
Requests: 40 HTTP requests in this frame

Frame: https://www.albinoblacksheep.com/earth-moon/mini
Frame ID: FDD462ACC011F27B08FCFFE5CEE57358
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=http%3A%2F%2Fwww.allfordrugs.com
Frame ID: B49C2B0CAC4775AAA456EF55EEB5D72C
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 16636CA7541A432DA2831767501820D1
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: DAB7FC74E59C8893831853AA32A33250
Requests: 1 HTTP requests in this frame

Frame: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Frame ID: 5B8675ED0A06986CD2BC6CB14E3D30BD
Requests: 49 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: 8706F43ED045A0DD0D052E1050944049
Requests: 1 HTTP requests in this frame

Frame: http://rc.revolvermaps.com/w/1/a/a.php?i=2afvg8irrbf&s=220&m=0&v=false&r=false&b=000000&n=false&c=ff0000
Frame ID: 6EA84499EBC01A012F6F52C3F9058B65
Requests: 1 HTTP requests in this frame

Frame: http://audiosech.xyz/THdObGotFS0BVS1KLEofPhtzSVgKUnwqDn4RLAcQNR4tBgN7FHpCCSAYOwgMPhggGEQiEjpJWAonGAIoHhYgLVsEDXYhPjU+FCI8KD8UKQInIBsqHQseByoiJS0AJxAjIwE4CQo0CjkOAjUYNSIONmteLAsiOSkmDiU9OwYVQQs4UgIjFi08HAAiIjB9LjkoAgYFHCQJKTYKBwguNiUoIw0YJigSI08LFjwBNRoIJBw2Gyc6NAB3L1saHAABOAkmBiIpFSIHJDo0Q38uOy8bGDskLT8nJjwVRj4uMCBCJjhaASIYOyQtNTRUDxZGezowGD1+Oy8NAhwBRxozGDs4DToMAysDHxsBLjQ+dys5GicfBCgKLiJdDxYiFFw9CTVrXigLDSUJIhgHGDUTICEUKSt1NjYfEBogAA0sNjoaIw0aLS1cICQ0HAsBBA05PDwbJnw1LDw1KykoaUUINAEgHR80Uy8lBiIpFSUlPicOMiQtWxocAAE4FiV9BC4WRzkqC3wyaAYZIxk+URAcFCErPi4yBSgufhsIIyI
Frame ID: B665FA079E4F6C7C18FC74A59AECA4AC
Requests: 2 HTTP requests in this frame

Frame: http://audiosech.xyz/RmxacjMnDjkfDCdROFRGNABnVwEASWg0V3QKOBlJPwU5GFpxD25cUCoDLxZVNAM0Bh0oCS5XAQAmFSVLHj9pNFIHFjEGZy1cHD8AHCsZHlsqCh8VVQQFCxl7dgAIMHshGw4xVAUkIgIHBRQbS2V2XA0/ABwuEgVydCYIK3YVBhMediE+PhFgKToNQ3UsDgsgahM4NRlwdy0bPUo2ORkLQy82DzdQHgE+GHEqLRk/ShcrCRlfKgkiS30VOwxFYgcAGSgBcy8/Ql8qCS0oYgcBHFcBADobHUYlAjYwYhAcMCtfFyACNmpxLQwneQ8vbiZmITkwEFgISWg0ZBFBCEprMRw7EV0qLh8jUGNeHCJLPjoJJWYPOhsGUAkVExNrAwA2F0scDx4IRC07GApWHBU9KGAxIWw+XxcgER9pcT0YFlAjNGM7dwBdbxRmEw8CH1ByKRxKfQw/ECdwPxwzF3YfNAJAdTIuGyBXYAYpHV02UQlBcjMoDyZYBwsdBA
Frame ID: 164B15D8E10E6CD143CC6336157B38C0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

All About Drugs – Tout sur les médicaments הכל על תרופות كل شيئ عن الأدوية Все о наркотиках 关于药品的一切 డ్రగ్స్ గురించి అన్ని 마약에 관한 모든 것 Όλα για τα Ναρκωτικά Complete Tracking of Drugs Across the World by Dr Anthony Melvin Crasto, Worldpeacepeaker, worlddrugtracker, PH.D (ICT), MUMBAI, INDIA, Worlddrugtracker, Helping millions, 9 million hits on google on all websites, 2.5 lakh connections on all networks, “ALL FOR DRUGS” CATERS TO EDUCATION GLOBALLY, No commercial exploits are done or advertisements added by me. This is a compilation for educational purposes only. P.S. : The views expressed are my personal and in no-way suggest the views of the professional body or the company that I representALL ABOUT DRUGSALL ABOUT DRUGSFacebookTwitterPrintEmailAddThis

Page URL History Show full URLs

  1. http://allfordrugs.com/ HTTP 301
    http://www.allfordrugs.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • \.revolvermaps\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • w\.sharethis\.com/
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • w3counter\.com/tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

441
Requests

60 %
HTTPS

48 %
IPv6

78
Domains

108
Subdomains

86
IPs

10
Countries

12870 kB
Transfer

33064 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://allfordrugs.com/ HTTP 301
    http://www.allfordrugs.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://connect.facebook.net/en_US/all.js?ver=4.4.27 HTTP 307
  • https://connect.facebook.net/en_US/all.js?ver=4.4.27
Request Chain 101
  • https://mail.google.com/mail/u/0?ui=2&ik=ea058c9211&attid=0.0.1&permmsgid=msg-f:1677807714282346843&th=1748c53a0b35995b&view=fimg&sz=s0-l75-ft&attbid=ANGjdJ_QxrK589_Oy96RN_KhZwl2LiWpEXXFyNI-F7F8wz4loo4lHzF-hxNVcQQbTzA458qrAc3a5BRNOrE9KKHe4KGkUUMVmmekE8RXLVHxJIMtg5TEFhN5lDQF4-I&disp=emb HTTP 302
  • https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/?ui%3D2%26ik%3Dea058c9211%26attid%3D0.0.1%26permmsgid%3Dmsg-f:1677807714282346843%26th%3D1748c53a0b35995b%26view%3Dfimg%26sz%3Ds0-l75-ft%26attbid%3DANGjdJ_QxrK589_Oy96RN_KhZwl2LiWpEXXFyNI-F7F8wz4loo4lHzF-hxNVcQQbTzA458qrAc3a5BRNOrE9KKHe4KGkUUMVmmekE8RXLVHxJIMtg5TEFhN5lDQF4-I%26disp%3Demb&scc=1&ltmpl=googlemail&emr=1&osid=1
Request Chain 110
  • http://www.easycounter.com/counter.php?amcrasto HTTP 301
  • https://www.easycounter.com/counter.php?amcrasto
Request Chain 111
  • http://www.123gifs.eu/free-gifs/quills/feder-0005.gif HTTP 301
  • https://www.123gif.de/free-gifs/quills/feder-0005.gif
Request Chain 115
  • http://www.linkedin.com/img/webpromo/btn_viewmy_160x33.png HTTP 301
  • https://www.linkedin.com/img/webpromo/btn_viewmy_160x33.png
Request Chain 116
  • https://s2.googleusercontent.com/s2/favicons?domain=www.facebook.com&alt=p HTTP 301
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.facebook.com&size=16
Request Chain 118
  • https://s2.googleusercontent.com/s2/favicons?domain=plus.google.com&alt=p HTTP 301
  • https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://plus.google.com&size=16
Request Chain 121
  • https://mail.google.com/mail/?ui=2&ik=ea058c9211&view=att&th=12e47a2ac5dc5739&attid=0.7&disp=emb&zw HTTP 302
  • https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/?ui%3D2%26ik%3Dea058c9211%26view%3Datt%26th%3D12e47a2ac5dc5739%26attid%3D0.7%26disp%3Demb%26zw&scc=1&ltmpl=googlemail&emr=1&osid=1
Request Chain 123
  • http://www.scoop.it/button/scit.js HTTP 302
  • https://www.scoop.it/button/scit.js
Request Chain 130
  • http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
  • https://s7.addthis.com/js/300/addthis_widget.js
Request Chain 149
  • http://www.bloglines.com/images/sub_modern11.gif HTTP 301
  • https://www.bloglines.com/images/sub_modern11.gif
Request Chain 154
  • http://www.netvibes.com/img/add2netvibes.gif HTTP 301
  • https://www.netvibes.com/img/add2netvibes.gif
Request Chain 157
  • http://www.fwicki.com/images/ui/fwicki_clicklet.png HTTP 302
  • https://www.afternic.com/forsale/www.fwicki.com?utm_source=TDFS_DASLNC&utm_medium=DASLNC&utm_campaign=TDFS_DASLNC&traffic_type=TDFS_DASLNC&traffic_id=daslnc& HTTP 302
  • https://www.afternic.com/forsale/fwicki.com?utm_source=TDFS_DASLNC&utm_medium=DASLNC&utm_campaign=TDFS_DASLNC&traffic_type=TDFS_DASLNC&traffic_id=daslnc&
Request Chain 158
  • http://www.webwag.com/images/wwgthis.gif HTTP 301
  • https://www.webwag.com/images/wwgthis.gif
Request Chain 165
  • http://www.synthesiswithcatalysts.com/images/logo.jpg HTTP 301
  • https://www.synthesiswithcatalysts.com/images/logo.jpg
Request Chain 170
  • http://www.albinoblacksheep.com/earth-moon/embed.js HTTP 301
  • https://www.albinoblacksheep.com/earth-moon/embed.js
Request Chain 178
  • http://w.sharethis.com/button/st_insights.js HTTP 301
  • https://w.sharethis.com/button/st_insights.js
Request Chain 180
  • http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit HTTP 301
  • https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Request Chain 193
  • http://connect.facebook.net/en_US/sdk.js HTTP 307
  • https://connect.facebook.net/en_US/sdk.js
Request Chain 194
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 201
  • http://static.addtoany.com/menu/page.js HTTP 307
  • https://static.addtoany.com/menu/page.js
Request Chain 216
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 237
  • http://mc.us14.list-manage.com/subscribe/form-settings?u=dc68c77b5ddfb530cb6930297&id=6ba142263f&u=dc68c77b5ddfb530cb6930297&id=6ba142263f&c=dojo_request_script_callbacks.dojo_request_script0 HTTP 307
  • https://mc.us14.list-manage.com/subscribe/form-settings?u=dc68c77b5ddfb530cb6930297&id=6ba142263f&u=dc68c77b5ddfb530cb6930297&id=6ba142263f&c=dojo_request_script_callbacks.dojo_request_script0
Request Chain 324
  • https://c.live.com/c.gif?DI=15347&wlxid=7ad1430f-a3fe-436a-af1e-aee35c4cda0a&reqid=001e8e28fb8&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99B84A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D2535%26IR%3D1%26EX%3D0%26L.h%3D1552%26L.sjs%3D1684%26L.ttg%3D1552%26C.st%3D1653108986969%26N.domIn%3D1566%26N.req%3D924%26N.resp%3D2%26N.navType%3D0%26N.redirectCount%3D0&r=0.004570106344270908 HTTP 302
  • https://c.bing.com/c.gif?DI=15347&wlxid=7ad1430f-a3fe-436a-af1e-aee35c4cda0a&reqid=001e8e28fb8&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99B84A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D2535%26IR%3D1%26EX%3D0%26L.h%3D1552%26L.sjs%3D1684%26L.ttg%3D1552%26C.st%3D1653108986969%26N.domIn%3D1566%26N.req%3D924%26N.resp%3D2%26N.navType%3D0%26N.redirectCount%3D0&r=0.004570106344270908&CtsSyncId=BA8C88666CC84DCDA3777290BC0ED07F&RedC=c.live.com&MXFR=0486F0B3393261B22EBBE1183D326564 HTTP 302
  • https://c.live.com/c.gif?DI=15347&wlxid=7ad1430f-a3fe-436a-af1e-aee35c4cda0a&reqid=001e8e28fb8&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99B84A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D2535%26IR%3D1%26EX%3D0%26L.h%3D1552%26L.sjs%3D1684%26L.ttg%3D1552%26C.st%3D1653108986969%26N.domIn%3D1566%26N.req%3D924%26N.resp%3D2%26N.navType%3D0%26N.redirectCount%3D0&r=0.004570106344270908&CtsSyncId=BA8C88666CC84DCDA3777290BC0ED07F&MUID=0486F0B3393261B22EBBE1183D326564

441 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.allfordrugs.com/
Redirect Chain
  • http://allfordrugs.com/
  • http://www.allfordrugs.com/
454 KB
148 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache /
Resource Hash
0defae5096080298c530b765aed1eb778622527ada34a909ff7643d00604fb4f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 May 2022 04:56:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=75
Link
<http://www.allfordrugs.com/wp-json/>; rel="https://api.w.org/"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
Upgrade
h2,h2c
Vary
Accept-Encoding,User-Agent
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Upgrade, Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 May 2022 04:56:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=75
Location
http://www.allfordrugs.com/
Pragma
no-cache
Server
Apache
Upgrade
h2,h2c
Vary
User-Agent
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
net_shared_posts.css
www.allfordrugs.com/wp-content/plugins/network-shared-posts/ 		1 KB
879 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/plugins/network-shared-posts/net_shared_posts.css?ver=4.4.27
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
7c58457b4197da5cf6045e8cee98bfaba2848be0d1138ff24dec20388288c5b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jun 2013 06:17:51 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type
text/css
Keep-Alive
timeout=5, max=75
Content-Length
474
fbstyle.css
www.allfordrugs.com/wp-content/plugins/feedburner-form/control/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/plugins/feedburner-form/control/fbstyle.css?ver=4.4.27
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
754e7f3a85a201043c7045484113643c2d17353e5245ef31f4e3fbe41b0ced5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Feb 2016 02:11:40 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type
text/css
Keep-Alive
timeout=5, max=75
Content-Length
685
front_end_style.css
www.allfordrugs.com/wp-content/plugins/captcha/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/plugins/captcha/css/front_end_style.css?ver=4.4.27
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
db00fc9ec635de5e631d0ff39a30dc83d611d26fc2baba3880356355c137dcb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Aug 2016 11:29:57 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type
text/css
Keep-Alive
timeout=5, max=75
Content-Length
651
dashicons.min.css
www.allfordrugs.com/wp-includes/css/ 		45 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-includes/css/dashicons.min.css?ver=4.4.27
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
9c948e266f09df26573b74c768f84f62c443c84476d6e227ec580786174907ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Feb 2016 02:11:04 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Transfer-Encoding
chunked
Connection
Upgrade, Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type
text/css
Keep-Alive
timeout=5, max=75
Accept-Ranges
bytes
desktop_style.css
www.allfordrugs.com/wp-content/plugins/captcha/css/ 		2 KB
822 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/plugins/captcha/css/desktop_style.css?ver=4.4.27
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
7694092db9514c6643c47d692e5ac7bc1c924c3aa712c8ae4504a5cdd6cfb420

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Aug 2016 11:29:57 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type
text/css
Keep-Alive
timeout=5, max=75
Content-Length
417
style.min.css
www.allfordrugs.com/wp-content/plugins/page-views-count/assets/css/ 		282 B
558 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/plugins/page-views-count/assets/css/style.min.css?ver=1.4.0
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
04da323eda0bca5a733222a8c3b7855692340adff669d6d908c16d452013e4c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Aug 2016 07:52:35 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=74
Content-Length
179
css
fonts.googleapis.com/ 		380 B
912 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Indie+Flower&ver=4.4.27
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0cb4f3d810317e4c709e0177a03c48596e105f8709b56d38bcf05bf2fc20d6e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Sat, 21 May 2022 04:56:26 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Sat, 21 May 2022 04:56:26 GMT
style.css
www.allfordrugs.com/wp-content/themes/suffusion/ 		75 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/style.css?ver=4.4.9
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
326935ed5a633e3990c37fcf9b61be6fcfb2a56a2eebc9dc50927d4b5ccd8298

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Last-Modified
Wed, 10 Feb 2016 02:12:29 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Transfer-Encoding
chunked
Content-Type
text/css
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=74
skin.css
www.allfordrugs.com/wp-content/themes/suffusion/skins/light-theme-royal-blue/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/skins/light-theme-royal-blue/skin.css?ver=4.4.9
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
df7569d295f5b93e79e08f8324c867f901f0831a227f40ed0b8c15ede52d923f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Feb 2016 02:12:29 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=74
Content-Length
2528
rounded-corners.css
www.allfordrugs.com/wp-content/themes/suffusion/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/rounded-corners.css?ver=4.4.9
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
46056d679c41459e4ab553857d2549a0ccf93b491fd13841b06a26529e874d76

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Feb 2016 02:12:29 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=74
Content-Length
1423
custom-styles.css
www.allfordrugs.com/wp-content/uploads/suffusion/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/uploads/suffusion/custom-styles.css?ver=4.4.9
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
a5a4eee2f84df74c203391e2f8fbf67dc1cd3c1023848ca5ba3bcbd398511ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Jun 2015 14:21:08 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=74
Content-Length
4385
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/ui-darkness/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/ui-darkness/jquery-ui.css?ver=4.4.27
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ed18ee68d31d1a6ca29daab32f2e2d34801dbbf40f97646f4b43831a22cf361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 18 May 2022 07:52:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
248617
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
6070
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 18 May 2023 07:52:49 GMT
addtoany.min.css
www.allfordrugs.com/wp-content/plugins/add-to-any/ 		1 KB
838 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.12
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
0169ba6bc42abb42f072c01caf8ca60ba106975992f1914d8f96690db3e49928

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Aug 2016 08:11:47 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=73
Content-Length
459
jquery.js
www.allfordrugs.com/wp-includes/js/jquery/ 		94 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-includes/js/jquery/jquery.js?ver=1.11.3
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Last-Modified
Tue, 25 Aug 2015 07:11:10 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Transfer-Encoding
chunked
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=73
jquery-migrate.min.js
www.allfordrugs.com/wp-includes/js/jquery/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Sun, 19 Jan 2014 05:15:12 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=73
Content-Length
3268
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js?ver=4.4.27
  • https://connect.facebook.net/en_US/all.js?ver=4.4.27
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?ver=4.4.27
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
afbb624cd9ae5618544ad1be58251d75bdf64d085450048aceddc606cbfb8ef5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
9jh/69KKIwrMFlAG0uge6w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sat, 21 May 2022 05:16:26 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1684
x-fb-rlafr
0
x-fb-debug
duoP9QYb6Uv9pKubDd44IN98jFloyZP8ezlAA4J0qnAPvyaZCRenFqGtqo5mtE+d3tfWl8t8AgHJsr7+uxFJdQ==
x-fb-trip-id
917726464
x-fb-content-md5
532dabb626403d94f6cf567370bc11ad
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 21 May 2022 04:56:26 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-content-cdn-origin-ts
1653108986127
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"ee1619543b6a61642a965daae83c16ec"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5

Redirect headers

Location
https://connect.facebook.net/en_US/all.js?ver=4.4.27#xfbml=1
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js?ver=4.4.27
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a46e721738fe773283959d5c78be8e4b74f398ef65efddcc2bc8b2c87f6b02b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20362
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Sat, 21 May 2022 04:56:26 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"63dec9bbc38e8ea1"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 May 2022 04:56:26 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js?ver=4.4.27
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8E) /
Resource Hash
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Age
881
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29461
x-tw-cdn
VZ
Last-Modified
Sun, 15 May 2022 20:06:46 GMT
Server
ECS (amb/6B8E)
Etag
"f1369725ba22125b0df0251e74090aa0+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
suffusion.js
www.allfordrugs.com/wp-content/themes/suffusion/scripts/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/scripts/suffusion.js?ver=4.4.9
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
98572c10296b382ce4d77cacbf12bf3b2a9680611fab3a865feb35d0a2cd799a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Feb 2016 02:12:29 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=73
Content-Length
11014
bubble.js
www.allfordrugs.com/wp-content/plugins/follow-me/js/ 		1 KB
769 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/plugins/follow-me/js/bubble.js
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
6caa81541b5c87c24029ecc21347fda3fb0691243d4d8a9054bae46c6f5457e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jun 2013 06:17:52 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=72
Content-Length
376
style.css
www.allfordrugs.com/wp-content/plugins/follow-me/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/plugins/follow-me/css/style.css
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
4a59fc61d6acc6bea9418c85f3ccaba25af11f593f70e4299988874714a46eb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jun 2013 06:17:52 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=73
Content-Length
743
facebook.png
www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/ 		204 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/facebook.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
ca806173739fb0438dcc8525994bb1d059465a9b2f333e431362527ec161fb75

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sun, 14 Aug 2016 05:18:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=71
Content-Length
204
google.png
www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/ 		809 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/google.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
83853734a305cdfd9edba7cbc8ea69aaea31eddd72d689b33042f1c0c49bea2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sun, 14 Aug 2016 05:18:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=73
Content-Length
809
twitter.png
www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/ 		300 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/twitter.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
f90915db46a74069adae201fd95ce4c809f01e9e81ac68b115cecb30a3f422cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sun, 14 Aug 2016 05:18:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=71
Content-Length
300
reddit.png
www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/ 		514 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/reddit.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
bbe91504a09140d13351499873e660b9494cc6b4a851d3ba3992f4d3d94167d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sun, 14 Aug 2016 05:18:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=69
Content-Length
514
linkedin.png
www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/ 		265 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/linkedin.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
9aa3744a86bce320cb18b6de7452a23e9951dfece6db7ebb158e87047c06ac65

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sun, 14 Aug 2016 05:18:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=71
Content-Length
265
stumbleupon.png
www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/ 		305 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/stumbleupon.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
e2d27f57875b98fff2e642b4fba35661199bd8dd23fa7498b6f8dbce5cd20cc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sun, 14 Aug 2016 05:18:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=70
Content-Length
305
flattr.png
www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/ 		438 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/flattr.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
ef299e50720bdcf3a1008de8d98e247875bf0162590ccaa5b4974fdb3f8f9dd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sun, 14 Aug 2016 05:18:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=70
Content-Length
438
pinterest.png
www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/ 		421 B
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/pinterest.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
25415822c6400c05d66414264823f232ed4135b50d058da9799c9699f598fc5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sun, 14 Aug 2016 05:18:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=71
Content-Length
421
tumblr.png
www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/ 		250 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/tumblr.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
e39abfd4ed883a07c05570177864c3ce5a72f55a8b79b7410ceebfc3a75369d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sun, 14 Aug 2016 05:18:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=70
Content-Length
250
email.png
www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/ 		297 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/email.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
2f6100bc6c388d2c529952df0b36345aa2aac2f6a22abef5c2f558adade5f4e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sun, 14 Aug 2016 05:18:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=68
Content-Length
297
buffer.png
www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/ 		436 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/buffer.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
38e02636781416dd7b3ff77fef63f5fd2f1e96db224bcae74c9214c459cba7d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sun, 14 Aug 2016 05:18:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=70
Content-Length
436
diggit.png
www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/ 		393 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/buttons/simple/diggit.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
d14de0e3dc5be11c2cc331a6e98b4b377c9f1c871412149d910e35faaa8e4756

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sun, 14 Aug 2016 05:18:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=69
Content-Length
393
str2.jpg
www.allfordrugs.com/wp-content/uploads/2022/04/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/uploads/2022/04/str2.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
1746895462e31894fb6dd855205cfe90e49aa8df7366d3aabbdee9fb81f4956c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Tue, 12 Apr 2022 08:57:08 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/jpeg
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=72
Content-Length
40402
gooey-scroll-arrow.gif
i0.wp.com/codemyui.com/wp-content/uploads/2016/10/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/codemyui.com/wp-content/uploads/2016/10/gooey-scroll-arrow.gif?fit=690%2C345&ssl=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
96c21773a9a306073347e4a8b8541db095f8c786c34478713bf5382ccb8eb1fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 21 May 2022 04:56:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 31 Dec 2021 14:13:13 GMT
server
nginx
etag
"648188aa2ab08dc4"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://codemyui.com/wp-content/uploads/2016/10/gooey-scroll-arrow.gif>; rel="canonical"
content-length
31790
expires
Mon, 01 Jan 2024 02:13:13 GMT
IMG-20220412-WA0025.jpg
www.allfordrugs.com/wp-content/uploads/2022/04/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/uploads/2022/04/IMG-20220412-WA0025.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
5c0d3d40f6df7c4bec2acddf27ddcc3e72ef1d5815b296f44e8fd8b7a087a9f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Tue, 12 Apr 2022 09:28:26 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/jpeg
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=69
Content-Length
59584
str1.jpg
www.allfordrugs.com/wp-content/uploads/2022/04/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/uploads/2022/04/str1.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
3d6b3dc37e9b069ab65981453aa2a5c77528dbf5b22c51409e5b100bfd82769c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Tue, 12 Apr 2022 08:54:29 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/jpeg
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=63
Content-Length
25226
IMG-20220412-WA0026-683x1024.jpg
www.allfordrugs.com/wp-content/uploads/2022/04/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/uploads/2022/04/IMG-20220412-WA0026-683x1024.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
8dafd115d36a6ae418a778c8d12812e30ff7bad3d817b7ad77ecab491d14fd92

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Tue, 12 Apr 2022 09:28:21 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/jpeg
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=68
Content-Length
43570
IMG-20220412-WA0027-683x1024.jpg
www.allfordrugs.com/wp-content/uploads/2022/04/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/uploads/2022/04/IMG-20220412-WA0027-683x1024.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
0ad9d5676bdd0af368c0df06312d0886e72a2bfa07f3811df72f15751d3cb099

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Tue, 12 Apr 2022 09:28:19 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/jpeg
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=69
Content-Length
58276
share_save_256_24.png
www.allfordrugs.com/wp-content/plugins/add-to-any/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/add-to-any/share_save_256_24.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
26356d5d75e80312c07f8edff6c4b79a1e56f34bae520d9dbb699cfef12f46d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Tue, 09 Aug 2016 08:11:47 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=64
Content-Length
2498
str1-1.jpg
www.allfordrugs.com/wp-content/uploads/2022/02/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/uploads/2022/02/str1-1.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
8160a522da5eb62cf9d8d30c6ac5dc397b043eb03c8d6382d539326b22d54b67

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Mon, 21 Feb 2022 08:10:49 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/jpeg
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=69
Content-Length
7446
str1.jpg
www.allfordrugs.com/wp-content/uploads/2022/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/uploads/2022/02/str1.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
9818dee454afc78c0e00fb8e626526286a35ed5c177adde0ee56d2bd339968fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Fri, 18 Feb 2022 13:50:52 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/jpeg
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=68
Content-Length
9846
ls.jpg
www.allfordrugs.com/wp-content/uploads/2022/01/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/uploads/2022/01/ls.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
1f93d6dc9f2aba741fba3365788cc601d36866aee6f0f49f9bd80550728e97cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Tue, 18 Jan 2022 06:27:18 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/jpeg
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=63
Content-Length
28852
str1-17-300x160.jpg
i0.wp.com/drugapprovalsint.com/wp-content/uploads/2021/12/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/drugapprovalsint.com/wp-content/uploads/2021/12/str1-17-300x160.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
1c003389bbcadef9af1b354a6754fa5b2f00a6e2935a6ea88283ac58bb1e7950
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 21 May 2022 04:56:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 21 Dec 2021 05:06:01 GMT
server
nginx
etag
"1bc96075695b07bb"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://drugapprovalsint.com/wp-content/uploads/2021/12/str1-17-300x160.jpg>; rel="canonical"
content-length
5034
expires
Thu, 21 Dec 2023 17:06:01 GMT
/
s08.flagcounter.com/count/lQv5/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_20/viewers_0/labels_1/pageviews_1/flags_1/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s08.flagcounter.com/count/lQv5/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_20/viewers_0/labels_1/pageviews_1/flags_1/
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
45.58.124.226 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
s11.flagcounter.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash
46fe595c03a201d2619b1bfe39dde0e3a68e074c9a8b1a68125bdff73abb2a0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 04:56:27 GMT
Cache-control
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Connection
close
Transfer-Encoding
chunked
Content-Type
image/png
wdt-16.jpg
newdrugapprovals.files.wordpress.com/2021/09/ 		300 KB
300 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newdrugapprovals.files.wordpress.com/2021/09/wdt-16.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1b40474b858de805939f53d92400fd728c680790fd4bbb2712f788a6da9ee90e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 28 np
date
Sat, 21 May 2022 04:56:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 21 Sep 2021 02:36:40 GMT
server
nginx
accept-ranges
bytes
vary
Origin
content-type
image/jpeg
access-control-allow-origin
https://newdrugapprovals.wordpress.com
x-orig-src
01_mogdir
access-control-allow-credentials
true
content-length
306983
expires
Wed, 08 Jun 2022 23:17:00 GMT
research.jpg
newdrugapprovals.files.wordpress.com/2018/03/ 		154 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newdrugapprovals.files.wordpress.com/2018/03/research.jpg?w=27
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f5f879872c9e7087e996fe67e77a635e8ebbbbd4e5f9a49c5a8537247ba5db65
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc
HIT hhn 28 np
date
Sat, 21 May 2022 04:56:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 18 Mar 2018 03:58:12 GMT
server
nginx
vary
Accept, Origin
content-type
image/webp
access-control-allow-origin
https://newdrugapprovals.wordpress.com
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
154
access-control-allow-credentials
true
expires
Fri, 27 May 2022 04:37:17 GMT
EU+DMF+%28EDMF+or+ASMF%29.jpg
slideplayer.com/slide/12432269/74/images/15/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slideplayer.com/slide/12432269/74/images/15/EU+DMF+%28EDMF+or+ASMF%29.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.166.55 Tettnang, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.166.76.144.clients.your-server.de
Software
nginx /
Resource Hash
1e261796ec9ef4a4d9a1ab1e679ed333c08aca8e4daf69711b1a51091b2a5cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sat, 27 Jan 2018 04:42:23 GMT
Server
nginx
Cache-Backend-Server
slideplayer-68
ETag
"5a6c032f-11bf3"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Link
<https://slideplayer.com/slide/12432269/74/images/15/EU+DMF+%28EDMF+or+ASMF%29.jpg>; rel="canonical"
Content-Length
72691
Expires
Sat, 28 May 2022 04:56:27 GMT
interactive_timeline.jpg
www.ema.europa.eu/sites/default/files/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ema.europa.eu/sites/default/files/interactive_timeline.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a200:6:2114:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
23b05c48297ab11f72d0e69f2de75353fcadff0c2b6bb1bcd9a4dec9a9b1667b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:27 GMT
via
1.1 varnish (Varnish/6.0), 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1435
x-cache
Miss from cloudfront
content-length
9912
last-modified
Wed, 04 Dec 2019 13:24:58 GMT
server
nginx/1.21.6
cache-control
public,max-age=0,s-maxage=0
etag
"26b8-598e0bd34be80"
strict-transport-security
max-age=31536000
x-varnish
206674268 207134254
x-application-tag
${DRUPAL_SITE_NAME?=drupal}
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
C7MqZY01uDwT99jToII37CY7HCVAmPyTXVKQA9hZmduch0I5tAMAvw==
logo.png
www.pragmetis.com/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.pragmetis.com/images/logo.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
204.11.58.210 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
plesk-web26.webhostbox.net
Software
/ ASP.NET
Resource Hash
a5e5f86fe6caf818d06cbc85776ec3548c98ba29080854726342bd6b2eab236d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 21 May 2022 04:56:46 GMT
Last-Modified
Tue, 25 Jun 2019 12:49:52 GMT
Server
X-Powered-By
ASP.NET
ETag
"96fa257b542bd51:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
29667
managing-director.jpg
www.pragmetis.com/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.pragmetis.com/images/managing-director.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
204.11.58.210 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
plesk-web26.webhostbox.net
Software
/ ASP.NET
Resource Hash
18c0c27e7335ea56091690317e8f8b52a1546503060efa8eb04fe88f33cc9503

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 21 May 2022 04:56:46 GMT
Last-Modified
Tue, 25 Jun 2019 12:49:52 GMT
Server
X-Powered-By
ASP.NET
ETag
"48b8a67b542bd51:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
59959
220px-Indigo_skeletal.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/2/22/Indigo_skeletal.svg/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/2/22/Indigo_skeletal.svg/220px-Indigo_skeletal.svg.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
1a716066fe333ba8bf3ffcd91132b150e845781a9a3c0f15ce6ca519a5168477
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 07:17:17 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
77949
x-cache-status
hit-front
x-cache
cp3059 hit, cp3051 hit/32
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
3757
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Wed, 22 Apr 2020 20:47:26 GMT
server
ATS/8.0.8
etag
4466c2e0ffe357db198dd6ca9ded63d4
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
Indigo_Synthesis_from_Cinnamic_Acid.svg
upload.wikimedia.org/wikipedia/commons/5/52/ 		77 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/5/52/Indigo_Synthesis_from_Cinnamic_Acid.svg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
ded4d91a71b2a9cb34007f73cdf24c27c3ae7b27ae86baf510395c94286ae679
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 22:31:57 GMT
content-encoding
gzip
vary
Accept-Encoding
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
23070
x-cache-status
hit-local
x-cache
cp3065 hit, cp3051 miss
server-timing
cache;desc="hit-local", host;desc="cp3051"
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
x-object-meta-sha1base36
lag3x952fgrk6j44lotixjrl8zn2t6h
accept-ranges
bytes
last-modified
Wed, 27 Mar 2019 13:10:33 GMT
server
ATS/8.0.8
etag
W/8f21c17fd3695fcc4628915ad791fb01
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
625px-Baeyer-Drewsen_indigo_synthesis_mechanism.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/7/7e/Baeyer-Drewsen_indigo_synthesis_mechanism.svg/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/7/7e/Baeyer-Drewsen_indigo_synthesis_mechanism.svg/625px-Baeyer-Drewsen_indigo_synthesis_mechanism.svg.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
5ea57846b0581b006dd0ff147e37c2f1cfa98171a96313f2f46d2a34612ada88
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 06:10:49 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
81938
x-cache-status
hit-front
x-cache
cp3055 hit, cp3051 hit/1
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
61542
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Fri, 25 Oct 2013 20:13:00 GMT
server
ATS/8.0.8
etag
28ce9d9834996e59fb68d269ec659f37
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
media%2F144%2F14422da3-f44f-46c4-81da-7b2b2dd5bdfb%2Fimage
media.cheggcdn.com/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.cheggcdn.com/media%2F144%2F14422da3-f44f-46c4-81da-7b2b2dd5bdfb%2Fimage
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-42.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40ea1454a5fe2db373e7cd0157ad9b72662ab722bd6b53a165af729d0b434f47

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 07:08:51 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
last-modified
Mon, 29 Apr 2019 06:46:27 GMT
server
AmazonS3
age
2497657
etag
"af9b927bd01f90b308844190075db9a9"
vary
Origin
x-cache
Hit from cloudfront
x-amz-version-id
32pinJJBNHOx1xgGGZFBMZwczRH126T5
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
123960
x-amz-cf-id
5djPamcYideF208kh-6d-dy6hzhtJhRu7caGZaFib0KX3048oFo3Cw==
media%2F7bb%2F7bb132bc-ab40-4d90-b257-68eeb6c4b23f%2Fphpslx70P.png
d2vlcm61l7u1fs.cloudfront.net/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2vlcm61l7u1fs.cloudfront.net/media%2F7bb%2F7bb132bc-ab40-4d90-b257-68eeb6c4b23f%2Fphpslx70P.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9f374abeb89213734e3a32fc705d6291030298fe9019de5702a6fcd753d3789

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:28 GMT
via
1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
last-modified
Tue, 30 Apr 2019 10:28:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"7e6550a282c9b1fc58a6a035f19894bf"
vary
Origin
x-cache
Miss from cloudfront
x-amz-version-id
UIA0k24Sqg7At5U0RrKwa3z8sdrCcOBJ
cache-control
max-age=315360000
accept-ranges
bytes
content-type
image/png
content-length
23529
x-amz-cf-id
P1MFo8czLSJ5n_jQAiqtnHAIKQ_T-ngFoOq9y0qcyWuP3Icw2YxtAw==
images
encrypted-tbn0.gstatic.com/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTYhG5whM-vSMUOej1raqr8eEHS-8guUYoPdg&usqp=CAU
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a3bd7297bf524b4a58d217f8e314ddf4a8cc8d4fa6ea0f6d890d39211df4ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:27 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4299
x-xss-protection
0
last-modified
Wed, 18 Sep 2019 02:10:11 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 21 May 2023 04:56:27 GMT
600px-T--Shanghai_SFLS_SPBS--Indigo_Synthesis--Pathway.png
parts.igem.org/wiki/images/thumb/b/bd/T--Shanghai_SFLS_SPBS--Indigo_Synthesis--Pathway.png/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://parts.igem.org/wiki/images/thumb/b/bd/T--Shanghai_SFLS_SPBS--Indigo_Synthesis--Pathway.png/600px-T--Shanghai_SFLS_SPBS--Indigo_Synthesis--Pathway.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
148.62.49.124 , United States, ASN33070 (RMH-14, US),
Reverse DNS
899288-db2.igem.org
Software
Apache /
Resource Hash
23732cfd4450cb370fb6eadc8c9eb997659a9667c6eab1935ae491d83a74eead

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sat, 24 Oct 2020 06:32:37 GMT
Server
Apache
ETag
"af97-5b264dcf3eb40"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
44951
1-s2.0-S0143720817300700-gr3.jpg
ars.els-cdn.com/content/image/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ars.els-cdn.com/content/image/1-s2.0-S0143720817300700-gr3.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8e24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0d65d1982cb1c65d42bf23d16e5ec8e3d850c5765f129ee51d97a52a72dca2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:27 GMT
vary
Origin, Accept-Encoding
cf-cache-status
MISS
x-els-status
OK
x-els-resourceversion
V1
content-length
36683
x-els-serverid
ip-10-93-241-46.prod _CloudAttachmentRetrieval_prod
last-modified
Wed, 15 Feb 2017 21:24:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow
GET
content-type
image/jpeg
x-els-size
36683
x-els-reqid
36280c34-5249-46d8-b694-362eb90a605e
x-els-authentication
NONAUTHATTACH
accept-ranges
bytes
cf-ray
70eab9c3281c01e7-ZRH
Question+%231.+Indigo+Synthesis..jpg
slideplayer.com/slide/16774981/97/images/3/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slideplayer.com/slide/16774981/97/images/3/Question+%231.+Indigo+Synthesis..jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.166.55 Tettnang, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.166.76.144.clients.your-server.de
Software
nginx /
Resource Hash
95aeaa21c5cd4f3b693b78d103ec0ccd3b58343977b6edd239687dc212d5f978

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Mon, 06 May 2019 18:18:20 GMT
Server
nginx
Cache-Backend-Server
slideplayer-81
ETag
"5cd07a6c-f614"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Link
<https://slideplayer.com/slide/16774981/97/images/3/Question+%231.+Indigo+Synthesis..jpg>; rel="canonical"
Content-Length
62996
Expires
Sat, 28 May 2022 04:56:27 GMT
140px-Indigo_plant_extract_sample.jpg
upload.wikimedia.org/wikipedia/commons/thumb/1/18/Indigo_plant_extract_sample.jpg/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/1/18/Indigo_plant_extract_sample.jpg/140px-Indigo_plant_extract_sample.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
1849552fc54ed3e6e693af5aac04e2a00183d6478a0bc4e56d855110aa5f301d
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 12:42:51 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
58416
x-cache-status
hit-front
x-cache
cp3065 hit, cp3051 hit/1
content-disposition
inline;filename*=UTF-8''Indigo_plant_extract_sample.jpg
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
8271
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
x-object-meta-sha1base36
7to8nsiewk31w2o5b3pvklzroko9g0p
accept-ranges
bytes
last-modified
Mon, 02 Mar 2015 15:17:37 GMT
server
ATS/8.0.8
etag
218ea4da3781997999fdf957a28a8099
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
330px-Indigo.Baeyer-Drewson.Synthesis.png
upload.wikimedia.org/wikipedia/commons/thumb/c/cf/Indigo.Baeyer-Drewson.Synthesis.png/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/c/cf/Indigo.Baeyer-Drewson.Synthesis.png/330px-Indigo.Baeyer-Drewson.Synthesis.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
78c4a79e21ffdd251b5af85384dd976f1bcbabede4fd136f29ce6ff42d0213df
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 16:21:30 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
45297
x-cache-status
hit-front
x-cache
cp3053 hit, cp3051 hit/1
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
5207
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Tue, 09 Apr 2019 03:24:58 GMT
server
ATS/8.0.8
etag
189d385511f9f474cad7e4091fc5b95d
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
330px-Indigo_Synthesis_V.1.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/f/fb/Indigo_Synthesis_V.1.svg/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/f/fb/Indigo_Synthesis_V.1.svg/330px-Indigo_Synthesis_V.1.svg.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
d82ef856de89920ccc056ac5583e6ad768d80b7e04f94550fb2ad713f97e4848
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 16:46:30 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
43797
x-cache-status
hit-local
x-cache
cp3055 hit, cp3051 miss
server-timing
cache;desc="hit-local", host;desc="cp3051"
content-length
4261
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Tue, 09 Apr 2019 03:24:57 GMT
server
ATS/8.0.8
etag
e85f13d27733918bab28c310adba9d19
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-Indigo-Historische_Farbstoffsammlung.jpg
upload.wikimedia.org/wikipedia/commons/thumb/2/2d/Indigo-Historische_Farbstoffsammlung.jpg/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/2/2d/Indigo-Historische_Farbstoffsammlung.jpg/220px-Indigo-Historische_Farbstoffsammlung.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
bf48523ba0bc58a505e5ebbd8f3f5186b1c8bc8d493c78a09aa7fd70689f822b
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 19:20:48 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
34538
x-cache-status
hit-front
x-cache
cp3065 hit, cp3051 hit/4
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
7353
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
x-object-meta-sha1base36
qjv12zsj52vttwn8gmkzvw4l5fridrl
accept-ranges
bytes
last-modified
Wed, 23 Oct 2013 04:05:45 GMT
server
ATS/8.0.8
etag
d777f041c0b5b2328f354eb04e60bae2
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-Indigo_cake.jpg
upload.wikimedia.org/wikipedia/commons/thumb/4/4e/Indigo_cake.jpg/ 		13 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/4/4e/Indigo_cake.jpg/220px-Indigo_cake.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
5513a07cc957676a7293f8de0f763998a774131448182347a5de05b2230897cf
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 21:14:57 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
27689
x-cache-status
hit-front
x-cache
cp3059 hit, cp3051 hit/1
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
13658
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
x-object-meta-sha1base36
huv6c1yc8d3wk1irj5vvbzclwq9gl2h
accept-ranges
bytes
last-modified
Sat, 26 Oct 2013 17:16:25 GMT
server
ATS/8.0.8
etag
36f2c4f70e95b3887b5fcb04a5585af0
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
150px-Targui.jpg
upload.wikimedia.org/wikipedia/commons/thumb/d/d4/Targui.jpg/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/d/d4/Targui.jpg/150px-Targui.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
154681a9d485061c5baab68d0ca600282c249a1b9c6e1a40753ee533cfd89c77
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:30:33 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
1555
x-cache-status
hit-local
x-cache
cp3065 hit, cp3051 miss
server-timing
cache;desc="hit-local", host;desc="cp3051"
content-length
6878
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Tue, 05 Nov 2013 12:31:40 GMT
server
ATS/8.0.8
etag
85f3e157b16b8a7c9ab10e6b20fcbd4b
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-Indigoproduktion_BASF_1890.JPG
upload.wikimedia.org/wikipedia/commons/thumb/6/6c/Indigoproduktion_BASF_1890.JPG/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/6/6c/Indigoproduktion_BASF_1890.JPG/220px-Indigoproduktion_BASF_1890.JPG
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
2fe662fad79a24ed9b11e94a75c98fb35f6fab10fa3387e0a1f3758ff0f45646
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 19:09:17 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
35229
x-cache-status
hit-front
x-cache
cp3055 hit, cp3051 hit/1
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
10168
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Sat, 26 Oct 2013 19:45:17 GMT
server
ATS/8.0.8
etag
4623ca73135c678f2f977134e88fc51a
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-Leucoindigo_structure.png
upload.wikimedia.org/wikipedia/commons/thumb/1/10/Leucoindigo_structure.png/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/1/10/Leucoindigo_structure.png/220px-Leucoindigo_structure.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
13b30982c3be2699d78a3e9471ae77753540d2d12cfaa4b4371642520879c208
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:41:45 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
54882
x-cache-status
hit-local
x-cache
cp3059 hit, cp3051 miss
content-disposition
inline;filename*=UTF-8''Leucoindigo_structure.png
server-timing
cache;desc="hit-local", host;desc="cp3051"
content-length
5092
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
x-object-meta-sha1base36
f125d1zv1ohgbzpa5lzqwoegihwp07j
accept-ranges
bytes
last-modified
Thu, 30 Mar 2017 23:57:49 GMT
server
ATS/8.0.8
etag
eb43f6bc4c98c80052e86f0cee0c6b74
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-IndigoDyedYarn.JPG
upload.wikimedia.org/wikipedia/commons/thumb/a/a6/IndigoDyedYarn.JPG/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/a/a6/IndigoDyedYarn.JPG/220px-IndigoDyedYarn.JPG
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
a14e7739b0b5c4010e594e4b9d1baeeccda6ea348a336262b9b8f11c6f106b42
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 19:35:39 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
33648
x-cache-status
hit-local
x-cache
cp3063 hit, cp3051 miss
server-timing
cache;desc="hit-local", host;desc="cp3051"
content-length
39024
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Thu, 31 Oct 2013 04:59:10 GMT
server
ATS/8.0.8
etag
e380b9975202b3cb9f5be14aa71f31bc
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-IndigoDyePotOnStove.JPG
upload.wikimedia.org/wikipedia/commons/thumb/2/2f/IndigoDyePotOnStove.JPG/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/2/2f/IndigoDyePotOnStove.JPG/220px-IndigoDyePotOnStove.JPG
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
541c2d6f5a885beb69e825dcc336434bc1ba592774b5328dc3b4bc427d77cb32
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 00:52:35 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
14632
x-cache-status
hit-local
x-cache
cp3059 hit, cp3051 miss
server-timing
cache;desc="hit-local", host;desc="cp3051"
content-length
11015
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Wed, 23 Oct 2013 02:21:11 GMT
server
ATS/8.0.8
etag
e2d97971304cb47d091aefc209fc4369
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
170px-Indigo3D.png
upload.wikimedia.org/wikipedia/commons/thumb/5/5c/Indigo3D.png/ 		15 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/5/5c/Indigo3D.png/170px-Indigo3D.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
a2ef58087114bab20a1dcca3200f69a144467a421f84c4b30b205d2c84606f04
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:27 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
0
x-cache-status
miss
x-cache
cp3061 miss, cp3051 miss
server-timing
cache;desc="miss", host;desc="cp3051"
content-length
15863
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Sat, 26 Oct 2013 18:27:30 GMT
server
ATS/8.0.8
etag
0ee928616886ba97b94f2fdffea061ac
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
200px-Tyrian-Purple.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/1/14/Tyrian-Purple.svg/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/1/14/Tyrian-Purple.svg/200px-Tyrian-Purple.svg.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
2585b92e7586a3f2ab692e26b208d8dd069a37f3cfdf629a7bf201bbea7c234d
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 13:21:32 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
56094
x-cache-status
hit-front
x-cache
cp3051 hit, cp3051 hit/1
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
2945
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Wed, 23 Dec 2020 15:12:41 GMT
server
ATS/8.0.8
etag
b9028c2b3a5695e2ee7c0a39ffe6f994
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
230px-Indigo_carmine.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/4/4d/Indigo_carmine.svg/ 		4 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/4/4d/Indigo_carmine.svg/230px-Indigo_carmine.svg.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
c5b1037ced609d68e6d0b08b4d0a24e78fd0af34ae706ce897663c753ae01495
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 16:21:30 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
45297
x-cache-status
hit-local
x-cache
cp3053 hit, cp3051 miss
server-timing
cache;desc="hit-local", host;desc="cp3051"
content-length
4484
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Sat, 26 Oct 2013 17:37:26 GMT
server
ATS/8.0.8
etag
4723a5b45b38bec86ae75925f6cba795
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-Indigo_pollutionjpg.jpg
upload.wikimedia.org/wikipedia/commons/thumb/6/6c/Indigo_pollutionjpg.jpg/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/6/6c/Indigo_pollutionjpg.jpg/220px-Indigo_pollutionjpg.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
8b375a6bd85fc341601239f53bd2190e944e9a5a16e73c3584b0abb54616b7a5
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:27 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
0
x-cache-status
miss
x-cache
cp3063 miss, cp3051 miss
server-timing
cache;desc="miss", host;desc="cp3051"
content-length
21182
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Thu, 14 May 2020 15:59:38 GMT
server
ATS/8.0.8
etag
a022f759d7b6bcec25f7ef8449af6218
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-Indian_indigo_dye_lump.jpg
upload.wikimedia.org/wikipedia/commons/thumb/d/d8/Indian_indigo_dye_lump.jpg/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/d/d8/Indian_indigo_dye_lump.jpg/220px-Indian_indigo_dye_lump.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
24c93c728602ce74bc3e340d11f44cf2f016c2252cdd5a6ab2895bf3354a8196
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 23:05:59 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
21027
x-cache-status
hit-front
x-cache
cp3059 hit, cp3051 hit/6
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
9430
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Wed, 16 Aug 2017 06:27:02 GMT
server
ATS/8.0.8
etag
70ac154416d3f61a9ff2570c813b824c
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-Indigo_dye_3D_ball.png
upload.wikimedia.org/wikipedia/commons/thumb/d/d8/Indigo_dye_3D_ball.png/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/d/d8/Indigo_dye_3D_ball.png/220px-Indigo_dye_3D_ball.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
36a848320d905b257b222c5f3681cc628dac600beb23ca2a542fd45b0ea0d763
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:04:30 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
71517
x-cache-status
hit-front
x-cache
cp3051 hit, cp3051 hit/5
content-disposition
inline;filename*=UTF-8''Indigo_dye_3D_ball.png
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
25176
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
x-object-meta-sha1base36
enm3x7bd08nv2bd02502ztkgtp4mrdh
accept-ranges
bytes
last-modified
Fri, 20 Mar 2015 12:14:32 GMT
server
ATS/8.0.8
etag
fbc3d3e0d41ea3240e9e366468545aa7
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
7px-Yes_check.svg.png
upload.wikimedia.org/wikipedia/en/thumb/f/fb/Yes_check.svg/ 		132 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/f/fb/Yes_check.svg/7px-Yes_check.svg.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
9cc8ab44cf8e5058648bc6a04e7843433dbadddab3a686e21484933438a0a360
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:04:15 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
71531
x-cache-status
hit-front
x-cache
cp3065 hit, cp3051 hit/4764
content-disposition
inline;filename*=UTF-8''Yes_check.svg.webp
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
132
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Tue, 19 Apr 2022 04:40:18 GMT
server
ATS/8.0.8
etag
a00c40e3bb5b74b7e637b040e2a23e60
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
10px-OOjs_UI_icon_edit-ltr-progressive.svg.png
upload.wikimedia.org/wikipedia/en/thumb/8/8a/OOjs_UI_icon_edit-ltr-progressive.svg/ 		174 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/8/8a/OOjs_UI_icon_edit-ltr-progressive.svg/10px-OOjs_UI_icon_edit-ltr-progressive.svg.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
7968875f3c24fef0635bfe54c50d854bc30a5c8399874028b1141d130a7bdccc
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 06:41:13 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
80113
x-cache-status
hit-front
x-cache
cp3051 hit, cp3051 hit/242838
content-disposition
inline;filename*=UTF-8''OOjs_UI_icon_edit-ltr-progressive.svg.webp
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
174
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Tue, 19 Apr 2022 01:55:48 GMT
server
ATS/8.0.8
etag
abcbb58c0d49c9ff86f13321d906cc27
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
12px-Yes_check.svg.png
upload.wikimedia.org/wikipedia/en/thumb/f/fb/Yes_check.svg/ 		222 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/f/fb/Yes_check.svg/12px-Yes_check.svg.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
016ddb88e17fbf94ef8db53aed2e19d67b839d00f19b2925e07839f19d81d1e9
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 11:37:13 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
62353
x-cache-status
hit-front
x-cache
cp3061 hit, cp3051 hit/982
content-disposition
inline;filename*=UTF-8''Yes_check.svg.webp
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
222
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Tue, 19 Apr 2022 04:23:05 GMT
server
ATS/8.0.8
etag
de06fbf7465f0f9314d91b81f1cd618b
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
7px-X_mark.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/a/a2/X_mark.svg/ 		156 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/a/a2/X_mark.svg/7px-X_mark.svg.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
492b3750558bd768f32767c5d37c6a7bc7d2514760d4403d7b24ef482544de2e
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 16:34:31 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
44515
x-cache-status
hit-front
x-cache
cp3063 miss, cp3051 hit/1187
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
156
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Fri, 18 Dec 2020 22:13:17 GMT
server
ATS/8.0.8
etag
bb9585a1d8dd3999cb02d06340340d1c
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-Indigo_plant_extract_sample.jpg
upload.wikimedia.org/wikipedia/commons/thumb/1/18/Indigo_plant_extract_sample.jpg/ 		15 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/1/18/Indigo_plant_extract_sample.jpg/220px-Indigo_plant_extract_sample.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
45cd5c5ceb1f116c44e034252bce387e448ebbe7e9edddbd966d4a0be21e8d50
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 21:46:32 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
25794
x-cache-status
hit-front
x-cache
cp3065 hit, cp3051 hit/4
content-disposition
inline;filename*=UTF-8''Indigo_plant_extract_sample.jpg
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
15732
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
x-object-meta-sha1base36
b9g82jpnwkfb0kxhzipt3kung6zjzkb
accept-ranges
bytes
last-modified
Mon, 02 Mar 2015 15:16:10 GMT
server
ATS/8.0.8
etag
9822c9234a603ada9bb52348c69a696e
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-Newton%27s_colour_circle.png
upload.wikimedia.org/wikipedia/commons/thumb/0/0a/Newton%27s_colour_circle.png/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/0/0a/Newton%27s_colour_circle.png/220px-Newton%27s_colour_circle.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
a5eb9578265453ef425a4c9e52eedddafd7f1d44c24d19cd016ed75b22c1bf02
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 16:22:27 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
45240
x-cache-status
hit-local
x-cache
cp3063 hit, cp3051 miss
content-disposition
inline;filename*=UTF-8''Newton%27s_colour_circle.png
server-timing
cache;desc="hit-local", host;desc="cp3051"
content-length
13135
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Sat, 12 Mar 2022 12:44:38 GMT
server
ATS/8.0.8
etag
5ae5fb043d72a83a6db228ff6069a2bc
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
350px-Newton_prismatic_colours.JPG
upload.wikimedia.org/wikipedia/commons/thumb/a/a5/Newton_prismatic_colours.JPG/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/a/a5/Newton_prismatic_colours.JPG/350px-Newton_prismatic_colours.JPG
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
ed1baecd4649695baef9330d9aa30579ef25ed945131b3e990f34e4ec0e6e2df
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:43:05 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
72801
x-cache-status
hit-front
x-cache
cp3065 hit, cp3051 hit/1
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
8405
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Thu, 31 Oct 2013 20:30:09 GMT
server
ATS/8.0.8
etag
65a6bbe9da5cbce2b4b5b2e4e3e4beb8
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
190px-Rainbow-diagram-ROYGBIV.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/c/c9/Rainbow-diagram-ROYGBIV.svg/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/c/c9/Rainbow-diagram-ROYGBIV.svg/190px-Rainbow-diagram-ROYGBIV.svg.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
befcd4e60c417c14b31ec54d3897c17bccaa837ef59e68c5aa45a881130b8f9e
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 18:01:13 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
39314
x-cache-status
hit-local
x-cache
cp3057 hit, cp3051 miss
content-disposition
inline;filename*=UTF-8''Rainbow-diagram-ROYGBIV.svg.png
server-timing
cache;desc="hit-local", host;desc="cp3051"
content-length
9392
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Thu, 17 Mar 2022 06:58:28 GMT
server
ATS/8.0.8
etag
2e3867d9ee5407e709b41a61ffdc41dd
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
15px-Gtk-dialog-info.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/b/b4/Gtk-dialog-info.svg/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/b/b4/Gtk-dialog-info.svg/15px-Gtk-dialog-info.svg.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
adac63cb18f2d903d5a8151c028cbc937d13f3e356ac64f8c43fc0100c27537c
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 21:18:42 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
27464
x-cache-status
hit-front
x-cache
cp3065 hit, cp3051 hit/48
content-disposition
inline;filename*=UTF-8''Gtk-dialog-info.svg.png
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
1050
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Sun, 06 Jun 2021 07:24:17 GMT
server
ATS/8.0.8
etag
edcdcd6d7e30f6eee0960a8dabfd28e3
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-Indigo_Bunting.jpg
upload.wikimedia.org/wikipedia/commons/thumb/8/86/Indigo_Bunting.jpg/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/8/86/Indigo_Bunting.jpg/220px-Indigo_Bunting.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
17f004588b542b7882d24dcc7e0fd24919f5683c126484c6e6a306037ed18fd8
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 09:03:52 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
71554
x-cache-status
hit-front
x-cache
cp3065 hit, cp3051 hit/1
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
21402
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
x-object-meta-sha1base36
r3698459gbn4y3s9h2ozbqrk1r23gfb
accept-ranges
bytes
last-modified
Wed, 30 Oct 2013 22:50:03 GMT
server
ATS/8.0.8
etag
b1802616e440ee9da10a31997633a585
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-Lactarius_indigo_48568_edit.jpg
upload.wikimedia.org/wikipedia/commons/thumb/8/86/Lactarius_indigo_48568_edit.jpg/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/8/86/Lactarius_indigo_48568_edit.jpg/220px-Lactarius_indigo_48568_edit.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
5b785b402a9570b89a1a124ba0187fad29687280084edcf4c58aefff8b894284
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 12:03:08 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
60799
x-cache-status
hit-front
x-cache
cp3065 hit, cp3051 hit/2
content-disposition
inline;filename*=UTF-8''Lactarius_indigo_48568_edit.jpg
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
17376
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Mon, 22 Nov 2021 17:23:41 GMT
server
ATS/8.0.8
etag
7f7b23b19e62b7c33d75a8c7720e5459
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-Eastern_Indigo_Snake.jpg
upload.wikimedia.org/wikipedia/commons/thumb/d/db/Eastern_Indigo_Snake.jpg/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/d/db/Eastern_Indigo_Snake.jpg/220px-Eastern_Indigo_Snake.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
f5ed9fd0544d74c3c09043600e6b53c33360bfbfc93042694fdb9358d1303cd9
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 10:35:02 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
66084
x-cache-status
hit-front
x-cache
cp3063 hit, cp3051 hit/1
content-disposition
inline;filename*=UTF-8''Eastern_Indigo_Snake.jpg
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
23059
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Tue, 01 Feb 2022 06:05:25 GMT
server
ATS/8.0.8
etag
5e4cd5521fd8a36d59f3375e4d4d562a
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-COLLECTIE_TROPENMUSEUM_Indigo_wordt_aangemaakt_in_kuilen_in_uitgehakte_puimsteentufgrond_Karolanden_TMnr_10014190.jpg
upload.wikimedia.org/wikipedia/commons/thumb/5/56/COLLECTIE_TROPENMUSEUM_Indigo_wordt_aangemaakt_in_kuilen_in_uitgehakte_puimsteentufgrond_Karolanden_TMnr_10014190.jpg/ 		29 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/5/56/COLLECTIE_TROPENMUSEUM_Indigo_wordt_aangemaakt_in_kuilen_in_uitgehakte_puimsteentufgrond_Karolanden_TMnr_10014190.jpg/220px-COLLECTIE_TROPENMUSEUM_Indigo_wordt_aangemaakt_in_kuilen_in_uitgehakte_puimsteentufgrond_Karolanden_TMnr_10014190.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
56e4a4bbc726cb7995bf30b0a853217ae25e9c9cbdae7f9ccfbcc1f74674a905
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 07:41:06 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
76521
x-cache-status
hit-local
x-cache
cp3059 hit, cp3051 miss
server-timing
cache;desc="hit-local", host;desc="cp3051"
content-length
30185
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Sat, 12 Aug 2017 10:36:15 GMT
server
ATS/8.0.8
etag
602c7e808ecf6c042e9e48dd25a9c5e8
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
str1-21-300x191.jpg
drugapprovalsint.com/wp-content/uploads/2021/03/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drugapprovalsint.com/wp-content/uploads/2021/03/str1-21-300x191.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
166.62.28.131 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-131.ip.secureserver.net
Software
Apache /
Resource Hash
adee789a1dcc37fe49243ff3377aa8aaf619e4c39ebcc0901a5e96f2d3469e59

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sun, 28 Mar 2021 05:59:22 GMT
Server
Apache
ETag
"6023359-19d7-5be927776710b"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5
Content-Length
6615
str1-22-300x189.jpg
drugapprovalsint.com/wp-content/uploads/2021/03/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drugapprovalsint.com/wp-content/uploads/2021/03/str1-22-300x189.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
166.62.28.131 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-131.ip.secureserver.net
Software
Apache /
Resource Hash
71b11d5640c0745937a0fc71547c4f484e7a859cbc4fd22f1c853c557b8f739c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sun, 28 Mar 2021 06:01:28 GMT
Server
Apache
ETag
"602335c-337c-5be927efb1a5f"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5
Content-Length
13180
str2-295x300.jpg
drugapprovalsint.com/wp-content/uploads/2021/03/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drugapprovalsint.com/wp-content/uploads/2021/03/str2-295x300.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
166.62.28.131 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-131.ip.secureserver.net
Software
Apache /
Resource Hash
0b311447ca8f3d1bbd8b8457a70ea8298ad08605b6328144016fc70ef4d652ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Sun, 28 Mar 2021 06:01:29 GMT
Server
Apache
ETag
"602335f-582b-5be927f10aa05"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
22571
str3-300x232.jpg
drugapprovalsint.com/wp-content/uploads/2021/03/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drugapprovalsint.com/wp-content/uploads/2021/03/str3-300x232.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
166.62.28.131 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-131.ip.secureserver.net
Software
Apache /
Resource Hash
630216694d727993e4756003f5deb781f2794180a3ecf5f6a458650cf6e279cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Sun, 28 Mar 2021 06:01:30 GMT
Server
Apache
ETag
"6023362-43e7-5be927f1e9498"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
17383
str1-23-300x147.jpg
drugapprovalsint.com/wp-content/uploads/2021/03/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drugapprovalsint.com/wp-content/uploads/2021/03/str1-23-300x147.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
166.62.28.131 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-131.ip.secureserver.net
Software
Apache /
Resource Hash
f08f448dc5a8fd6c81c80eeb77e400735ee761a52562a19e36d4e234f4821f4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Sun, 28 Mar 2021 06:02:53 GMT
Server
Apache
ETag
"6023365-2953-5be928410eb16"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
10579
str2-1-300x275.jpg
drugapprovalsint.com/wp-content/uploads/2021/03/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drugapprovalsint.com/wp-content/uploads/2021/03/str2-1-300x275.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
166.62.28.131 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-131.ip.secureserver.net
Software
Apache /
Resource Hash
46ad9c0eaa1cf7e5b59345a0e2d98d7b1dc4ff8306abc9e489df1cb0ea9503c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Sun, 28 Mar 2021 06:02:54 GMT
Server
Apache
ETag
"6023368-757a-5be9284206803"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5
Content-Length
30074
str1-24-300x187.jpg
drugapprovalsint.com/wp-content/uploads/2021/03/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drugapprovalsint.com/wp-content/uploads/2021/03/str1-24-300x187.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
166.62.28.131 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-131.ip.secureserver.net
Software
Apache /
Resource Hash
bbf005f2a161b2845e878b9a8fe5fb6e5aeed5d577f61d458ff19a29f8b74afd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Sun, 28 Mar 2021 06:04:54 GMT
Server
Apache
ETag
"602336b-1fac-5be928b4879b9"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
8108
str1-25-300x89.jpg
drugapprovalsint.com/wp-content/uploads/2021/03/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drugapprovalsint.com/wp-content/uploads/2021/03/str1-25-300x89.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
166.62.28.131 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-131.ip.secureserver.net
Software
Apache /
Resource Hash
27d38617d70af4a17e3b7f21f2c32eac836705be0c4f6ccc38f4de647134edad

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Sun, 28 Mar 2021 06:06:14 GMT
Server
Apache
ETag
"602336e-1055-5be92900c6529"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5
Content-Length
4181
str1-26-258x300.jpg
drugapprovalsint.com/wp-content/uploads/2021/03/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drugapprovalsint.com/wp-content/uploads/2021/03/str1-26-258x300.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
166.62.28.131 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-131.ip.secureserver.net
Software
Apache /
Resource Hash
fe4b623a83a5a3c4a331d34e87593a4521e19c9cb80c3943cc45c967a7393c07

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Sun, 28 Mar 2021 06:08:03 GMT
Server
Apache
ETag
"6023371-2f54-5be92968ce38c"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5
Content-Length
12116
str2-2-300x243.jpg
drugapprovalsint.com/wp-content/uploads/2021/03/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drugapprovalsint.com/wp-content/uploads/2021/03/str2-2-300x243.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
166.62.28.131 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-131.ip.secureserver.net
Software
Apache /
Resource Hash
7bb952a98cde9a7dfc578683f01759b84a86496caa55823fb7a35d42d7154b5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Sun, 28 Mar 2021 06:08:06 GMT
Server
Apache
ETag
"6023374-3689-5be9296ae61f1"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
13961
15px-Wikisource-logo.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/4/4c/Wikisource-logo.svg/ 		630 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/4/4c/Wikisource-logo.svg/15px-Wikisource-logo.svg.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
a0c11855af59e707cc41bb87dbe2f7b527361bf9a3f1ee0350b5e9fdc519109e
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 15:37:33 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
47934
x-cache-status
hit-front
x-cache
cp3051 hit, cp3051 hit/14145
server-timing
cache;desc="hit-front", host;desc="cp3051"
content-length
630
x-client-ip
2001:ac8:20:3a00:1011:30f9:ff56:7c77
accept-ranges
bytes
last-modified
Sat, 12 Dec 2020 12:51:42 GMT
server
ATS/8.0.8
etag
92abdabe21ec9e4c87d324a1f200abfb
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
str2.jpg
www.allfordrugs.com/wp-content/uploads/2020/09/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/uploads/2020/09/str2.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
ae34556bbf287cbb457e815df73d9510b93e8d743266b8d5116ad89aa4b6145b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Wed, 16 Sep 2020 02:24:59 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/jpeg
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=68
Content-Length
8189
ServiceLogin
accounts.google.com/
Redirect Chain
  • https://mail.google.com/mail/u/0?ui=2&ik=ea058c9211&attid=0.0.1&permmsgid=msg-f:1677807714282346843&th=1748c53a0b35995b&view=fimg&sz=s0-l75-ft&attbid=ANGjdJ_QxrK589_Oy96RN_KhZwl2LiWpEXXFyNI-F7F8wz4...
  • https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/?ui%3D2%26ik%3Dea058c9211%26attid%3D0.0.1%26permmsgid%3Dmsg-f:1677807714282346843%2...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/?ui%3D2%26ik%3Dea058c9211%26attid%3D0.0.1%26permmsgid%3Dmsg-f:1677807714282346843%26th%3D1748c53a0b35995b%26view%3Dfimg%26sz%3Ds0-l75-ft%26attbid%3DANGjdJ_QxrK589_Oy96RN_KhZwl2LiWpEXXFyNI-F7F8wz4loo4lHzF-hxNVcQQbTzA458qrAc3a5BRNOrE9KKHe4KGkUUMVmmekE8RXLVHxJIMtg5TEFhN5lDQF4-I%26disp%3Demb&scc=1&ltmpl=googlemail&emr=1&osid=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/?ui%3D2%26ik%3Dea058c9211%26attid%3D0.0.1%26permmsgid%3Dmsg-f:1677807714282346843%26th%3D1748c53a0b35995b%26view%3Dfimg%26sz%3Ds0-l75-ft%26attbid%3DANGjdJ_QxrK589_Oy96RN_KhZwl2LiWpEXXFyNI-F7F8wz4loo4lHzF-hxNVcQQbTzA458qrAc3a5BRNOrE9KKHe4KGkUUMVmmekE8RXLVHxJIMtg5TEFhN5lDQF4-I%26disp%3Demb&scc=1&ltmpl=googlemail&emr=1&osid=1#
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
frame-ancestors 'self'
alt-svc
clear
content-length
479
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
str1.jpg
www.allfordrugs.com/wp-content/uploads/2020/09/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/uploads/2020/09/str1.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
ae4a9b83a6d3bd8bc7e13b123bd1b672988aa61fb4ccd9e8213b379e9be932bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Wed, 16 Sep 2020 02:24:56 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/jpeg
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=67
Content-Length
46034
str1-1.jpg
www.allfordrugs.com/wp-content/uploads/2020/09/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/uploads/2020/09/str1-1.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
dadf26bf8bbafa114227b7e3b9d1116c24a6b9dd8fe0043e875222e8fd6008eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Wed, 16 Sep 2020 02:26:37 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/jpeg
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=66
Content-Length
79748
str2-1.jpg
www.allfordrugs.com/wp-content/uploads/2020/09/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/uploads/2020/09/str2-1.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
e619a0cb7388dcea406e44574eca03ea10f5d10955816954fdc93baec242a50b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Wed, 16 Sep 2020 02:26:39 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/jpeg
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=62
Content-Length
62270
widget.js
www.allfordrugs.com/wp-content/plugins/email-posts-to-subscribers/widget/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/plugins/email-posts-to-subscribers/widget/widget.js
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
739598c047d7c15a20b6535a42ade431ce271d2e31d804d06f1007fcd4f8351c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Aug 2016 07:56:14 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=71
Content-Length
1276
widget.css
www.allfordrugs.com/wp-content/plugins/email-posts-to-subscribers/widget/ 		387 B
543 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/plugins/email-posts-to-subscribers/widget/widget.css
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
12cee209579c4c51406b6b893d9001e95e4d3aa9a72786775509ef4c7d505776

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Aug 2016 07:56:14 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=72
Content-Length
164
photo.jpg
lh6.googleusercontent.com/-S7oatwKcKdU/AAAAAAAAAAI/AAAAAAAAAAA/efmYB4v2v3E/s96-c/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/-S7oatwKcKdU/AAAAAAAAAAI/AAAAAAAAAAA/efmYB4v2v3E/s96-c/photo.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
81ab4806e40a03e81d346a4dfdbf38d964bd2406417c2d0c4f36f8d1906c2c3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 03:07:50 GMT
x-content-type-options
nosniff
age
6517
content-disposition
inline;filename=""
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7609
x-xss-protection
0
server
fife
etag
"v6ed3"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 30 Apr 2022 03:09:41 GMT
STR1-18.jpg
drugapprovalsint.com/wp-content/uploads/2017/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drugapprovalsint.com/wp-content/uploads/2017/12/STR1-18.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
166.62.28.131 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-131.ip.secureserver.net
Software
Apache /
Resource Hash
f39cfb6336d2c67e6920c9cd42ec3bc8ed4273a16448ed43eed60249ed580441

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Wed, 20 Dec 2017 07:51:28 GMT
Server
Apache
ETag
"57a1cca-2f44-560c0d9e19047"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5
Content-Length
12100
proxy
images-blogger-opensocial.googleusercontent.com/gadgets/ 		56 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-blogger-opensocial.googleusercontent.com/gadgets/proxy?url=http%3A%2F%2Fwww.ipcalabs.com%2Fimages%2Fcontact_us.jpg&container=blogger&gadget=a&rewriteMime=image%2F*
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b32497bc42edc5a9cfb948004ab9717072bcc8d4b37cc1fb64b00f95b7e501ff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:33 GMT
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/*; charset=UTF-8
access-control-allow-origin
*
content-disposition
attachment;filename=p.txt
cache-control
public,max-age=59
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56
x-xss-protection
1; mode=block
expires
Sat, 21 May 2022 04:57:32 GMT
counter.php
www.easycounter.com/
Redirect Chain
  • http://www.easycounter.com/counter.php?amcrasto
  • https://www.easycounter.com/counter.php?amcrasto
296 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.easycounter.com/counter.php?amcrasto
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
52.1.22.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-22-171.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
515a2bbc6e5950854009ea380fdcab9a7b0ae3290eb73a70fbbd4956351b606e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Sat, 21 May 2022 04:56:29 +0000
Server
nginx/1.14.2
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0

Redirect headers

Location
https://www.easycounter.com/counter.php?amcrasto
Date
Sat, 21 May 2022 04:56:28 GMT
Server
nginx/1.14.2
Connection
keep-alive
Content-Length
185
Content-Type
text/html
feder-0005.gif
www.123gif.de/free-gifs/quills/
Redirect Chain
  • http://www.123gifs.eu/free-gifs/quills/feder-0005.gif
  • https://www.123gif.de/free-gifs/quills/feder-0005.gif
24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.123gif.de/free-gifs/quills/feder-0005.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
87.118.73.226 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS
server4.newgrafix.com
Software
Apache /
Resource Hash
2557b1ac8e4cf1d037a2a03368b24b4f1877f90d9015c9ec88436813be80e7cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:29 GMT
last-modified
Sun, 31 Aug 2014 21:07:12 GMT
server
Apache
etag
"5f71-501f34520a000"
content-type
image/gif
cache-control
max-age=4592000, public
accept-ranges
bytes
content-length
24433
expires
Mon, 20 Jun 2022 04:56:29 GMT

Redirect headers

Location
https://www.123gif.de/free-gifs/quills/feder-0005.gif
Date
Sat, 21 May 2022 04:56:29 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
325
Content-Type
text/html; charset=iso-8859-1
embed.js
files.bannersnack.com/iframe/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://files.bannersnack.com/iframe/embed.js
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
52.217.80.68 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
dianakcury
feeds.feedburner.com/~fc/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://feeds.feedburner.com/~fc/dianakcury?bg=FF9900&fg=000&anim=1&label=readers
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
news-flash.gif
www.labcompliance.com/pictures/misc_pic/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.labcompliance.com/pictures/misc_pic/news-flash.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
2a01:238:20a:202:1143:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
btn_viewmy_160x33.png
www.linkedin.com/img/webpromo/
Redirect Chain
  • http://www.linkedin.com/img/webpromo/btn_viewmy_160x33.png
  • https://www.linkedin.com/img/webpromo/btn_viewmy_160x33.png
2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.linkedin.com/img/webpromo/btn_viewmy_160x33.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
df6fffd563d57f2c1489af67a6f1c9aaf2cb23c7be9186fe1ebd944cd4e1bc5f
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
1899
x-li-uuid
AAXffm4Udjv0mXu5UAAPFw==
last-modified
Wed, 18 May 2022 17:45:15 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F3899FE9F2C540619B2D15A418DCF77F Ref B: FRAEDGE1419 Ref C: 2022-05-21T04:56:29Z
x-frame-options
sameorigin
date
Sat, 21 May 2022 04:56:28 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=604800,private
etag
"628530ab-76b"
accept-ranges
bytes
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Sat, 28 May 2022 04:56:29 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 21 May 2022 04:56:28 GMT
X-Li-Pop
afd-prod-lva1-x
X-MSEdge-Ref
Ref A: 11CD73FF71794E66A01B218812F8D239 Ref B: FRAEDGE1319 Ref C: 2022-05-21T04:56:28Z
X-Cache
CONFIG_NOCACHE
X-Li-Fabric
prod-lva1
Location
https://www.linkedin.com/img/webpromo/btn_viewmy_160x33.png
Cache-Control
no-cache, no-store
X-Li-Proto
http/1.1
Content-Length
0
X-LI-UUID
AAXffm4PTA8KwQNjYL2VIg==
Expires
Thu, 01 Jan 1970 00:00:00 GMT
faviconV2
t1.gstatic.com/
Redirect Chain
  • https://s2.googleusercontent.com/s2/favicons?domain=www.facebook.com&alt=p
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.facebook.com&size=16
404 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.facebook.com&size=16
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4262072fd2e9ad103d4d43be4334ffcad014d799a9eb97aeaa14d266b656adf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 13:40:26 GMT
x-content-type-options
nosniff
age
400563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
404
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 14:01:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://static.xx.fbcdn.net/rsrc.php/yb/r/hLRJ1GG_y0J.ico
expires
Mon, 23 May 2022 13:40:26 GMT

Redirect headers

date
Sat, 21 May 2022 04:56:28 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://www.facebook.com&size=16
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
336
x-xss-protection
0
expires
Sat, 21 May 2022 05:26:28 GMT
follow_me-a.png
twitter-badges.s3.amazonaws.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://twitter-badges.s3.amazonaws.com/follow_me-a.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
52.216.241.164 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d7df7fe05ddc4df97f62cc04a7d5e5ba7396f97faa2046a0d43a019453175f26

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:30 GMT
Last-Modified
Fri, 29 Oct 2010 19:44:48 GMT
Server
AmazonS3
x-amz-request-id
C4F9S3QXDXB5654D
ETag
"03b3f383017639e0efb13ea32e8e732a"
Content-Type
image/png
x-amz-meta-s3fox-filesize
4093
x-amz-meta-s3fox-modifiedtime
1286902016000
Accept-Ranges
bytes
Content-Length
4093
x-amz-id-2
2abF3wkWR5dvbyyXKBikoSpV3zLsQUJ758R9bFDmP/2evjZPzsZjkx/1+atyWd3ctnaXL4BW6uc=
faviconV2
t3.gstatic.com/
Redirect Chain
  • https://s2.googleusercontent.com/s2/favicons?domain=plus.google.com&alt=p
  • https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://plus.google.com&size=16
614 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://plus.google.com&size=16
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48f20dc3130552095a8548e4e25de6aaeea058a00b813d023be861a52bc9bc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 15 May 2022 16:45:14 GMT
x-content-type-options
nosniff
age
475875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
614
x-xss-protection
0
last-modified
Wed, 29 Nov 2017 12:34:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://www.google.com/favicon.ico
expires
Sun, 22 May 2022 16:45:14 GMT

Redirect headers

date
Sat, 21 May 2022 04:56:28 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://plus.google.com&size=16
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Sat, 21 May 2022 05:26:28 GMT
animail.gif
www.chemistryrules.me.uk/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.chemistryrules.me.uk/animail.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
85.233.160.146 , United Kingdom, ASN8622 (ISIONUK Namesco Limited, GB),
Reverse DNS
ztoa.namesco.net
Software
/
Resource Hash
0919e84d7c8e7908f1327d557a1a5a1d9b125d7144008d876adba33ae639a6c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 03:52:57 GMT
Last-Modified
Mon, 21 Jul 2008 14:32:41 GMT
Age
3811
ETag
"1064-45289946cd440"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4196
earth.gif
homepage.ntlworld.com/bhandari/Imperial/Atenolol/ 		0
0
ServiceLogin
accounts.google.com/
Redirect Chain
  • https://mail.google.com/mail/?ui=2&ik=ea058c9211&view=att&th=12e47a2ac5dc5739&attid=0.7&disp=emb&zw
  • https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/?ui%3D2%26ik%3Dea058c9211%26view%3Datt%26th%3D12e47a2ac5dc5739%26attid%3D0.7%26disp...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/?ui%3D2%26ik%3Dea058c9211%26view%3Datt%26th%3D12e47a2ac5dc5739%26attid%3D0.7%26disp%3Demb%26zw&scc=1&ltmpl=googlemail&emr=1&osid=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H3
Server
2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/?ui%3D2%26ik%3Dea058c9211%26view%3Datt%26th%3D12e47a2ac5dc5739%26attid%3D0.7%26disp%3Demb%26zw&scc=1&ltmpl=googlemail&emr=1&osid=1#
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
frame-ancestors 'self'
alt-svc
clear
content-length
322
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
profile_share_badge.png
www.researchgate.net/images/public/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.researchgate.net/images/public/profile_share_badge.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:2169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00a93d08e2421edcb4589114d62d2a6bd9d6b9cc034dc8e5b9f597527a0952c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:29 GMT
cf-cache-status
HIT
last-modified
Wed, 09 Feb 2022 10:09:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=5184000, immutable
accept-ranges
bytes
cf-ray
70eab9cd6b0ccc3e-ZRH
content-length
2277
scit.js
www.scoop.it/button/
Redirect Chain
  • http://www.scoop.it/button/scit.js
  • https://www.scoop.it/button/scit.js
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.scoop.it/button/scit.js
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
185.94.140.20 , France, ASN35280 (ACORUS, FR),
Reverse DNS
185-94-140-20.acorus.net
Software
volt-adc /
Resource Hash
93740babd1ed00c24fed30e826acbe96945d83ed79e23904e7dad13a36bf842e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 04:56:26 GMT
content-encoding
gzip
p3p
CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
x-volterra-location
fr4-fra
server
volt-adc
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-language
en
cache-control
no-store
x-envoy-upstream-service-time
19
content-type
application/javascript;charset=ISO-8859-1

Redirect headers

pragma
no-cache
date
Sat, 21 May 2022 04:56:26 GMT
x-volterra-location
fr4-fra
server
volt-adc
x-frame-options
SAMEORIGIN
p3p
CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
location
https://www.scoop.it/button/scit.js
cache-control
no-store
x-envoy-upstream-service-time
13
transfer-encoding
chunked
AllAboutDrugsByDrAnthonyMCrasto
feeds.feedburner.com/~fc/http://feeds.feedburner.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://feeds.feedburner.com/~fc/http://feeds.feedburner.com/AllAboutDrugsByDrAnthonyMCrasto?bg=99CCFF&fg=444444&anim=0
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
StumbleUpon-03.png
www.allfordrugs.com/wp-content/themes/suffusion/images/follow/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/images/follow/StumbleUpon-03.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
3be0cc440e7f7cb4227c1c39ce3e441c8722d3f89dc44a69ebf5a83fdb253699

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Wed, 10 Feb 2016 02:12:30 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=64
Content-Length
2469
Twitter-01.png
www.allfordrugs.com/wp-content/themes/suffusion/images/follow/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/images/follow/Twitter-01.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
e87e6c59106b462f188025940292ab617736a13769c59549566e9d379d9a093f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Wed, 10 Feb 2016 02:12:30 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=60
Content-Length
2139
RSS-17.png
www.allfordrugs.com/wp-content/themes/suffusion/images/follow/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/images/follow/RSS-17.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
f35cd23b642989e3aa579043c5a5221720e38b6ede6dd96829f1965762e62ac7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Wed, 10 Feb 2016 02:12:30 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=63
Content-Length
2885
LinkedIn-02.png
www.allfordrugs.com/wp-content/themes/suffusion/images/follow/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/images/follow/LinkedIn-02.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
e202072816923f804cddd74077bef8703ab76fd226445a64c24c302ab70f84a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Wed, 10 Feb 2016 02:12:30 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=65
Content-Length
2295
Facebook-04.png
www.allfordrugs.com/wp-content/themes/suffusion/images/follow/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/images/follow/Facebook-04.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
425750b15059277894c1b2d8b1f2bfa59c1e2ce5974c594dc3faa12dcbd89b56

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Wed, 10 Feb 2016 02:12:30 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=66
Content-Length
2005
addthis_widget.js
s7.addthis.com/js/300/
Redirect Chain
  • http://s7.addthis.com/js/300/addthis_widget.js
  • https://s7.addthis.com/js/300/addthis_widget.js
353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Sat, 21 May 2022 04:56:27 GMT
x-host
s7.addthis.com
content-length
116421

Redirect headers

Date
Sat, 21 May 2022 04:56:27 GMT
Server
nginx/1.15.8
X-Distribution
99
Content-Type
text/html
Location
https://s7.addthis.com/js/300/addthis_widget.js
X-Host
s7.addthis.com
Connection
keep-alive
Content-Length
171
rss.png
www.allfordrugs.com/wp-includes/images/ 		608 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-includes/images/rss.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Sun, 19 Jan 2014 05:15:12 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=59
Content-Length
608
/
feedjit.com/serve/ 		0
0
1.js
jc.revolvermaps.com/2/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://jc.revolvermaps.com/2/1.js?i=2afvg8irrbf&s=220&m=0&v=false&r=false&b=000000&n=false&c=ff0000
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
8628816b47b5bda9d3a4f8f86139902934a808a96f0faaf104acc36973a53020

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Feb 2016 12:33:03 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=290304000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=100
Content-Length
1238
embed.js
s3.amazonaws.com/downloads.mailchimp.com/js/signup-forms/popup/ 		126 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s3.amazonaws.com/downloads.mailchimp.com/js/signup-forms/popup/embed.js
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
52.216.141.222 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
07442f2bc9e417e7e700d142493b5564d926d3b28a365632e87f9e0a1c992b70

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Thu, 31 Mar 2022 19:11:15 GMT
Server
AmazonS3
x-amz-request-id
KRH9HFPK9DFZ24ZN
ETag
"0685931cf1dde37f88e2e0520bb8fcdc"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
129500
x-amz-id-2
/PX2ZA+VHZLI63J+XoQvkn0RBmkWsQh9l6mK6G24VBdRF5rU6HIflkgHZqE6vwHHeEOJkENALFY=
facebook.png
www.allfordrugs.com/wp-content/plugins/subscribe-connect-follow-widget/images/32px/ 		991 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/subscribe-connect-follow-widget/images/32px/facebook.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
2459a6715f8259aabc04ade61148d09549b32c8b46db7dfeb9c8c5ab53165a20

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Tue, 25 Aug 2015 07:12:21 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=62
Content-Length
991
slideshare.png
www.allfordrugs.com/wp-content/plugins/subscribe-connect-follow-widget/images/32px/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/subscribe-connect-follow-widget/images/32px/slideshare.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
76f977c5468520cc4912ae71aff8fdfa5a65481495157ace0180471a5b2510e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Tue, 25 Aug 2015 07:12:21 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=64
Content-Length
2010
twitter.png
www.allfordrugs.com/wp-content/plugins/subscribe-connect-follow-widget/images/32px/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/subscribe-connect-follow-widget/images/32px/twitter.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
9278438ede280e1f9c13dfe122f2c42654ef70fee31e234581d3ac5b978c1288

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Tue, 25 Aug 2015 07:12:21 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=65
Content-Length
2226
tumblr.png
www.allfordrugs.com/wp-content/plugins/subscribe-connect-follow-widget/images/32px/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/subscribe-connect-follow-widget/images/32px/tumblr.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
7a60da84435f859836542fdba501f71732b3b6b88795b72affa79e1f6e0ee64d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Tue, 25 Aug 2015 07:12:21 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=60
Content-Length
1101
linkedin.png
www.allfordrugs.com/wp-content/plugins/subscribe-connect-follow-widget/images/32px/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/subscribe-connect-follow-widget/images/32px/linkedin.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
e4a8b0c74d455a205f1be188d41e123c961d0cf44d4321a6d1d2a8852e155304

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Tue, 25 Aug 2015 07:12:21 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=61
Content-Length
1191
/
s04.flagcounter.com/count/Hdci/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_12/viewers_0/labels_0/pageviews_0/flags_0/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s04.flagcounter.com/count/Hdci/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_12/viewers_0/labels_0/pageviews_0/flags_0/
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
104.243.42.114 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
s04.flagcounter.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash
8ab8684916403437a4dd18ff4c72855cc79b94a0b2aa67599676172959313521

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 04:56:29 GMT
Cache-control
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Connection
close
Transfer-Encoding
chunked
Content-Type
image/png
tracker.js
www.w3counter.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.w3counter.com/tracker.js
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:65d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.15
Resource Hash
30d61fca52a15fae53cc0c2f7b0a4076176a91ab8ca85238d39a4007d787e34a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
X-Powered-By
PHP/7.3.15
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpY%2FFlTKbssIpa9WxF6HxSVWdham5tZqf4cJ4NljhfUsy7M3satHJeIPGTMbxRkQyUYpSBlZi1780zbKm0yt8X8KmYUQg7ZWvYCGWCxZHMy5fE1ml%2FjpoVst4hRlShypf68yMUblehGt9zwlrnSY"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
70eab9c07e1259a1-MXP
logo_small.png
static.networkedblogs.com/static/images/ 		0
0
getnetworkwidget
nwidget.networkedblogs.com/ 		0
0
1x1pix_trans.gif
amcrasto.simplesite.com/userpages/images/ 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://amcrasto.simplesite.com/userpages/images/1x1pix_trans.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
108.157.4.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-120.dus51.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Via
1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 01 Oct 2020 09:31:54 GMT
Server
Microsoft-IIS/10.0
Age
1007
X-Powered-By
ASP.NET
ETag
"7623b3d597d61:0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Cache-Control
public,max-age=14400
X-Amz-Cf-Pop
DUS51-P2
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
RglO1HAm6qaWGeMO3iQwif6HELsJgUefD09jocvRwPUf8THBDF9jQA==
menu_bill1.jpg
amcrasto.simplesite.com/userpages/images/US/brugermenu/123standard/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://amcrasto.simplesite.com/userpages/images/US/brugermenu/123standard/menu_bill1.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
108.157.4.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-120.dus51.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d4720741686e5585525c60fe54ca2d8c0d15a6914bf5c12077381ae314502de9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Via
1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
Last-Modified
Thu, 01 Oct 2020 09:32:01 GMT
Server
Microsoft-IIS/10.0
X-Amz-Cf-Pop
DUS51-P2
X-Powered-By
ASP.NET
ETag
"d6d2eb7d597d61:0"
X-Cache
RefreshHit from cloudfront
Content-Type
image/jpeg
Cache-Control
public,max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5783
X-Amz-Cf-Id
aA56Ycm1xgrvSidPIbR-lH5OpBOZc8SateiLHUrp3-GTOWW1pxbcrg==
valid-rss-rogers.png
www.allfordrugs.com/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/valid-rss-rogers.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache /
Resource Hash
1c0f7904848ddba4c9bc5db31dc84ab14a1120171961904edaed391fdfe4f372

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 04:56:29 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Link
<http://www.allfordrugs.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5, max=58
Expires
Wed, 11 Jan 1984 05:00:00 GMT
seotools.gif
www.scrubtheweb.com/graphics/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.scrubtheweb.com/graphics/seotools.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
14.1.22.220 Los Angeles, United States, ASN55778 (WEBWEB-HK International Trade Centre, HK),
Reverse DNS
Software
/
Resource Hash
7b623dcca358bb7b7c37c4e7e84d69c014fd1556efd7d8fe10c4f08a796d8227
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
private
Feature-Policy
unsized-media 'none'; geolocation 'none'; camera 'none'; vibrate 'self'; usermedia *; sync-xhr 'self'
Date
Sat, 21 May 2022 04:56:29 GMT
Content-Length
1311
X-Frame-Options
DENY
Content-Type
image/jpg
add.gif
buttons.googlesyndication.com/fusion/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://buttons.googlesyndication.com/fusion/add.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4ee009a24925f6617ea25066e34d260d1e5e22352183e261dd36961bb4dd35c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 12:00:00 GMT
Server
sffe
Report-To
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Type
image/gif
Cache-Control
private, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
2068
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="static-on-bigtable"
Expires
Sat, 21 May 2022 04:56:29 GMT
sub_modern11.gif
www.bloglines.com/images/
Redirect Chain
  • http://www.bloglines.com/images/sub_modern11.gif
  • https://www.bloglines.com/images/sub_modern11.gif
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bloglines.com/images/sub_modern11.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

Date
Sat, 21 May 2022 04:56:29 GMT
Via
1.1 varnish
Server
Varnish
X-Served-By
cache-hhn4071-HHN
X-Cache
HIT
Location
https://www.bloglines.com/images/sub_modern11.gif
Connection
close
Accept-Ranges
bytes
Content-Length
0
Retry-After
0
X-Cache-Hits
0
addToTheFreeDictionary.gif
img.tfd.com/hp/ 		651 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.tfd.com/hp/addToTheFreeDictionary.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
172.106.80.2 , United States, ASN40676 (AS40676, US),
Reverse DNS
ns3.farlex.com
Software
/
Resource Hash
ee4fcaba20da687e1cb933aabd8f7376c996a88d6ddf787f9c6fe947c71e5c33

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Tue, 14 Feb 2006 20:06:54 GMT
ETag
"90b48633a231c61:0"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=1296000
Accept-Ranges
bytes
Content-Length
651
i_heart_fb.gif
www.feedburner.com/fb/images/pub/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.feedburner.com/fb/images/pub/i_heart_fb.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf428aaa348d904fc5a772bd2bc2e1404d6b8e305c1924c8391e397ada7beafd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 10:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="pichu-static"
Age
0
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/pichu-static
Report-To
{"group":"pichu-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/pichu-static"}]}
Content-Type
image/gif
Cache-Control
public, max-age=0
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
1743
X-XSS-Protection
0
Expires
Sat, 21 May 2022 04:56:29 GMT
addtomyyahoo4.gif
us.i1.yimg.com/us.yimg.com/i/us/my/ 		765 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e68b2d2efd1b7f25593795d295dece45a1f403e8768ca22a945114ca940c18e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 20 May 2022 21:10:24 GMT
x-amz-meta-created-date
Wed, 14 Nov 2012 17:41:49 GMT
Age
27967
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1352914909579380
Connection
keep-alive
x-amz-request-id
N06N6J9KW5ER03N9
x-amz-id-2
JXjM6mCKV+8LwE4W1wX1Bf5Md5up5BgDCvcg+2qNW6Zrn24lldvKlD2HPXRRhFy/5/WvJkFMhvo=
Accept-Ranges
bytes
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 17 May 2018 13:30:46 GMT
Server
ATS
Etag
"9652eeb62b03f1fbf4d358ea0ce13107"
Vary
Origin
Content-Type
image/gif
Cache-Control
public,max-age=315360000
Content-Length
765
x-amz-meta-x-ysws-access
public
x-amz-meta-mbst-etag
"YM:1:a7bd8e41-25b9-44bf-917e-b7efec483bac0004ce780c98c874"
Expires
Sun, 14 May 2028 13:30:45 GMT
ngsub1.gif
www.newsgator.com/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.newsgator.com/images/ngsub1.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
34.102.136.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
180.136.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
add2netvibes.gif
www.netvibes.com/img/
Redirect Chain
  • http://www.netvibes.com/img/add2netvibes.gif
  • https://www.netvibes.com/img/add2netvibes.gif
832 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.netvibes.com/img/add2netvibes.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
193.189.143.34 Magny-les-Hameaux, France, ASN34948 (TYPHON-AS, FR),
Reverse DNS
www.netvibes.com
Software
/
Resource Hash
5bf4f0187f8b56b1ecd95eb89dc1cd74ce4c54c9abc47899b2eaa0370b5fff19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:29 GMT
x-slb
slb3
last-modified
Fri, 03 Apr 2015 14:18:16 GMT
x-frame-options
deny
content-type
image/gif
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
832
x-content-type-options
nosniff

Redirect headers

Location
https://www.netvibes.com/img/add2netvibes.gif
Date
Sat, 21 May 2022 04:56:29 GMT
X-slb
slb4
Connection
keep-alive
Content-Length
162
Content-Type
text/html
bittychicklet_91x17.gif
www.bitty.com/img/ 		603 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bitty.com/img/bittychicklet_91x17.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
63.135.106.45 , United States, ASN203 (CENTURYLINK-LEGACY-LVLT-203, US),
Reverse DNS
DomainID228526.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
247abbfcb40dddeeed9b3de2f865835d3b86d2ba47036d3c6daee4c9adfd09e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Sun, 15 Jan 2017 14:36:31 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"186669c33c6fd21:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
603
addtomix.gif
image.excite.co.uk/mix/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://image.excite.co.uk/mix/addtomix.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
143.204.214.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-127.fra53.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8743fc46ea229a2f578612a7d7dcd42d8aaabf6b865b784b598379ac663c98ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 20 May 2022 07:20:34 GMT
Via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
Last-Modified
Wed, 23 Aug 2017 05:08:11 GMT
Server
nginx/1.10.3 (Ubuntu)
Age
78767
ETag
"599d0dbb-457"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
Content-Length
1111
X-Amz-Cf-Id
BJfuFSUDmQtTOfyumhHrXFffLXzV4vRioWXhv05GbHnZkm9-50bTTQ==
fwicki.com
www.afternic.com/forsale/
Redirect Chain
  • http://www.fwicki.com/images/ui/fwicki_clicklet.png
  • https://www.afternic.com/forsale/www.fwicki.com?utm_source=TDFS_DASLNC&utm_medium=DASLNC&utm_campaign=TDFS_DASLNC&traffic_type=TDFS_DASLNC&traffic_id=daslnc&
  • https://www.afternic.com/forsale/fwicki.com?utm_source=TDFS_DASLNC&utm_medium=DASLNC&utm_campaign=TDFS_DASLNC&traffic_type=TDFS_DASLNC&traffic_id=daslnc&
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.afternic.com/forsale/fwicki.com?utm_source=TDFS_DASLNC&utm_medium=DASLNC&utm_campaign=TDFS_DASLNC&traffic_type=TDFS_DASLNC&traffic_id=daslnc&
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:2a0::364d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

Date
Sat, 21 May 2022 04:56:30 GMT
Server
envoy
x-powered-by
Express
Content-Type
text/plain; charset=utf-8
Location
/forsale/fwicki.com?utm_source=TDFS_DASLNC&utm_medium=DASLNC&utm_campaign=TDFS_DASLNC&traffic_type=TDFS_DASLNC&traffic_id=daslnc&
Connection
keep-alive
x-envoy-upstream-service-time
180
Server-Timing
edge; dur=1, origin; dur=196, cdn-cache; desc=MISS
Content-Length
151
wwgthis.gif
www.webwag.com/images/
Redirect Chain
  • http://www.webwag.com/images/wwgthis.gif
  • https://www.webwag.com/images/wwgthis.gif
0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.webwag.com/images/wwgthis.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
163.172.62.39 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-62-39.rev.poneytelecom.eu
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-runtime
0.002718
date
Sat, 21 May 2022 04:56:29 GMT
server
nginx/1.18.0
content-length
0
x-request-id
deba1b6c-042c-4324-ac43-676410189477
content-type
text/html; charset=UTF-8

Redirect headers

Location
https://www.webwag.com/images/wwgthis.gif
Date
Sat, 21 May 2022 04:56:29 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
169
Content-Type
text/html
podcastready_button.gif
www.podcastready.com/images/ 		0
0
100+top+blog.jpg
4.bp.blogspot.com/-I1OhFJgGqcQ/T8JdsXSsvPI/AAAAAAAACFs/IZ7BJ4qjLnM/s1600/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://4.bp.blogspot.com/-I1OhFJgGqcQ/T8JdsXSsvPI/AAAAAAAACFs/IZ7BJ4qjLnM/s1600/100+top+blog.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ea9d164a8d2dde0c347726050a4eae7f21f27603c416d9cf7308b8ed0b7aa7b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
X-Content-Type-Options
nosniff
Server
fife
Age
0
ETag
"v85b"
Vary
Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="100 top blog.jpg"
Timing-Allow-Origin
*
Content-Length
4608
X-XSS-Protection
0
Expires
Mon, 16 May 2022 13:45:17 GMT
stats.aspx
www.blogkeen.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.blogkeen.com/stats.aspx?id=676667&p=1&l=en
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
82.99.3.235 Stockholm, Sweden, ASN12552 (IPO-EU, SE),
Reverse DNS
uklon0001-rc2.ip-only.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
str4-3-300x162.jpg
drugapprovalsint.com/wp-content/uploads/2018/03/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drugapprovalsint.com/wp-content/uploads/2018/03/str4-3-300x162.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
166.62.28.131 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-131.ip.secureserver.net
Software
Apache /
Resource Hash
db59de0ff0476552e8705e665a603965064b4ca6db584ead41c74a81a98a1b41

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:30 GMT
Last-Modified
Mon, 26 Mar 2018 14:41:32 GMT
Server
Apache
ETag
"5780291-2910-56851c51bfd14"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
10512
str4-4-300x44.jpg
drugapprovalsint.com/wp-content/uploads/2018/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drugapprovalsint.com/wp-content/uploads/2018/03/str4-4-300x44.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
166.62.28.131 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-131.ip.secureserver.net
Software
Apache /
Resource Hash
bfe932268645eec8b65b8f8aaf73a5fde0ca2d4622ff8dd6d63470b18eabd6dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:30 GMT
Last-Modified
Mon, 26 Mar 2018 14:42:26 GMT
Server
Apache
ETag
"57802a0-12f3-56851c8602cfd"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
4851
str4-5.jpg
drugapprovalsint.com/wp-content/uploads/2018/03/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drugapprovalsint.com/wp-content/uploads/2018/03/str4-5.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
166.62.28.131 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-131.ip.secureserver.net
Software
Apache /
Resource Hash
74713aa7d11ae5368109cbc6b43b9fd5ea25456c1d3e202455b33ff121e550b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:30 GMT
Last-Modified
Mon, 26 Mar 2018 14:43:19 GMT
Server
Apache
ETag
"57802a4-fef-56851cb87a526"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
4079
logo.jpg
www.synthesiswithcatalysts.com/images/
Redirect Chain
  • http://www.synthesiswithcatalysts.com/images/logo.jpg
  • https://www.synthesiswithcatalysts.com/images/logo.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.synthesiswithcatalysts.com/images/logo.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

Date
Sat, 21 May 2022 04:56:30 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCevgvK8BC5FkPtSB%2FVeFkCrnwS1VJnrKgHzH2KPqYv%2Foqc%2FvD9TFm0wwd6bEqbVoFJhZU%2B93WncjdfTqVSe6z6t31GssB613mCWh9UgJjrZmtuyKHMusGJpASMJGZbLyUHtzh7AYRR3aMDD98ZrJfmsGVYHwRUBU407s5k%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.synthesiswithcatalysts.com/images/logo.jpg
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
70eab9d82bb0f923-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Sat, 21 May 2022 05:56:30 GMT
giphy.gif
media.giphy.com/media/Hg8sQkUKJcUqA/ 		397 KB
398 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.giphy.com/media/Hg8sQkUKJcUqA/giphy.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2598813e11fd5d3cd3762323d77e06db39692fc20e5280bf5f83a92fb6d10f02
Security Headers
Name Value
Strict-Transport-Security max-age=15465600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:30 GMT
via
1.1 varnish, 1.1 varnish
age
1541283
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
406733
x-served-by
cache-iad-kjyo7100165-IAD, cache-hhn4082-HHN
last-modified
Tue, 03 Dec 2019 05:34:40 GMT
x-timer
S1653108990.321453,VS0,VE2
etag
"3539087f0c34342c1a3ebc71985d0178"
strict-transport-security
max-age=15465600
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1, 1
giphy.gif
media.giphy.com/media/fM8tl2W42Je0g/ 		270 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.giphy.com/media/fM8tl2W42Je0g/giphy.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
35fe98b3576e0bd1f14fdf7728b0ef97e5c8d317ba31374a2bbc23e36cd59e64
Security Headers
Name Value
Strict-Transport-Security max-age=15465600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:30 GMT
via
1.1 varnish, 1.1 varnish
age
1526959
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
275976
x-served-by
cache-iad-kjyo7100081-IAD, cache-hhn4082-HHN
last-modified
Sat, 09 Nov 2019 13:35:36 GMT
x-timer
S1653108990.322077,VS0,VE2
etag
"e50ea813d61376125f441041c3e02281"
strict-transport-security
max-age=15465600
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1, 1
car1.jpg
drugapprovalsint.com/wp-content/uploads/2018/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://drugapprovalsint.com/wp-content/uploads/2018/11/car1.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
166.62.28.131 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-131.ip.secureserver.net
Software
Apache /
Resource Hash
094a8c123869af0b39a4e308ac7d86ae0414d155fff96862270220d87b50daf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:30 GMT
Last-Modified
Sun, 18 Nov 2018 11:22:59 GMT
Server
Apache
ETag
"57a4d02-278c-57aee9f7a101f"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
10124
carbanio-gif-1.gif
www.allfordrugs.com/wp-content/uploads/2018/11/ 		579 KB
579 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/uploads/2018/11/carbanio-gif-1.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
02610a5bcf071e4e042af5fa2f8db4bdeec5d34f7e0152726d3fc545ebf89b9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:30 GMT
Last-Modified
Mon, 19 Nov 2018 13:59:46 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/gif
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=60
Content-Length
592713
embed.js
www.albinoblacksheep.com/earth-moon/
Redirect Chain
  • http://www.albinoblacksheep.com/earth-moon/embed.js
  • https://www.albinoblacksheep.com/earth-moon/embed.js
556 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.albinoblacksheep.com/earth-moon/embed.js
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
209.124.74.201 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
209.124.74.201.static.a2webhosting.com
Software
Apache/2.4.53 (cPanel) OpenSSL/1.1.1o mod_bwlimited/1.4 Phusion_Passenger/6.0.12 /
Resource Hash
54f4950e05103a45239ce9e86586bbbf4972316d47bea0b6923f88ade2214d6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
server
Apache/2.4.53 (cPanel) OpenSSL/1.1.1o mod_bwlimited/1.4 Phusion_Passenger/6.0.12
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=1, must-revalidate
content-length
374
expires
Sat, 21 May 2022 04:56:29 GMT

Redirect headers

Date
Sat, 21 May 2022 04:56:28 GMT
Server
Apache/2.4.53 (cPanel) OpenSSL/1.1.1o mod_bwlimited/1.4 Phusion_Passenger/6.0.12
Content-Type
text/html; charset=iso-8859-1
Location
https://www.albinoblacksheep.com/earth-moon/embed.js
Cache-Control
max-age=14515200
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
260
Expires
Sat, 05 Nov 2022 04:56:28 GMT
rightlg.gif
www.allfordrugs.com/wp-content/plugins/follow-me/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/follow-me/images/rightlg.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
3f73ab3657809ce06f280b0fe9451c42b3fbdc81f16a114fdd8ffedf1ce56ae6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Wed, 12 Jun 2013 06:17:52 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/gif
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=67
Content-Length
6125
close.png
www.allfordrugs.com/wp-content/plugins/follow-me/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/follow-me/images/close.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
0f49ed4d5b9fc2a506d1cc60b5c23ed6b540613b4984865da84a6367a4370f5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Wed, 12 Jun 2013 06:17:52 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=66
Content-Length
2650
linkedin.png
www.allfordrugs.com/wp-content/plugins/follow-me/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/follow-me/images/linkedin.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
d74545379996bf8d93e03d1d082fa20792be16b0ced0f489bdf1e5d1dbde8e46

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Wed, 12 Jun 2013 06:17:52 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=61
Content-Length
1057
facebook.png
www.allfordrugs.com/wp-content/plugins/follow-me/images/ 		888 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/follow-me/images/facebook.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
32e6c249ab0ed89a4757599ae658aa8b375dd0b293def707512c1c304cdd1d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Wed, 12 Jun 2013 06:17:52 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=62
Content-Length
888
twitter.png
www.allfordrugs.com/wp-content/plugins/follow-me/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/follow-me/images/twitter.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
e36aba4e9f396af22a05341bb83e521bc236a21b8e855a555ac7b424b6db44df

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Wed, 12 Jun 2013 06:17:52 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=61
Content-Length
1089
googleplus.png
www.allfordrugs.com/wp-content/plugins/follow-me/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/follow-me/images/googleplus.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
fe68f9bfb04579c651b4d154a78aec364683142c8d9eb9de299ce0cc71a81154

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Last-Modified
Wed, 12 Jun 2013 06:17:52 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=66
Content-Length
1758
followme_grab.gif
www.allfordrugs.com/wp-content/plugins/follow-me/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/follow-me/images/followme_grab.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
0f52d7197439b4ceb7d95725ef42de723f310889cf0a333f9a3dea932f82679a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Wed, 12 Jun 2013 06:17:52 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/gif
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=67
Content-Length
1854
st_insights.js
w.sharethis.com/button/
Redirect Chain
  • http://w.sharethis.com/button/st_insights.js
  • https://w.sharethis.com/button/st_insights.js
26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.sharethis.com/button/st_insights.js
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
2600:9000:2057:8200:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
149bccf7e467541fc83e870e967ac322b26065e5d6797169c8a677a67db07e60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 21:41:52 GMT
content-encoding
gzip
vary
Accept-Encoding
age
26074
x-cache
Hit from cloudfront
content-length
7654
server
nginx/1.20.1
etag
W/"61e1c3a9-6746"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA6-C1
x-robots-tag
noindex, nofollow
x-amz-cf-id
zY1UPX4UNnhkQvxn_k7l3Q4y6WDVGE_PCIgvHdzYH884hvZOF3jRuw==
expires
Mon, 23 May 2022 21:41:52 GMT

Redirect headers

Date
Sat, 21 May 2022 04:56:26 GMT
Via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://w.sharethis.com/button/st_insights.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
A0X5i1HDFM3k8D-3IBcJTnb5ut8zQmX_s4Ic2ql_ruvQat-3bIzIIQ==
ssba.min.js
www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/js/ 		710 B
789 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.min.js?ver=4.4.27
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
18459fa2ac91289ed5536ad8a18f241c9464e89cfbd34babacae745cfd8473ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Aug 2016 05:18:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=70
Content-Length
396
element.js
translate.google.com/translate_a/
Redirect Chain
  • http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
  • https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ce4e8c1581321d5c1b97bde09eb85c0e43ef1651a9b30acc8e4298c037cbb60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 04:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 21 May 2022 04:56:26 GMT
X-Content-Type-Options
nosniff
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
application/binary
Location
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Length
0
X-XSS-Protection
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
addtoany.admin.js
www.allfordrugs.com/wp-content/plugins/add-to-any/ 		693 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-content/plugins/add-to-any/addtoany.admin.js?ver=0.1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
10bcd7baafe466806fb168368476dfa42b45ef3379fc5b09185ed048529f8951

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Aug 2016 08:11:47 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=68
Content-Length
369
core.min.js
www.allfordrugs.com/wp-includes/js/jquery/ui/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 May 2021 02:22:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=66
Content-Length
1893
widget.min.js
www.allfordrugs.com/wp-includes/js/jquery/ui/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
99ada7e01817367027759ac452a1dd11eca7557272b8940d659c07adb6bc8cbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 May 2021 02:22:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=67
Content-Length
2840
mouse.min.js
www.allfordrugs.com/wp-includes/js/jquery/ui/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
7e8d54d6c6a4ebd0237786d41ff5d205096eda696f2a5b591e074fe94ba3b3af

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 May 2021 02:22:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=71
Content-Length
1105
resizable.min.js
www.allfordrugs.com/wp-includes/js/jquery/ui/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-includes/js/jquery/ui/resizable.min.js?ver=1.11.4
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
364ba5268d11ed9fbd16763df098faf8a1c059e9681c2debddf15d0830360427

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 May 2021 02:22:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=65
Content-Length
6430
draggable.min.js
www.allfordrugs.com/wp-includes/js/jquery/ui/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-includes/js/jquery/ui/draggable.min.js?ver=1.11.4
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
24539433fce4b27fc6c4a4c471eb078a394d562681dc15f3b7f1fc1550ab41f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 May 2021 02:22:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=66
Content-Length
6133
button.min.js
www.allfordrugs.com/wp-includes/js/jquery/ui/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-includes/js/jquery/ui/button.min.js?ver=1.11.4
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
409c16852a61e50980a17fed11c6434aa362731291b49f9923f5a9bbc8c030b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 May 2021 02:22:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=70
Content-Length
2409
position.min.js
www.allfordrugs.com/wp-includes/js/jquery/ui/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
dd5bb66bac9f2d27689f537a7beaf5630134204e7327c42c066f0b64717fb3d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 May 2021 02:22:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=64
Content-Length
2578
dialog.min.js
www.allfordrugs.com/wp-includes/js/jquery/ui/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-includes/js/jquery/ui/dialog.min.js?ver=1.11.4
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
f2b947fc04b88f3c4f6085b03f16e2aa1b8b0bb29590047d5118733d6f3f716f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 May 2021 02:22:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=69
Content-Length
4466
wp-embed.min.js
www.allfordrugs.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.allfordrugs.com/wp-includes/js/wp-embed.min.js?ver=4.4.27
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
4114f99c5992bab27f43ae5e3c7c196ce63fac0b4b43915af913c1a30ca1f3da

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 May 2021 02:22:54 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=65
Content-Length
745
all.js
connect.facebook.net/en_US/ 		289 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=ce6a083ebfeeddad7296df5062b3e361
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js?ver=4.4.27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5c28f9a241f1ca8a29c124a6f32f15b69932776558c5d252b16efc1fe2d6384f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.allfordrugs.com/
Origin
http://www.allfordrugs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Lbz52D8KWGny3kBawVrJ8g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sun, 21 May 2023 04:36:34 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
83763
x-fb-rlafr
0
x-fb-debug
7KN9D+29Fe41bJZtx4bJC4BHMlnVCt0jTbCsX4Q8gWzxouJ/f5kRxwa0HlTLEq76WGabIlVxGhwHh6Seup1LGQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
39b2b36bfb603c001a168ded62496cb0
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 21 May 2022 04:56:26 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"f5c42db5be5a1c9f44dd3699549caa1c"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js?ver=4.4.27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a667c3feb68929a9fa9a024d1631d6f97d3629bfa86a076efb5268ad11f5bc1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 14:39:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52038
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 15:20:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 May 2023 14:39:48 GMT
sdk.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H3
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a97cf38ed8eb9722346f2ecad5ea0b4c49a92af13d1c48a677f1d942ce58396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ecVhR7XYtcUOkRLjyYWURg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sat, 21 May 2022 05:09:53 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
d+0aW6lJU3cr4Esy32qwlXj6vbrObggMt1ZizueFl9jWa8V8/IVdlZjktq3GbMCyL9ccrn1pVWU88EGf7sBBBg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
ee1a4fe491de8b053e5daf7bc58618bf
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 21 May 2022 04:56:30 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"0aa040784924013e835a6b133f85769e"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5

Redirect headers

Location
https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.6
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2242
date
Sat, 21 May 2022 04:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 21 May 2022 06:19:08 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
images-2.jpg
www.allfordrugs.com/wp-content/uploads/2015/06/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/uploads/2015/06/images-2.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
11706bbfd5799d586af17e712c0db39d778df5da5ae59098e6a38a9e3a5b987b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Sat, 27 Jun 2015 14:32:00 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/jpeg
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=72
Content-Length
2278
search-button-rblue.png
www.allfordrugs.com/wp-content/themes/suffusion/images/ 		725 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/images/search-button-rblue.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/wp-content/themes/suffusion/skins/light-theme-royal-blue/skin.css?ver=4.4.9
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
54cbac76c6e6c2bc96c9a53a3bf49807f1dab72fea5ed537ba61f346e5c257c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/wp-content/themes/suffusion/skins/light-theme-royal-blue/skin.css?ver=4.4.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Wed, 10 Feb 2016 02:12:29 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=72
Content-Length
725
iconset-0.png
www.allfordrugs.com/wp-content/themes/suffusion/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/images/iconset-0.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/wp-content/uploads/suffusion/custom-styles.css?ver=4.4.9
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
ea6ba1709b3ac79adec10192dfba4849d041ddfa41e6fef7ff3046a632d29c17

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/wp-content/uploads/suffusion/custom-styles.css?ver=4.4.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Wed, 10 Feb 2016 02:12:29 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=74
Content-Length
24838
caldark.png
www.allfordrugs.com/wp-content/themes/suffusion/images/ 		364 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/images/caldark.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/wp-content/themes/suffusion/skins/light-theme-royal-blue/skin.css?ver=4.4.9
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
fcf76db6698396261f69621e34287f15c1b1c643de02d01faff7cf9933e14594

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/wp-content/themes/suffusion/skins/light-theme-royal-blue/skin.css?ver=4.4.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Wed, 10 Feb 2016 02:12:29 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=72
Content-Length
364
m8JVjfNVeKWVnh3QMuKkFcZVaUuH.woff2
fonts.gstatic.com/s/indieflower/v17/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/indieflower/v17/m8JVjfNVeKWVnh3QMuKkFcZVaUuH.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Indie+Flower&ver=4.4.27
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb57752edc96294323252e8d84fa25f975943b2ef3e87b2c984b15ca935d7657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://www.allfordrugs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 17 May 2022 19:20:20 GMT
X-Content-Type-Options
nosniff
Age
293766
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
19508
X-XSS-Protection
0
Last-Modified
Tue, 26 Apr 2022 15:27:17 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Wed, 17 May 2023 19:20:20 GMT
embed
onedrive.live.com/ Frame A8D4 		61 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21698&authkey=AEyGmKgcCfylBYQ&em=2
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d505627ba4f764e1a6835d08d60a8e01368904b7dbea94a18c07195b790e227d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.allfordrugs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 21 May 2022 04:56:27 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-msedge-ref
Ref A: 53A023047BD14FD9ABD9A2AF1DDAA2CD Ref B: FRAEDGE1310 Ref C: 2022-05-21T04:56:27Z
x-msnserver
RD00155D99B630
x-odwebserver
eastus0-odwebpl
page.js
static.addtoany.com/menu/
Redirect Chain
  • http://static.addtoany.com/menu/page.js
  • https://static.addtoany.com/menu/page.js
72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:30 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
73876
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 01 Dec 2021 08:23:25 GMT
server
cloudflare
etag
W/"11ee2-5d2116348919c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=172800
cf-ray
70eab9d66e3a020d-ZRH
cf-bgj
minify

Redirect headers

Location
https://static.addtoany.com/menu/page.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
NTOtI7HfE9I
www.youtube.com/embed/ Frame C897 		62 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/NTOtI7HfE9I
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa79c6668d348fca2670dd8991f48e951c1cd8ba9c2818b99305c4214f135909
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.allfordrugs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Sat, 21 May 2022 04:56:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
embed
onedrive.live.com/ Frame AD96 		61 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21696&authkey=AAiBHyhY5FXhPpo&em=2
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
08f32d897f4232313e3c537771d1b79a1411826528db86f36efbc89286810160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.allfordrugs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 21 May 2022 04:56:27 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-msedge-ref
Ref A: 0538514377804A11BDB7634083373706 Ref B: FRAEDGE1310 Ref C: 2022-05-21T04:56:27Z
x-msnserver
RD00155D999B0A
x-odwebserver
eastus0-odwebpl
embed
onedrive.live.com/ Frame 6F84 		61 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21695&authkey=AFGZEzonZ2jUUMA&em=2
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
438a553fe27817e6b4f1be1ac0c67c76ba5105ab5f6bddf200b67714fd42b793
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.allfordrugs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 21 May 2022 04:56:27 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-msedge-ref
Ref A: 4FE47395BF04434DB5A731D99750AC96 Ref B: FRAEDGE1310 Ref C: 2022-05-21T04:56:27Z
x-msnserver
RD00155D99B84A
x-odwebserver
eastus0-odwebpl
blockquote-l.png
www.allfordrugs.com/wp-content/themes/suffusion/images/ 		504 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/images/blockquote-l.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/wp-content/themes/suffusion/style.css?ver=4.4.9
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
e718f0ca397af61af80bde5241e0dbeb9ede2723a01ed545c145ae57d053ad7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/wp-content/themes/suffusion/style.css?ver=4.4.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:30 GMT
Last-Modified
Wed, 10 Feb 2016 02:12:29 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=59
Content-Length
504
www-player.css
www.youtube.com/s/player/ec0ced91/ Frame C897 		336 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ec0ced91/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NTOtI7HfE9I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2efd56968cfd13844fa86fb967ca2cd504fdcb8ac384157875c105b3956c3811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NTOtI7HfE9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 21:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
111853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47270
x-xss-protection
0
last-modified
Thu, 19 May 2022 18:04:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 19 May 2023 21:52:14 GMT
www-embed-player.js
www.youtube.com/s/player/ec0ced91/www-embed-player.vflset/ Frame C897 		281 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ec0ced91/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NTOtI7HfE9I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f48e8278dbd5f830c3e36b053e5d330d93dbf9a81ffb61b4351305628dbd8e73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NTOtI7HfE9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 21:53:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
111790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88442
x-xss-protection
0
last-modified
Thu, 19 May 2022 18:04:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 19 May 2023 21:53:17 GMT
base.js
www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/ Frame C897 		2 MB
529 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NTOtI7HfE9I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92c898ba6b094f9ea8967a9c6d1675c6d4b3de9128a65f2ba04390f20ec20be9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NTOtI7HfE9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 21:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
111853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
541747
x-xss-protection
0
last-modified
Thu, 19 May 2022 18:04:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 19 May 2023 21:52:14 GMT
fetch-polyfill.js
www.youtube.com/s/player/ec0ced91/fetch-polyfill.vflset/ Frame C897 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ec0ced91/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NTOtI7HfE9I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NTOtI7HfE9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 21:53:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
111790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 19 May 2022 18:04:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 19 May 2023 21:53:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C897 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NTOtI7HfE9I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 17:06:41 GMT
x-content-type-options
nosniff
age
301786
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 17 May 2023 17:06:41 GMT
menu-dark.jpg
www.allfordrugs.com/wp-content/themes/suffusion/images/ 		683 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/images/menu-dark.jpg
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/wp-content/themes/suffusion/skins/light-theme-royal-blue/skin.css?ver=4.4.9
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
bc7ed73db73021c0a0c2678dea8335423e6ad232786be00a15d70257f0227a51

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/wp-content/themes/suffusion/skins/light-theme-royal-blue/skin.css?ver=4.4.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Last-Modified
Wed, 10 Feb 2016 02:12:30 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/jpeg
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=67
Content-Length
683
bulletrbl.png
www.allfordrugs.com/wp-content/themes/suffusion/images/icons/ 		317 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/images/icons/bulletrbl.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/wp-content/themes/suffusion/skins/light-theme-royal-blue/skin.css?ver=4.4.9
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
8352cba388675a2ea6bb36213ad0753380bc4a80a1c1c38fece48fe6095702b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/wp-content/themes/suffusion/skins/light-theme-royal-blue/skin.css?ver=4.4.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:30 GMT
Last-Modified
Wed, 10 Feb 2016 02:12:30 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=64
Content-Length
317
counter.js
www.statcounter.com/counter/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.statcounter.com/counter/counter.js
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0bd9bfaf4def6656a9233d93df518c01be681326e72cd9e00aa73fd29702b83

Request headers

Referer
http://www.allfordrugs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 21 May 2022 04:56:27 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 14 Mar 2022 09:58:11 GMT
Server
cloudflare
Age
23474
ETag
W/"622f11b3-a7ae"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
70eab9c22dec5b50-FRA
Expires
Sat, 21 May 2022 10:25:13 GMT
t.php
c.statcounter.com/ 		344 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=8961413&u1=47DD393B7F6E4F7F630BF2B191C78B19&java=1&security=88e67e80&sc_snum=1&sess=5e022a&sc_rum_e_s=2603&sc_rum_e_e=2613&sc_rum_f_s=0&sc_rum_f_e=2600&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//www.allfordrugs.com/&t=All%20About%20Drugs%20%E2%80%93%20Tout%20sur%20les%20m%C3%A9dicaments%20%D7%94%D7%9B%D7%9C%20%D7%A2%D7%9C%20%D7%AA%D7%A8%D7%95%D7%A4%D7%95%D7%AA%20%D9%83%D9%84%20%D8%B4%D9%8A%D8%A6%20%D8%B9%D9%86%20%D8%A7%D9%84%D8%A3%D8%AF%D9%88%D9%8A%D8%A9%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B0%D1%80%D0%BA%D0%BE%D1%82%D0%B8%D0%BA%D0%B0%D1%85%20%E5%85%B3%E4%BA%8E%E8%8D%AF%E5%93%81%E7%9A%84%E4%B8%80%E5%88%87%20%E0%B0%A1%E0%B1%8D%E0%B0%B0%E0%B0%97%E0%B1%8D%E0%B0%B8%E0%B1%8D%20%E0%B0%97%E0%B1%81%E0%B0%B0%E0%B0%BF%E0%B0%82%E0%B0%9A%E0%B0%BF%20%E0%B0%85%E0%B0%A8%E0%B1%8D%E0%B0%A8%E0%B0%BF%20%EB%A7%88%EC%95%BD%EC%97%90%20%EA%B4%80%ED%95%9C%20%EB%AA%A8%EB%93%A0%20%EA%B2%83%20%CE%8C%CE%BB%CE%B1%20%CE%B3%CE%B9%CE%B1%20%CF%84%CE%B1%20%CE%9D%CE%B1%CF%81%CE%BA%CF%89%CF%84%CE%B9%CE%BA%CE%AC%20Complete%20Tracking%20of%20Drugs%20Across%20the%20World%20by%20Dr%20Anthony%20Melvin%20Crasto%2C%20Worldpeacepeaker%2C%20worlddrugtracker%2C%20PH.D%20(ICT)%2C%20MUMBAI%2C%20INDIA%2C%20Worlddrug&get_config=true
Requested by
Host: www.statcounter.com
URL: http://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c722b5e8d6cd39963883ebfec2d5bfa592463b27b49c3abb42845348d2144139

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
70eab9c28d6b5b44-FRA
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
http://www.allfordrugs.com
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
button
www.scoop.it/ Frame E929 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.scoop.it/button?url=http%3A%2F%2Fwww.allfordrugs.com%2F&position=horizontal
Requested by
Host: www.scoop.it
URL: http://www.scoop.it/button/scit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.94.140.20 , France, ASN35280 (ACORUS, FR),
Reverse DNS
185-94-140-20.acorus.net
Software
volt-adc /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://www.allfordrugs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
content-encoding
gzip
content-language
en
content-type
text/html;charset=UTF-8
date
Sat, 21 May 2022 04:56:26 GMT
pragma
no-cache
server
volt-adc
vary
Accept-Encoding
x-envoy-upstream-service-time
32
x-frame-options
SAMEORIGIN
x-volterra-location
fr4-fra
id
googleads.g.doubleclick.net/pagead/ Frame C897
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NTOtI7HfE9I
Protocol
H3
Server
2a00:1450:400f:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e16e8435f79251870393eb3468ae26b274b0c1cf7bb6f69821a8388131f40bd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 21 May 2022 04:56:27 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame C897 		29 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:55:21 GMT
x-content-type-options
nosniff
age
66
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 May 2022 05:10:21 GMT
folderbl16.png
www.allfordrugs.com/wp-content/themes/suffusion/images/icons/ 		765 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/themes/suffusion/images/icons/folderbl16.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/wp-content/themes/suffusion/skins/light-theme-royal-blue/skin.css?ver=4.4.9
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
04d3b49116b035e5a61e33d707f714504ac76627aeaa132f4c5717431aef74d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/wp-content/themes/suffusion/skins/light-theme-royal-blue/skin.css?ver=4.4.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:30 GMT
Last-Modified
Wed, 10 Feb 2016 02:12:30 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=58
Content-Length
765
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sat, 21 May 2022 04:56:27 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C897 		45 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f33374f59d95b33d3bef76526357c6398c7a24c93485b7e39933396333f648c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 21 May 2022 04:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
22193
x-xss-protection
0
remote.js
www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/ Frame C897 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8691755a8ed913625d56f33a4ec9abf91166dacdb6d9607d7055c86a7064fad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NTOtI7HfE9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 21:52:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
111853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37805
x-xss-protection
0
last-modified
Thu, 19 May 2022 18:04:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 19 May 2023 21:52:14 GMT
J-JqwDdrHMrAGx52GI7A_c8zl3LVl5ImfaYMzf75s1I.js
www.google.com/js/th/ Frame C897 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/J-JqwDdrHMrAGx52GI7A_c8zl3LVl5ImfaYMzf75s1I.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27e26ac0376b1ccac01b1e76188ec0fdcf339772d59792267da60ccdfef9b352
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:43:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
72751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13655
x-xss-protection
0
last-modified
Mon, 02 May 2022 14:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 May 2023 08:43:56 GMT
embed.js
www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/ Frame C897 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6ba0c56919d76219628f59713b483e2c592573741375510f7196ae6e55fa8f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NTOtI7HfE9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 21:56:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
111607
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8029
x-xss-protection
0
last-modified
Thu, 19 May 2022 18:04:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 19 May 2023 21:56:20 GMT
truncated
/ Frame C897 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
QICb_EGnGXX_WyZZJBfKZP9Pbru3WIq3hWEs1ICw5iCC3A5SUZBTpBfVcnojFrJMkK3R171B=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C897 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/QICb_EGnGXX_WyZZJBfKZP9Pbru3WIq3hWEs1ICw5iCC3A5SUZBTpBfVcnojFrJMkK3R171B=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NTOtI7HfE9I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d2f81b4a08b126c8368d3d4589c7545d5645a4d213ea936426a7b8ec767fffc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:27 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="channels4_profile.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2843
x-xss-protection
0
expires
Sun, 22 May 2022 04:56:27 GMT
sddefault.webp
i.ytimg.com/vi_webp/NTOtI7HfE9I/ Frame C897 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/NTOtI7HfE9I/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NTOtI7HfE9I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d93112f2c055e6843cb1e48264220c6583cc16f7fe21b50c10273f6a6217714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:27 GMT
x-content-type-options
nosniff
server
sffe
etag
"1644143631"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22042
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 21 May 2022 06:56:27 GMT
truncated
/ 		168 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcf8dedca2e77614334d1eb5de6245023a71f4f05d731a5353037bce9d863438

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/gif
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame C897 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 21 May 2022 04:56:27 GMT
generate_204
www.youtube.com/ Frame C897 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?i9hIEw
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NTOtI7HfE9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame A8D4 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21698&authkey=AEyGmKgcCfylBYQ&em=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:27 GMT
content-encoding
gzip
content-md5
EesZadmsnx78d9ZWIKfswQ==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
15784
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E53BE6E430
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
1dd59f25-f01e-0086-3575-264900000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=18862780
x-ms-version
2009-09-19
timing-allow-origin
*
filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame A8D4 		169 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21698&authkey=AEyGmKgcCfylBYQ&em=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:27 GMT
content-encoding
gzip
content-md5
owOkAskXvYo3Ps40fhU7TQ==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
30548
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E53C3A1C6F
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
b177653d-301e-00d4-6e75-2654f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=15103006
x-ms-version
2009-09-19
timing-allow-origin
*
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C897 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0698983232c68b8bb3b85c6414a00838aa1cbe28b021de922c44aae6ad919a47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 21 May 2022 04:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sat, 21 May 2022 04:56:27 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:30 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=51401
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Sat, 21 May 2022 04:56:27 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
wordviewerframe.aspx
word-view.officeapps.live.com/wv/ Frame 3509 		125 KB
127 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21698&authkey=AEyGmKgcCfylBYQ&em=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b780b3ccf6f2b1d78863566328639d152e4d3316c95d3fa92bebb77f286f0283
Security Headers
Name Value
Content-Security-Policy font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-security-policy
font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type
text/html; charset=utf-8
date
Sat, 21 May 2022 04:56:27 GMT
document-policy
js-profiling
expires
-1
origin-trial
Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
b1173efe-0ac8-451f-ad1a-59285f4f3584
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref
Ref A: CB722C14ED5041F68F890AFBF5B20A4B Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:27Z
x-officecluster
PIE1
x-officefd
DB5PEPF0000F301
x-officefe
DB5PEPF0000F301
x-officeversion
16.0.15317.41002
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
form-settings
mc.us14.list-manage.com/subscribe/
Redirect Chain
  • http://mc.us14.list-manage.com/subscribe/form-settings?u=dc68c77b5ddfb530cb6930297&id=6ba142263f&u=dc68c77b5ddfb530cb6930297&id=6ba142263f&c=dojo_request_script_callbacks.dojo_request_script0
  • https://mc.us14.list-manage.com/subscribe/form-settings?u=dc68c77b5ddfb530cb6930297&id=6ba142263f&u=dc68c77b5ddfb530cb6930297&id=6ba142263f&c=dojo_request_script_callbacks.dojo_request_script0
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.us14.list-manage.com/subscribe/form-settings?u=dc68c77b5ddfb530cb6930297&id=6ba142263f&u=dc68c77b5ddfb530cb6930297&id=6ba142263f&c=dojo_request_script_callbacks.dojo_request_script0
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
104.117.200.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

Location
https://mc.us14.list-manage.com/subscribe/form-settings?u=dc68c77b5ddfb530cb6930297&id=6ba142263f&u=dc68c77b5ddfb530cb6930297&id=6ba142263f&c=dojo_request_script_callbacks.dojo_request_script0
Date
Sat, 21 May 2022 04:56:30 GMT
Cache-Control
max-age=0
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
Expires
Sat, 21 May 2022 04:56:30 GMT
jquery-1.7.2-39eeb07e.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame A8D4 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21698&authkey=AEyGmKgcCfylBYQ&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
content-md5
Oe6wfmgC4rV/XhCprZvKJA==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
33335
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E53DB4CCFD
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b1776575-301e-00d4-1575-2654f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=26148470
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
embed_s_embed-212fe29f.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame A8D4 		483 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21698&authkey=AEyGmKgcCfylBYQ&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
content-md5
IS/in/g30QB+g7MVI79lXQ==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
135707
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E533D8DD7F
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1dd59f8f-f01e-0086-0c75-264900000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=26251279
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
pulse.js
pulse.w3counter.com/ 		0
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pulse.w3counter.com/pulse.js?id=73105
Requested by
Host: www.w3counter.com
URL: http://www.w3counter.com/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:65d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfORNHgfpOljCvsEa2sz%2FJWm%2FEqEIWgn45S3PC9o2QCKxHrk8tQe%2B7AHDYM3tTUFK1Sy630JWO%2BOoM%2FhHJy8KBO8aJloWY3M4UE992w7UJahhHTRzOrdM8hxEzykpQSRBK8yg6KfGs50H3fUFhTK1ZY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
70eab9d86df483a3-MXP
tracker.php
www.w3counter.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.w3counter.com/tracker.php?id=73105&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&webpageName=All%20About%20Drugs%20%E2%80%93%20Tout%20sur%20les%20m%C3%A9dicaments%20%D7%94%D7%9B%D7%9C%20%D7%A2%D7%9C%20%D7%AA%D7%A8%D7%95%D7%A4%D7%95%D7%AA%20%D9%83%D9%84%20%D8%B4%D9%8A%D8%A6%20%D8%B9%D9%86%20%D8%A7%D9%84%D8%A3%D8%AF%D9%88%D9%8A%D8%A9%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B0%D1%80%D0%BA%D0%BE%D1%82%D0%B8%D0%BA%D0%B0%D1%85%20%E5%85%B3%E4%BA%8E%E8%8D%AF%E5%93%81%E7%9A%84%E4%B8%80%E5%88%87%20%E0%B0%A1%E0%B1%8D%E0%B0%B0%E0%B0%97%E0%B1%8D%E0%B0%B8%E0%B1%8D%20%E0%B0%97%E0%B1%81%E0%B0%B0%E0%B0%BF%E0%B0%82%E0%B0%9A%E0%B0%BF%20%E0%B0%85%E0%B0%A8%E0%B1%8D%E0%B0%A8%E0%B0%BF%20%EB%A7%88%EC%95%BD%EC%97%90%20%EA%B4%80%ED%95%9C%20%EB%AA%A8%EB%93%A0%20%EA%B2%83%20%CE%8C%CE%BB%CE%B1%20%CE%B3%CE%B9%CE%B1%20%CF%84%CE%B1%20%CE%9D%CE%B1%CF%81%CE%BA%CF%89%CF%84%CE%B9%CE%BA%CE%AC%20Complete%20Tracking%20of%20Drugs%20Across%20the%20World%20by%20Dr%20Anthony%20Melvin%20Crasto%2C%20Worldpeacepeaker%2C%20worlddrugtracker%2C%20PH.D%20(ICT)%2C%20MUMBAI%2C%20INDIA%2C%20Worlddrugtracker%2C%20Helping%20millions%2C%209%20million%20hits%20on%20google%20on%20all%20websites%2C%202.5%20lakh%20connections%20on%20all%20networks%2C%20%E2%80%9CALL%20FOR%20DRUGS%E2%80%9D%20CATERS%20TO%20EDUCATION%20GLOBALLY%2C%20No%20commercial%20exploits%20are%20done%20or%20advertisements%20added%20by%20me.%20This%20is%20a%20compilation%20for%20educational%20purposes%20only.%20P.S.%20%3A%20The%20views%20expressed%20are%20my%20personal%20and%20in%20no-way%20suggest%20the%20views%20of%20the%20professional%20body%20or%20the%20company%20that%20I%20represent&ref=&url=http%3A%2F%2Fwww.allfordrugs.com%2F&width=1600&height=1200&rand=478&lt=3240
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:65d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.15
Resource Hash
3ba3cb2761b1a2c5a8c2e22f09df82ca2a897dc7eaff8fd0608fa4f1fe43989e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 04:56:30 GMT
cf-cache-status
DYNAMIC
last-modified
Sat, 21 May 2022 04:56:30 GMT
server
cloudflare
x-powered-by
PHP/7.3.15
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYsDh2gPN3SvRimvewxuf6KhCHA8Ivh0vEuMJwx5WvkDYUDHdEbhxNzIPgCFsc%2F1LLaSU4RU1eYK%2F2D8q%2FuA6cXZmxEvhkXmEAw6g%2BjOxqS9btWJXxUrP%2BWgOBobEGGUN4%2FVywJRngqJt4%2FfwCwf"}],"group":"cf-nel","max_age":604800}
p3p
CP="NOI DSP COR NID ADMa SAMa BUS COM STA"
content-type
image/png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
70eab9d88fbe0e16-MXP
expires
Mon, 26 Jul 1997 05:00:00 GMT
embed.js
files.bannersnack.com/iframe/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://files.bannersnack.com/iframe/embed.js
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
52.217.80.68 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 6F84 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21695&authkey=AFGZEzonZ2jUUMA&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
content-md5
EesZadmsnx78d9ZWIKfswQ==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
15784
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E53BE6E430
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
1dd59f25-f01e-0086-3575-264900000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=18862779
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 6F84 		169 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21695&authkey=AFGZEzonZ2jUUMA&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
content-md5
owOkAskXvYo3Ps40fhU7TQ==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
30548
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E53C3A1C6F
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
b177653d-301e-00d4-6e75-2654f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=15103005
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/ Frame 3509 		277 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/WordViewer.css
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2c4e7fa0c4a763e47a8a92be9ee72520adc7baa8caca0c5756e1a2542096e06d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
"b02159f21060d81:0"
x-officecluster
PNL1
x-officeversion
16.0.15229.41003
x-officefe
AM4PEPF000131F5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length
34097
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified
Wed, 04 May 2022 23:44:50 GMT
x-officefd
AM4PEPF000131F5
x-msedge-ref
Ref A: C0291C5432D1463082FD2EAAEF5E49C9 Ref B: VIEEDGE3414 Ref C: 2022-05-09T09:19:35Z
x-usersessionid
bba08fb5-1c1e-4262-bf32-5158a09bdfc4
date
Sat, 21 May 2022 04:56:28 GMT
content-type
text/css
access-control-allow-origin
*
x-correlationid
bba08fb5-1c1e-4262-bf32-5158a09bdfc4
accept-ranges
bytes
timing-allow-origin
*
MicrosoftAjaxDS.js
c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/ Frame 3509 		106 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
793e4ef4951e7e51858eb21509bad1c5612ac636255129a4d9e5d5b3eebc85b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
"d2b7625cd664d81:0"
x-officecluster
PNL1
x-officeversion
16.0.15304.41015
x-officefe
AM4PEPF000131E5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
23675
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 11 May 2022 01:28:04 GMT
x-officefd
AM4PEPF000131E5
x-msedge-ref
Ref A: 25A120C8C6864BE2933890C0667C4C57 Ref B: VIEEDGE3705 Ref C: 2022-05-14T04:46:12Z
x-usersessionid
0bab3361-deaa-469e-ad69-14f392b63893
date
Sat, 21 May 2022 04:56:28 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
0bab3361-deaa-469e-ad69-14f392b63893
accept-ranges
bytes
timing-allow-origin
*
CommonIntl.js
c1h-word-view-15.cdn.office.net/wv/s/hBC024565F5406F5A_App_Scripts/1031/ Frame 3509 		152 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/hBC024565F5406F5A_App_Scripts/1031/CommonIntl.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
49c031b42bbd5f4d0ea786c19badce9083340741b4080f2e54394879b6e3652e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"271bd67be46ad81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF0000F305
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
32291
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:24:17 GMT
x-officefd
DB5PEPF0000F305
x-msedge-ref
Ref A: CD94F165B4664B3CA0DD8FF339BAF50C Ref B: VIEEDGE1519 Ref C: 2022-05-18T18:24:16Z
x-usersessionid
0d663424-098b-45d4-99eb-9de830d3eaf6
date
Sat, 21 May 2022 04:56:28 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
0d663424-098b-45d4-99eb-9de830d3eaf6
accept-ranges
bytes
timing-allow-origin
*
Compat.js
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame 3509 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
"f96b2744cb64d81:0"
x-officecluster
PNL1
x-officeversion
16.0.15304.41015
x-officefe
AM4PEPF00010AB8
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
1373
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified
Wed, 11 May 2022 00:08:39 GMT
x-officefd
AM4PEPF000068C0
x-msedge-ref
Ref A: 9AB18C7BA4D5415389824AC8619E5142 Ref B: VIEEDGE3422 Ref C: 2022-05-12T07:24:40Z
x-usersessionid
aa2e584b-050f-4eb7-9d11-796e91a78a76
date
Sat, 21 May 2022 04:56:28 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
aa2e584b-050f-4eb7-9d11-796e91a78a76
accept-ranges
bytes
timing-allow-origin
*
WordViewerIntl.js
c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/ Frame 3509 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/WordViewerIntl.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
"31851b3acb64d81:0"
x-officecluster
PNL1
x-officeversion
16.0.15304.41015
x-officefe
AM4PEPF000069FA
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
4307
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 11 May 2022 00:08:22 GMT
x-officefd
AM4PEPF000069FA
x-msedge-ref
Ref A: 511F028C46E5497DADAD2C122A4F33DF Ref B: VIEEDGE3419 Ref C: 2022-05-15T21:53:50Z
x-usersessionid
1a42f080-7306-4357-a185-ec76e4910f2f
date
Sat, 21 May 2022 04:56:28 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
1a42f080-7306-4357-a185-ec76e4910f2f
accept-ranges
bytes
timing-allow-origin
*
word-app-intl.min.js
c1h-word-view-15.cdn.office.net/wv/s/h6893F6D2177AB1D5_App_Scripts/1031/ Frame 3509 		470 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h6893F6D2177AB1D5_App_Scripts/1031/word-app-intl.min.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6893f6d2177ab1d56333a6d41e89611747efe7231276b7dbdf9250a5962a3dce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"48d6da7be46ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF000131EF
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
74407
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:24:17 GMT
x-officefd
AM4PEPF000131EF
x-msedge-ref
Ref A: 750CADF039944042AD36769D44602EE8 Ref B: VIEEDGE3608 Ref C: 2022-05-18T18:24:16Z
x-usersessionid
8339461f-4da2-42b8-bac2-08f4eec9e51c
date
Sat, 21 May 2022 04:56:28 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
8339461f-4da2-42b8-bac2-08f4eec9e51c
accept-ranges
bytes
timing-allow-origin
*
appResourceLoader.min.js
c1h-word-view-15.cdn.office.net/wv/s/hE156DB1570C13C42_App_Scripts/exp/ Frame 3509 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/hE156DB1570C13C42_App_Scripts/exp/appResourceLoader.min.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e156db1570c13c426d727df0b700884fac3ea70307c6ad350e47b8a266719393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"5f877cc8e36ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF00010AB5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
2858
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:16 GMT
x-officefd
AM4PEPF00010AB5
x-msedge-ref
Ref A: 6C6959184A5849048829EFDF48DB0A2B Ref B: VIEEDGE3422 Ref C: 2022-05-18T18:19:16Z
x-usersessionid
56d0c5cc-b42e-4a20-a92a-1730d42f1bc8
date
Sat, 21 May 2022 04:56:28 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
56d0c5cc-b42e-4a20-a92a-1730d42f1bc8
accept-ranges
bytes
timing-allow-origin
*
WordViewerDS.js
c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/ Frame 3509 		3 MB
462 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
90869a05d5cb6f6864f79c1bdb28c83bd93cb0c3bd5d7a426a3f584af40b67e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"5ca07fc8e36ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF00012933
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
471073
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:16 GMT
x-officefd
AM4PEPF00012933
x-msedge-ref
Ref A: 2EC7E2BD41B44726A49C6D4B67AD3FF3 Ref B: VIEEDGE2912 Ref C: 2022-05-18T18:19:16Z
x-usersessionid
556096e8-7b4f-4fbd-a443-702d830a1b97
date
Sat, 21 May 2022 04:56:28 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
556096e8-7b4f-4fbd-a443-702d830a1b97
accept-ranges
bytes
timing-allow-origin
*
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp%5FuR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu%2DZq2v%2DHp2XoNRl4xcrDiGeR1OTI%2DQQ&access_token_ttl=1654923387570&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ&v=00000000-0000-0000-0000-000000000802&usid=b1173efe-0ac8-451f-ad1a-59285f4f3584&splashscreen=1&build=16.0.15317.41002&PdfMode=1&waccluster=PIE1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PIE1
x-wacfrontend
DB5PEPF000083D3
x-officeversion
16.0.15317.41002
x-officefe
DB5PEPF000083D3
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
1245
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
cfb2b123-c75e-454e-8207-3eddbc3b5320
x-officefd
DB5PEPF000083D3
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
date
Sat, 21 May 2022 04:56:28 GMT
x-download-options
noopen
content-type
text/html
cache-control
no-cache
x-msedge-ref
Ref A: 8C9CF8DFCE064A29BB7CC58D11A035DD Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:28Z
timing-allow-origin
*
expires
-1
filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame AD96 		85 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21696&authkey=AAiBHyhY5FXhPpo&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
content-md5
EesZadmsnx78d9ZWIKfswQ==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
15784
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E53BE6E430
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
1dd59f25-f01e-0086-3575-264900000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=18862779
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame AD96 		169 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21696&authkey=AAiBHyhY5FXhPpo&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
content-md5
owOkAskXvYo3Ps40fhU7TQ==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
30548
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E53C3A1C6F
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
b177653d-301e-00d4-6e75-2654f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=15103005
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
embed1-0986a9b4.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame A8D4 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21698&authkey=AEyGmKgcCfylBYQ&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
content-md5
CYaptDz18cVXSIKt0vWKWA==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
14119
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E5332E9B80
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1dd59fea-f01e-0086-5775-264900000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14722442
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
embed2-8c600200.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame A8D4 		203 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21698&authkey=AEyGmKgcCfylBYQ&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
content-md5
jGACACXYYkvx7qKc5FskXg==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
69276
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E5337DDB83
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b17765c6-301e-00d4-5775-2654f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=17005610
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
embed0-54f3ec81.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame A8D4 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21698&authkey=AEyGmKgcCfylBYQ&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
content-md5
VPPsgWGZk5RDzVgXZtU7Yg==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
6057
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:53:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E532CDCC12
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
19fba659-901e-0138-1775-261ade000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=25515343
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		0
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PIE1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId
b1173efe-0ac8-451f-ad1a-59285f4f3584
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon
[{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000E940
x-officeversion
16.0.15317.41002
x-officefe
BL6PEPF0000E940
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
19b8d403-df98-4fae-945d-6535b34b8ea0
x-officecluster
PGTUS6
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
date
Sat, 21 May 2022 04:56:28 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 36EABD78DBC3400F9F3A3C367C136A72 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:28Z
wordviewerframe.aspx
word-view.officeapps.live.com/wv/ Frame D247 		125 KB
126 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21695&authkey=AFGZEzonZ2jUUMA&em=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a6df7fbbd11fc67047b586ebfb98853ce5e1abf13d2bf95feb4f26e566c9fe59
Security Headers
Name Value
Content-Security-Policy font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-security-policy
font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type
text/html; charset=utf-8
date
Sat, 21 May 2022 04:56:28 GMT
document-policy
js-profiling
expires
-1
origin-trial
Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
8340c83a-8223-481e-8e20-13267fb79240
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref
Ref A: 5C8D88F49BFE4F26B23D78FE19F75BE4 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:28Z
x-officecluster
PNL1
x-officefd
AM4PEPF00006A32
x-officefe
AM4PEPF00006A32
x-officeversion
16.0.15317.41002
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240
jquery-1.7.2-39eeb07e.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 6F84 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21695&authkey=AFGZEzonZ2jUUMA&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
content-md5
Oe6wfmgC4rV/XhCprZvKJA==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
33335
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E53DB4CCFD
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b1776575-301e-00d4-1575-2654f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=26148470
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
embed_s_embed-212fe29f.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 6F84 		483 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21695&authkey=AFGZEzonZ2jUUMA&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
content-md5
IS/in/g30QB+g7MVI79lXQ==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
135707
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E533D8DD7F
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1dd59f8f-f01e-0086-0c75-264900000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=26251279
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/ Frame D247 		277 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/WordViewer.css
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2c4e7fa0c4a763e47a8a92be9ee72520adc7baa8caca0c5756e1a2542096e06d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
"b02159f21060d81:0"
x-officecluster
PNL1
x-officeversion
16.0.15229.41003
x-officefe
AM4PEPF000131F5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length
34097
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified
Wed, 04 May 2022 23:44:50 GMT
x-officefd
AM4PEPF000131F5
x-msedge-ref
Ref A: C0291C5432D1463082FD2EAAEF5E49C9 Ref B: VIEEDGE3414 Ref C: 2022-05-09T09:19:35Z
x-usersessionid
bba08fb5-1c1e-4262-bf32-5158a09bdfc4
date
Sat, 21 May 2022 04:56:28 GMT
content-type
text/css
access-control-allow-origin
*
x-correlationid
bba08fb5-1c1e-4262-bf32-5158a09bdfc4
accept-ranges
bytes
timing-allow-origin
*
MicrosoftAjaxDS.js
c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/ Frame D247 		106 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
793e4ef4951e7e51858eb21509bad1c5612ac636255129a4d9e5d5b3eebc85b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
"d2b7625cd664d81:0"
x-officecluster
PNL1
x-officeversion
16.0.15304.41015
x-officefe
AM4PEPF000131E5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
23675
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 11 May 2022 01:28:04 GMT
x-officefd
AM4PEPF000131E5
x-msedge-ref
Ref A: 25A120C8C6864BE2933890C0667C4C57 Ref B: VIEEDGE3705 Ref C: 2022-05-14T04:46:12Z
x-usersessionid
0bab3361-deaa-469e-ad69-14f392b63893
date
Sat, 21 May 2022 04:56:28 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
0bab3361-deaa-469e-ad69-14f392b63893
accept-ranges
bytes
timing-allow-origin
*
CommonIntl.js
c1h-word-view-15.cdn.office.net/wv/s/hBC024565F5406F5A_App_Scripts/1031/ Frame D247 		152 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/hBC024565F5406F5A_App_Scripts/1031/CommonIntl.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
49c031b42bbd5f4d0ea786c19badce9083340741b4080f2e54394879b6e3652e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"271bd67be46ad81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF0000F305
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
32291
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:24:17 GMT
x-officefd
DB5PEPF0000F305
x-msedge-ref
Ref A: CD94F165B4664B3CA0DD8FF339BAF50C Ref B: VIEEDGE1519 Ref C: 2022-05-18T18:24:16Z
x-usersessionid
0d663424-098b-45d4-99eb-9de830d3eaf6
date
Sat, 21 May 2022 04:56:28 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
0d663424-098b-45d4-99eb-9de830d3eaf6
accept-ranges
bytes
timing-allow-origin
*
Compat.js
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame D247 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
"f96b2744cb64d81:0"
x-officecluster
PNL1
x-officeversion
16.0.15304.41015
x-officefe
AM4PEPF00010AB8
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
1373
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified
Wed, 11 May 2022 00:08:39 GMT
x-officefd
AM4PEPF000068C0
x-msedge-ref
Ref A: 9AB18C7BA4D5415389824AC8619E5142 Ref B: VIEEDGE3422 Ref C: 2022-05-12T07:24:40Z
x-usersessionid
aa2e584b-050f-4eb7-9d11-796e91a78a76
date
Sat, 21 May 2022 04:56:28 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
aa2e584b-050f-4eb7-9d11-796e91a78a76
accept-ranges
bytes
timing-allow-origin
*
WordViewerIntl.js
c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/ Frame D247 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/WordViewerIntl.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
"31851b3acb64d81:0"
x-officecluster
PNL1
x-officeversion
16.0.15304.41015
x-officefe
AM4PEPF000069FA
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
4307
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 11 May 2022 00:08:22 GMT
x-officefd
AM4PEPF000069FA
x-msedge-ref
Ref A: 511F028C46E5497DADAD2C122A4F33DF Ref B: VIEEDGE3419 Ref C: 2022-05-15T21:53:50Z
x-usersessionid
1a42f080-7306-4357-a185-ec76e4910f2f
date
Sat, 21 May 2022 04:56:28 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
1a42f080-7306-4357-a185-ec76e4910f2f
accept-ranges
bytes
timing-allow-origin
*
word-app-intl.min.js
c1h-word-view-15.cdn.office.net/wv/s/h6893F6D2177AB1D5_App_Scripts/1031/ Frame D247 		470 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h6893F6D2177AB1D5_App_Scripts/1031/word-app-intl.min.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6893f6d2177ab1d56333a6d41e89611747efe7231276b7dbdf9250a5962a3dce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"48d6da7be46ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF000131EF
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
74407
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:24:17 GMT
x-officefd
AM4PEPF000131EF
x-msedge-ref
Ref A: 750CADF039944042AD36769D44602EE8 Ref B: VIEEDGE3608 Ref C: 2022-05-18T18:24:16Z
x-usersessionid
8339461f-4da2-42b8-bac2-08f4eec9e51c
date
Sat, 21 May 2022 04:56:28 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
8339461f-4da2-42b8-bac2-08f4eec9e51c
accept-ranges
bytes
timing-allow-origin
*
appResourceLoader.min.js
c1h-word-view-15.cdn.office.net/wv/s/hE156DB1570C13C42_App_Scripts/exp/ Frame D247 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/hE156DB1570C13C42_App_Scripts/exp/appResourceLoader.min.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e156db1570c13c426d727df0b700884fac3ea70307c6ad350e47b8a266719393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"5f877cc8e36ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF00010AB5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
2858
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:16 GMT
x-officefd
AM4PEPF00010AB5
x-msedge-ref
Ref A: 6C6959184A5849048829EFDF48DB0A2B Ref B: VIEEDGE3422 Ref C: 2022-05-18T18:19:16Z
x-usersessionid
56d0c5cc-b42e-4a20-a92a-1730d42f1bc8
date
Sat, 21 May 2022 04:56:28 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
56d0c5cc-b42e-4a20-a92a-1730d42f1bc8
accept-ranges
bytes
timing-allow-origin
*
WordViewerDS.js
c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/ Frame D247 		3 MB
462 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
90869a05d5cb6f6864f79c1bdb28c83bd93cb0c3bd5d7a426a3f584af40b67e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"5ca07fc8e36ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF00012933
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
471073
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:16 GMT
x-officefd
AM4PEPF00012933
x-msedge-ref
Ref A: 2EC7E2BD41B44726A49C6D4B67AD3FF3 Ref B: VIEEDGE2912 Ref C: 2022-05-18T18:19:16Z
x-usersessionid
556096e8-7b4f-4fbd-a443-702d830a1b97
date
Sat, 21 May 2022 04:56:28 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
556096e8-7b4f-4fbd-a443-702d830a1b97
accept-ranges
bytes
timing-allow-origin
*
embed1-0986a9b4.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 6F84 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21695&authkey=AFGZEzonZ2jUUMA&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
content-md5
CYaptDz18cVXSIKt0vWKWA==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
14119
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E5332E9B80
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1dd59fea-f01e-0086-5775-264900000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14722442
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
embed2-8c600200.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 6F84 		203 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21695&authkey=AFGZEzonZ2jUUMA&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
content-md5
jGACACXYYkvx7qKc5FskXg==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
69276
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E5337DDB83
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b17765c6-301e-00d4-5775-2654f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=17005610
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
embed0-54f3ec81.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 6F84 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21695&authkey=AFGZEzonZ2jUUMA&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:28 GMT
content-encoding
gzip
content-md5
VPPsgWGZk5RDzVgXZtU7Yg==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
6057
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:53:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E532CDCC12
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
19fba659-901e-0138-1775-261ade000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=25515343
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame D247 		0
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId
8340c83a-8223-481e-8e20-13267fb79240
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon
[{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000BAFC
x-officeversion
16.0.15319.41002
x-officefe
BL6PEPF0000BAFC
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
213a0cfd-68f5-408b-a49f-62b04602bc29
x-officecluster
PGTUS4
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240
date
Sat, 21 May 2022 04:56:28 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 3F40D05A637843E99F580BE31B88B668 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:28Z
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PIE1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId
b1173efe-0ac8-451f-ad1a-59285f4f3584
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon
[{"Index":1,"MsSinceStart":163,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/h2C4E7FA0C4A763E4_resources/1031/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000BAF6
x-officeversion
16.0.15319.41002
x-officefe
BL6PEPF0000BAF6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
1ae06586-de38-4231-9686-cfdbb0c77824
x-officecluster
PGTUS4
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
date
Sat, 21 May 2022 04:56:28 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: B119B297E3BE49D6922220D82A1755EC Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:28Z
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame D247 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId
8340c83a-8223-481e-8e20-13267fb79240
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon
[{"Index":1,"MsSinceStart":85,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/h2C4E7FA0C4A763E4_resources/1031/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000BB84
x-officeversion
16.0.15317.41002
x-officefe
BL6PEPF0000BB84
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
35746635-d2b8-457e-ba97-38c5fe075e43
x-officecluster
PGTUS6
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240
date
Sat, 21 May 2022 04:56:28 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 3DD7416E8DE64E2881A59C497F518AFE Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:28Z
mini
www.albinoblacksheep.com/earth-moon/ Frame FDD4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.albinoblacksheep.com/earth-moon/mini
Requested by
Host: www.albinoblacksheep.com
URL: http://www.albinoblacksheep.com/earth-moon/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.124.74.201 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
209.124.74.201.static.a2webhosting.com
Software
Apache/2.4.53 (cPanel) OpenSSL/1.1.1o mod_bwlimited/1.4 Phusion_Passenger/6.0.12 /
Resource Hash
1e8930b54e0b99f51a77bba20982ffab9372a622b8931e4c55645becaffc767f

Request headers

Referer
http://www.allfordrugs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=1, must-revalidate
content-encoding
gzip
content-length
1798
content-type
text/html; charset=UTF-8
date
Sat, 21 May 2022 04:56:28 GMT
expires
Sat, 21 May 2022 04:56:29 GMT
server
Apache/2.4.53 (cPanel) OpenSSL/1.1.1o mod_bwlimited/1.4 Phusion_Passenger/6.0.12
vary
Accept-Encoding,User-Agent
/
d2fbkzyicji7c4.cloudfront.net/ 		201 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2fbkzyicji7c4.cloudfront.net/?zkbfd=728531
Requested by
Host: www.albinoblacksheep.com
URL: http://www.albinoblacksheep.com/earth-moon/embed.js
Protocol
HTTP/1.1
Server
143.204.214.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-142.fra53.r.cloudfront.net
Software
/
Resource Hash
2ebdfb38976f7756a1b223efe6a96fa04f5bdb85a44e66cab48026750c3b0f76

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 May 2022 04:56:31 GMT
content-encoding
gzip
X-Amz-Cf-Pop
FRA53-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
67868
Via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
x-7bePeX8mmKGAS5E4eTtJxYgFfUWZP8vU1QvaUyOay1FTnX_aFWeA==
pview
l.sharethis.com/ 		0
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1653108988796.26227&hostname=www.allfordrugs.com&location=%2F&product=DOS2&fcmp=false&fcmpv2=false&url=http%3A%2F%2Fwww.allfordrugs.com%2F&title=All%20About%20Drugs%20%E2%80%93%20Tout%20sur%20les%20m%C3%A9dicaments%20%D7%94%D7%9B%D7%9C%20%D7%A2%D7%9C%20%D7%AA%D7%A8%D7%95%D7%A4%D7%95%D7%AA%20%D9%83%D9%84%20%D8%B4%D9%8A%D8%A6%20%D8%B9%D9%86%20%D8%A7%D9%84%D8%A3%D8%AF%D9%88%D9%8A%D8%A9%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B0%D1%80%D0%BA%D0%BE%D1%82%D0%B8%D0%BA%D0%B0%D1%85%20%E5%85%B3%E4%BA%8E%E8%8D%AF%E5%93%81%E7%9A%84%E4%B8%80%E5%88%87%20%E0%B0%A1%E0%B1%8D%E0%B0%B0%E0%B0%97%E0%B1%8D%E0%B0%B8%E0%B1%8D%20%E0%B0%97%E0%B1%81%E0%B0%B0%E0%B0%BF%E0%B0%82%E0%B0%9A%E0%B0%BF%20%E0%B0%85%E0%B0%A8%E0%B1%8D%E0%B0%A8%E0%B0%BF%20%EB%A7%88%EC%95%BD%EC%97%90%20%EA%B4%80%ED%95%9C%20%EB%AA%A8%EB%93%A0%20%EA%B2%83%20%CE%8C%CE%BB%CE%B1%20%CE%B3%CE%B9%CE%B1%20%CF%84%CE%B1%20%CE%9D%CE%B1%CF%81%CE%BA%CF%89%CF%84%CE%B9%CE%BA%CE%AC%20Complete%20Tracking%20of%20Drugs%20Across%20the%20World%20by%20Dr%20Anthony%20Melvin%20Crasto%2C%20Worldpeacepeaker%2C%20worlddrugtracker%2C%20PH.D%20(ICT)%2C%20MUMBAI%2C%20INDIA%2C%20Worlddrugtracker%2C%20Helping%20millions%2C%209%20million%20hits%20on%20google%20on%20all%20websites%2C%202.5%20lakh%20connections%20on%20all%20networks%2C%20%E2%80%9CALL%20FOR%20DRUGS%E2%80%9D%20CATERS%20TO%20EDUCATION%20GLOBALLY%2C%20No%20commercial%20exploits%20are%20done%20or%20advertisements%20added%20by%20me.%20This%20is%20a%20compilation%20for%20educational%20purposes%20only.%20P.S.%20%3A%20The%20views%20expressed%20are%20my%20personal%20and%20in%20no-way%20suggest%20the%20views%20of%20the%20professional%20body%20or%20the%20company%20that%20I%20represent&sop=false&description=ALL%20ABOUT%20DRUGS%20BY%20DR%20ANTHONY%20MELVIN%20CRASTO%2C%20WORLD%20DRUG%20TRACKER%20HELPING%20MILLIONS%2C%20MILLION%20HITS%20ON%20GOOGLE..............................................
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/st_insights.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.88.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-88-85.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
http://www.allfordrugs.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Connection
keep-alive
Access-Control-Allow-Headers
*
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.fhX64oxn_tM.O/d=1/rs=AN8SPfp98iDUi5XHvybbtEs4hoLD8Wbm3w/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:51:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 19:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 21 May 2022 05:51:26 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.fhX64oxn_tM.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpbr_sLSShuvsg4OTqYEUSu3Sx3zg/ 		224 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.fhX64oxn_tM.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpbr_sLSShuvsg4OTqYEUSu3Sx3zg/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.fhX64oxn_tM.O/d=1/rs=AN8SPfp98iDUi5XHvybbtEs4hoLD8Wbm3w/m=el_conf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0789605ae3291d3d3cabf6b28cb89cdc725b7ecc5d7f7324acea08cd3af58f9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 18:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78062
x-xss-protection
0
last-modified
Wed, 18 May 2022 21:12:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 May 2023 18:47:57 GMT
followme_top.gif
www.allfordrugs.com/wp-content/plugins/follow-me/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/follow-me/images/followme_top.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
a6168f8d9be8fd28c2602431967ca1fac8e5f8a03faa34b42f6e2c0e41a93ea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Wed, 12 Jun 2013 06:17:52 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/gif
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=68
Content-Length
9195
followme_mid.gif
www.allfordrugs.com/wp-content/plugins/follow-me/images/ 		300 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/follow-me/images/followme_mid.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
5556de91a01b25102704ae0a95b499899ecf31281611b5f7ad8b7047dd848090

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Wed, 12 Jun 2013 06:17:52 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/gif
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=67
Content-Length
300
followme_bottom.gif
www.allfordrugs.com/wp-content/plugins/follow-me/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/follow-me/images/followme_bottom.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
3666497221a71bdd57d9461c28f7dac6d4ecdac42a4152598ba6b16885fbfcd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:28 GMT
Last-Modified
Wed, 12 Jun 2013 06:17:52 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/gif
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=65
Content-Length
1077
star.png
www.allfordrugs.com/wp-content/plugins/follow/include/ 		760 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.allfordrugs.com/wp-content/plugins/follow/include/star.png
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
162.241.24.224 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5904.bluehost.com
Software
Apache / W3 Total Cache/0.9.2.4
Resource Hash
4e383e4bba9d6a53b6e92f64a10f289cc4a58e3d28bff3880aa3507c6d61e8f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:30 GMT
Last-Modified
Wed, 12 Jun 2013 06:17:53 GMT
Server
Apache
X-Powered-By
W3 Total Cache/0.9.2.4
Vary
User-Agent
Content-Type
image/png
Accept-Ranges
bytes
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=57
Content-Length
760
widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html
platform.twitter.com/widgets/ Frame B49C 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=http%3A%2F%2Fwww.allfordrugs.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?ver=4.4.27
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA0) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
http://www.allfordrugs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
44416
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Sat, 21 May 2022 04:56:28 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Sun, 15 May 2022 20:03:39 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BA0)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-529472705475b43f/ 		950 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-529472705475b43f/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
607484eaeaad6f5ced0f71619e566d0cb04d7a3c61bc58913075eb133264e801

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:31 GMT
content-encoding
gzip
etag
-429260515--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=56, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
380
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=628870fb71868b11&bkl=0&bl=1&pdt=2112&sid=628870fb71868b11&pub=ra-529472705475b43f&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.allfordrugs.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=DRUGS%2CORGANIC%20CHEMISTRY%2CMEDICINAL%2CCLINICAL%2CHERBS%2CPATENTS%2CPROCESS%2CFDA%2CINDIA%2CCHINA%2CEU%2CUSA%2C%2CDRUGS%2CORGANIC%20CHEMISTRY%2CCLINICAL%20TRIALS%2CSYNTHESIS%2CMEDICINAL%20CHEMISTRY%2CHERBS%2CAYURVEDA&colc=1653108988913&jsl=8337&uvs=628870fb6d8f4f24000&skipb=1&callback=addthis.cbs.jsonp__64766182972039840
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1d983dd45739b8dadaa4d2419789fda8bbb46c8dc930fa0110742d05e1fc4ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 04:56:32 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 1663 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame DAB7 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://www.allfordrugs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Sat, 21 May 2022 04:56:28 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		0
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PIE1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId
b1173efe-0ac8-451f-ad1a-59285f4f3584
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon
[{"Index":2,"MsSinceStart":547,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000B925
x-officeversion
16.0.15317.41002
x-officefe
BL6PEPF0000B925
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
eb9e065f-ada5-4ee5-9eb0-db4a9f0a5c84
x-officecluster
PGTUS6
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
date
Sat, 21 May 2022 04:56:28 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: B7F182E07B5348279EBB356AF805AF48 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/ Frame 3509 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/segoeui.woff
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/WordViewer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/WordViewer.css
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
W/"10bfad462a63d81:0"
x-officecluster
GEU4C
x-officeversion
16.0.15229.41003
x-officefe
DU2PEPF00009252
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length
22720
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified
Sun, 08 May 2022 22:23:43 GMT
x-officefd
DU2PEPF00009244
x-msedge-ref
Ref A: B6A3B639EFB946FB981A4E00AF8B4968 Ref B: VIEEDGE3809 Ref C: 2022-05-08T22:23:43Z
x-usersessionid
013e049b-9fa1-4caf-b02c-c32662303bf3
date
Sat, 21 May 2022 04:56:29 GMT
content-type
font/x-woff
access-control-allow-origin
*
x-correlationid
013e049b-9fa1-4caf-b02c-c32662303bf3
accept-ranges
bytes
timing-allow-origin
*
docdatahandler.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		356 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp%5FuR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu%2DZq2v%2DHp2XoNRl4xcrDiGeR1OTI%2DQQ&access_token_ttl=1654923387570&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ&type=png&o15=1&ui=de-DE&PdfMode=1&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c0cc898820e28ef59f08ab4446cb3aa6afd6647d9fbc40843c64c2f549ea778c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-WacFrontEnd
DB5PEPF0000F301
X-UserSessionId
b1173efe-0ac8-451f-ad1a-59285f4f3584
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
BbGaxjC2RL7dTmwYuPuxyu9k/3EEaAKmpe9iW3pRrm4=,637887057880180476
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
PIE1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PIE1
x-wacfrontend
DB5PEPF0000F301
x-officeversion
16.0.15317.41002
x-officefe
DB5PEPF0000F301
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
355
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
d3106908-815c-4dbe-a98f-84256d6606e9
x-officefd
DB5PEPF0000F301
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
date
Sat, 21 May 2022 04:56:28 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
cache-control
private
x-msedge-ref
Ref A: E0102DD59B794B0E920839D30C906E62 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:29 GMT
wacairspaceanimationlibrary.js
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/ Frame 3509 		40 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/wacairspaceanimationlibrary.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"99bbbfc9e36ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF0001293C
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
5997
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:18 GMT
x-officefd
AM4PEPF0001293C
x-msedge-ref
Ref A: C762064E68864BD6B50460E41BEFAEAB Ref B: VIEEDGE1708 Ref C: 2022-05-18T18:19:18Z
x-usersessionid
17d54f5f-b3ee-40b3-ba11-30d2970fde0b
date
Sat, 21 May 2022 04:56:29 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
17d54f5f-b3ee-40b3-ba11-30d2970fde0b
accept-ranges
bytes
timing-allow-origin
*
wapsw.png
c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/ Frame 3509 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/wapsw.png?b=1601531741002
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
W/"275d4df4646bd81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF000083FF
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
5884
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Thu, 19 May 2022 09:43:54 GMT
x-officefd
DB5PEPF000083FF
x-msedge-ref
Ref A: 9BA0506BCC80453AAEF1BFC69C118CA6 Ref B: LON21EDGE2313 Ref C: 2022-05-19T09:43:54Z
x-usersessionid
1df555b6-ed69-4e27-9ec5-0ca6afea8785
date
Sat, 21 May 2022 04:56:29 GMT
content-type
image/png
access-control-allow-origin
*
x-correlationid
1df555b6-ed69-4e27-9ec5-0ca6afea8785
accept-ranges
bytes
timing-allow-origin
*
wv.png
c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/ Frame 3509 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/wv.png
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
W/"642241abe66ad81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF00008420
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
35196
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:39:55 GMT
x-officefd
DB5PEPF00008420
x-msedge-ref
Ref A: 24F2D7F327874EB094B712E4FF613E6E Ref B: VIEEDGE4320 Ref C: 2022-05-18T18:39:55Z
x-usersessionid
e1e9cbfd-ff41-4367-bf12-ac2773159442
date
Sat, 21 May 2022 04:56:29 GMT
content-type
image/png
access-control-allow-origin
*
x-correlationid
e1e9cbfd-ff41-4367-bf12-ac2773159442
accept-ranges
bytes
timing-allow-origin
*
pview
l.sharethis.com/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1653108988796.26227&hostname=www.allfordrugs.com&location=%2F&product=DOS2&fcmp=false&fcmpv2=false&url=http%3A%2F%2Fwww.allfordrugs.com%2F&title=All%20About%20Drugs%20%E2%80%93%20Tout%20sur%20les%20m%C3%A9dicaments%20%D7%94%D7%9B%D7%9C%20%D7%A2%D7%9C%20%D7%AA%D7%A8%D7%95%D7%A4%D7%95%D7%AA%20%D9%83%D9%84%20%D8%B4%D9%8A%D8%A6%20%D8%B9%D9%86%20%D8%A7%D9%84%D8%A3%D8%AF%D9%88%D9%8A%D8%A9%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B0%D1%80%D0%BA%D0%BE%D1%82%D0%B8%D0%BA%D0%B0%D1%85%20%E5%85%B3%E4%BA%8E%E8%8D%AF%E5%93%81%E7%9A%84%E4%B8%80%E5%88%87%20%E0%B0%A1%E0%B1%8D%E0%B0%B0%E0%B0%97%E0%B1%8D%E0%B0%B8%E0%B1%8D%20%E0%B0%97%E0%B1%81%E0%B0%B0%E0%B0%BF%E0%B0%82%E0%B0%9A%E0%B0%BF%20%E0%B0%85%E0%B0%A8%E0%B1%8D%E0%B0%A8%E0%B0%BF%20%EB%A7%88%EC%95%BD%EC%97%90%20%EA%B4%80%ED%95%9C%20%EB%AA%A8%EB%93%A0%20%EA%B2%83%20%CE%8C%CE%BB%CE%B1%20%CE%B3%CE%B9%CE%B1%20%CF%84%CE%B1%20%CE%9D%CE%B1%CF%81%CE%BA%CF%89%CF%84%CE%B9%CE%BA%CE%AC%20Complete%20Tracking%20of%20Drugs%20Across%20the%20World%20by%20Dr%20Anthony%20Melvin%20Crasto%2C%20Worldpeacepeaker%2C%20worlddrugtracker%2C%20PH.D%20(ICT)%2C%20MUMBAI%2C%20INDIA%2C%20Worlddrugtracker%2C%20Helping%20millions%2C%209%20million%20hits%20on%20google%20on%20all%20websites%2C%202.5%20lakh%20connections%20on%20all%20networks%2C%20%E2%80%9CALL%20FOR%20DRUGS%E2%80%9D%20CATERS%20TO%20EDUCATION%20GLOBALLY%2C%20No%20commercial%20exploits%20are%20done%20or%20advertisements%20added%20by%20me.%20This%20is%20a%20compilation%20for%20educational%20purposes%20only.%20P.S.%20%3A%20The%20views%20expressed%20are%20my%20personal%20and%20in%20no-way%20suggest%20the%20views%20of%20the%20professional%20body%20or%20the%20company%20that%20I%20represent&sop=false&description=ALL%20ABOUT%20DRUGS%20BY%20DR%20ANTHONY%20MELVIN%20CRASTO%2C%20WORLD%20DRUG%20TRACKER%20HELPING%20MILLIONS%2C%20MILLION%20HITS%20ON%20GOOGLE..............................................&description=ALL%20ABOUT%20DRUGS%20BY%20DR%20ANTHONY%20MELVIN%20CRASTO%2C%20WORLD%20DRUG%20TRACKER%20HELPING%20MILLIONS%2C%20MILLION%20HITS%20ON%20GOOGLE..............................................&img_pview=true
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.88.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-88-85.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:31 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Connection
keep-alive
Access-Control-Allow-Headers
*
8bb9bde2-8350-4e12-bcbb-a1bc6b310f25
https://word-view.officeapps.live.com/ Frame 3509 		189 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://word-view.officeapps.live.com/8bb9bde2-8350-4e12-bcbb-a1bc6b310f25
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6581c42a8df061bde74f89c567379ffd74cd8a9447192f7d2c2bb366a476293a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
189
Content-Type
application/javascript
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame D247 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&access_token=4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm%5FU5P8h4wurzqbKsasoz3Cf0zpHuhF%2DCMdu77Eq69gSOHDy6N%5FmolW3v1hZhAQBxwsm3%5FfnEXA0anddZfH4rgp6pTwntU86miKA&access_token_ttl=1654923387908&z=aRkMzMDcxQTVENzc5N0REMiE2OTUuNQ&v=00000000-0000-0000-0000-000000000802&usid=8340c83a-8223-481e-8e20-13267fb79240&splashscreen=1&build=16.0.15317.41002&PdfMode=1&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3fbfb080c0405faf65c426efd46f599a3053ff30e1a55174c441f58c84a7fc08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF000131E5
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF000131E5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
78693
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&access_token=4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm%5FU5P8h4wurzqbKsasoz3Cf0zpHuhF%2DCMdu77Eq69gSOHDy6N%5FmolW3v1hZhAQBxwsm3%5FfnEXA0anddZfH4rgp6pTwntU86miKA&access_token_ttl=1654923387908&z=aRkMzMDcxQTVENzc5N0REMiE2OTUuNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
cb8d46dc-1ee6-42a6-b02b-20da1cf9df4c
x-officefd
AM4PEPF000131E5
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: 06F3DAC3ADB64D48BED41F54FF07FE01 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:29 GMT
wapsw.png
c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/ Frame D247 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/wapsw.png?b=1601531741002
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
W/"275d4df4646bd81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF000083FF
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
5884
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Thu, 19 May 2022 09:43:54 GMT
x-officefd
DB5PEPF000083FF
x-msedge-ref
Ref A: 9BA0506BCC80453AAEF1BFC69C118CA6 Ref B: LON21EDGE2313 Ref C: 2022-05-19T09:43:54Z
x-usersessionid
1df555b6-ed69-4e27-9ec5-0ca6afea8785
date
Sat, 21 May 2022 04:56:29 GMT
content-type
image/png
access-control-allow-origin
*
x-correlationid
1df555b6-ed69-4e27-9ec5-0ca6afea8785
accept-ranges
bytes
timing-allow-origin
*
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame D247 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId
8340c83a-8223-481e-8e20-13267fb79240
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon
[{"Index":2,"MsSinceStart":647,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000E940
x-officeversion
16.0.15317.41002
x-officefe
BL6PEPF0000E940
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
6cb18167-3079-45d8-886f-a5987e82e446
x-officecluster
PGTUS6
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 654483FD3A26423FAC75E3420225E84C Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
wv.png
c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/ Frame D247 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/wv.png
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
W/"642241abe66ad81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF00008420
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
35196
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:39:55 GMT
x-officefd
DB5PEPF00008420
x-msedge-ref
Ref A: 24F2D7F327874EB094B712E4FF613E6E Ref B: VIEEDGE4320 Ref C: 2022-05-18T18:39:55Z
x-usersessionid
e1e9cbfd-ff41-4367-bf12-ac2773159442
date
Sat, 21 May 2022 04:56:29 GMT
content-type
image/png
access-control-allow-origin
*
x-correlationid
e1e9cbfd-ff41-4367-bf12-ac2773159442
accept-ranges
bytes
timing-allow-origin
*
segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/ Frame D247 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/segoeui.woff
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/WordViewer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/WordViewer.css
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
W/"10bfad462a63d81:0"
x-officecluster
GEU4C
x-officeversion
16.0.15229.41003
x-officefe
DU2PEPF00009252
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length
22720
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified
Sun, 08 May 2022 22:23:43 GMT
x-officefd
DU2PEPF00009244
x-msedge-ref
Ref A: B6A3B639EFB946FB981A4E00AF8B4968 Ref B: VIEEDGE3809 Ref C: 2022-05-08T22:23:43Z
x-usersessionid
013e049b-9fa1-4caf-b02c-c32662303bf3
date
Sat, 21 May 2022 04:56:29 GMT
content-type
font/x-woff
access-control-allow-origin
*
x-correlationid
013e049b-9fa1-4caf-b02c-c32662303bf3
accept-ranges
bytes
timing-allow-origin
*
docdatahandler.ashx
word-view.officeapps.live.com/wv/ Frame D247 		356 B
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&access_token=4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm%5FU5P8h4wurzqbKsasoz3Cf0zpHuhF%2DCMdu77Eq69gSOHDy6N%5FmolW3v1hZhAQBxwsm3%5FfnEXA0anddZfH4rgp6pTwntU86miKA&access_token_ttl=1654923387908&z=aRkMzMDcxQTVENzc5N0REMiE2OTUuNQ&type=png&o15=1&ui=de-DE&PdfMode=1&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
c0cc898820e28ef59f08ab4446cb3aa6afd6647d9fbc40843c64c2f549ea778c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-WacFrontEnd
AM4PEPF00006A32
X-UserSessionId
8340c83a-8223-481e-8e20-13267fb79240
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
B2ZntG7pUfKTOCPgJQnZ8Wi1GYDczLTpwdBo7c6sqxM=,637887057885598821
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF00006A32
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF00006A32
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
355
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-routed-to-target-server-path
WAC_WFE_AFFINITY_TARGET_URL
x-correlationid
d3b6090c-d2de-427c-a563-cff96bd5969f, d3b6090c-d2de-427c-a563-cff96bd5969f
x-officefd
AM4PEPF000131F0
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240, 8340c83a-8223-481e-8e20-13267fb79240
x-powered-by
ARR/3.0
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
cache-control
private
x-msedge-ref
Ref A: 9B6A90670B59420DAEAE8A52AD695F57 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
timing-allow-origin
*, *
expires
Sun, 21 May 2023 04:56:29 GMT
wacairspaceanimationlibrary.js
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/ Frame D247 		40 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/wacairspaceanimationlibrary.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"99bbbfc9e36ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF0001293C
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
5997
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:18 GMT
x-officefd
AM4PEPF0001293C
x-msedge-ref
Ref A: C762064E68864BD6B50460E41BEFAEAB Ref B: VIEEDGE1708 Ref C: 2022-05-18T18:19:18Z
x-usersessionid
17d54f5f-b3ee-40b3-ba11-30d2970fde0b
date
Sat, 21 May 2022 04:56:29 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
17d54f5f-b3ee-40b3-ba11-30d2970fde0b
accept-ranges
bytes
timing-allow-origin
*
settings
syndication.twitter.com/ Frame B49C 		278 B
460 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=5d6c472568331cf505f2447aa4b8f9a3b49efda9
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=http%3A%2F%2Fwww.allfordrugs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-response-time
105
date
Sat, 21 May 2022 04:56:29 GMT
content-encoding
gzip
last-modified
Sat, 21 May 2022 04:56:29 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
9886ce32409a0ac45fae9d7928d13625500dd8efe03920c335830edfea22f7eb
content-length
179
moon20.png
www.albinoblacksheep.com/image/moon/64/ Frame FDD4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.albinoblacksheep.com/image/moon/64/moon20.png
Requested by
Host: www.albinoblacksheep.com
URL: https://www.albinoblacksheep.com/earth-moon/mini
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.124.74.201 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
209.124.74.201.static.a2webhosting.com
Software
Apache/2.4.53 (cPanel) OpenSSL/1.1.1o mod_bwlimited/1.4 Phusion_Passenger/6.0.12 /
Resource Hash
cfedac3827f5b3f0b586b6a7c0cf41b1657da3e4e66bb9e56034e3fa068c06f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.albinoblacksheep.com/earth-moon/mini
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:29 GMT
last-modified
Wed, 07 Feb 2018 16:28:09 GMT
server
Apache/2.4.53 (cPanel) OpenSSL/1.1.1o mod_bwlimited/1.4 Phusion_Passenger/6.0.12
content-type
image/png
cache-control
max-age=14515200, must-revalidate, public
accept-ranges
bytes
content-length
7204
expires
Sat, 05 Nov 2022 04:56:29 GMT
Earth
www.fourmilab.ch/cgi-bin/ Frame FDD4 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fourmilab.ch/cgi-bin/Earth?img=learth&opt=-l&dynimg=y&alt=150000000&date=0&imgsize=300&ns=North&ew=West&lat=28.37&lon=40
Requested by
Host: www.albinoblacksheep.com
URL: https://www.albinoblacksheep.com/earth-moon/mini
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a05:d014:d43:3101:c6ee:ea42:3836:6cbf Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips /
Resource Hash
6d72be57956ed849951aaf306ab0f400c3474f21ef7cb13d369ae95625bb6db5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.albinoblacksheep.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 04:56:29 GMT
content-encoding
gzip
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips
vary
Accept-Encoding,User-Agent
content-type
image/jpeg
strict-transport-security
max-age=31536000; includeSubDomains
content-location
/cgi-bin/Earth?img=learth&opt=-l&dynimg=y&alt=150000000&date=0&imgsize=300&ns=North&ew=West&lat=28.37&lon=40
content-length
15228
c.php
jc.revolvermaps.com/ 		43 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jc.revolvermaps.com/c.php?i=2afvg8irrbf
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:31 GMT
Last-Modified
Sat, 21 May 2022 04:56:31 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=900
Connection
Keep-Alive
Keep-Alive
timeout=4, max=99
Content-Length
43
r.php
jc.revolvermaps.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jc.revolvermaps.com/r.php?i=2afvg8irrbf&l=http%3A%2F%2Fwww.allfordrugs.com%2F&r=1653108989329
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:31 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=4, max=98
Content-Length
43
Content-Type
image/gif
3fd2e6ab-66c2-4632-905b-620de0cf8f4a
https://word-view.officeapps.live.com/ Frame D247 		189 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://word-view.officeapps.live.com/3fd2e6ab-66c2-4632-905b-620de0cf8f4a
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6581c42a8df061bde74f89c567379ffd74cd8a9447192f7d2c2bb366a476293a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
189
Content-Type
application/javascript
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp%5FuR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu%2DZq2v%2DHp2XoNRl4xcrDiGeR1OTI%2DQQ&access_token_ttl=1654923387570&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ&v=00000000-0000-0000-0000-000000000802&usid=b1173efe-0ac8-451f-ad1a-59285f4f3584&splashscreen=1&build=16.0.15317.41002&PdfMode=1&waccluster=PIE1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
732513c2d12f6f9cfdae1c4566ccd708a0707f30c09bbb30938ed391ec71b749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PIE1
x-wacfrontend
DB5PEPF000083D3
x-officeversion
16.0.15317.41002
x-officefe
DB5PEPF000083D3
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
110357
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp%5FuR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu%2DZq2v%2DHp2XoNRl4xcrDiGeR1OTI%2DQQ&access_token_ttl=1654923387570&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
6da46289-dd05-41db-a452-ca24ab5cc646
x-officefd
DB5PEPF000083D3
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: A3D9FA0849E542138A1A117E0BD27F26 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:29 GMT
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		0
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PIE1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId
b1173efe-0ac8-451f-ad1a-59285f4f3584
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon
[{"Index":3,"MsSinceStart":855,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000BB84
x-officeversion
16.0.15317.41002
x-officefe
BL6PEPF0000BB84
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
0c72e387-6066-43a2-88cc-71742554eec0
x-officecluster
PGTUS6
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 3FEFE60EFBA343C6874435B47F89972E Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
WordViewerDS.dll1.js
c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/ Frame 3509 		838 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.dll1.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9a435242daabecff2c8118b1a3d0c5631f16bd96f61a3f9418c681be22cf1bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"e38ba5cce36ad81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF0000E7FD
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
140063
cache-control
public,max-age=31536000
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:23 GMT
x-officefd
DB5PEPF0000E7FD
x-msedge-ref
Ref A: 05BFF1554C514EA09D808CCDA5193044 Ref B: VIEEDGE2018 Ref C: 2022-05-18T18:19:22Z
x-usersessionid
59ebcab8-7ef1-4147-b438-cea85bc482fa
date
Sat, 21 May 2022 04:56:29 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
59ebcab8-7ef1-4147-b438-cea85bc482fa
accept-ranges
bytes
timing-allow-origin
*
officebrowserfeedback_floodgate.js
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/ Frame 3509 		549 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9453a0d46bcb5bb3ef1982975b93214e05fc901c61cda2917fda568d7a3d4704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"b37487cce36ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF00006A0C
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
103228
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:22 GMT
x-officefd
AM4PEPF00006A0C
x-msedge-ref
Ref A: 85AA4CE43BB64C60AFD1EE9D3E8E3C58 Ref B: VIEEDGE1513 Ref C: 2022-05-18T18:19:22Z
x-usersessionid
7462f9e4-47ef-4215-845c-433ae4fea886
date
Sat, 21 May 2022 04:56:29 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
7462f9e4-47ef-4215-845c-433ae4fea886
accept-ranges
bytes
timing-allow-origin
*
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PIE1&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

X-WacFrontEnd
DB5PEPF0000F301
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
BbGaxjC2RL7dTmwYuPuxyu9k/3EEaAKmpe9iW3pRrm4=,637887057880180476
X-bULS-SuppressionETag
93275736E860D80D1598AD19ECC605672B1ABEF9
X-Requested-With
XMLHttpRequest
X-xhr
1
haep
1
X-AccessToken
4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp_uR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu-Zq2v-Hp2XoNRl4xcrDiGeR1OTI-QQ
X-UserSessionId
b1173efe-0ac8-451f-ad1a-59285f4f3584
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType
WOPI
X-AccessTokenTtl
1654923387570
X-WacCluster
PIE1

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PGTUS4
x-officeversion
16.0.15319.41002
x-officefe
BL6PEPF0000BB17
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
93275736E860D80D1598AD19ECC605672B1ABEF9
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
c408b64d-47aa-4dbf-8f81-4edb48162a6e
x-officefd
BL6PEPF0000BB17
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: BE8C98BFD0444C07A962FAE23CE7FC3F Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/ Frame 3509 		695 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/progress.gif
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
W/"2d763da6e46ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF000131E9
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
695
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:25:28 GMT
x-officefd
AM4PEPF000131E9
x-msedge-ref
Ref A: 791D4A5213D247FF862B413C1D14DEE2 Ref B: VIEEDGE3614 Ref C: 2022-05-18T18:25:28Z
x-usersessionid
81d9b371-bd9c-4913-8a11-e12433f27b6c
date
Sat, 21 May 2022 04:56:29 GMT
content-type
image/gif
access-control-allow-origin
*
x-correlationid
81d9b371-bd9c-4913-8a11-e12433f27b6c
accept-ranges
bytes
timing-allow-origin
*
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=b1173efe-0ac8-451f-ad1a-59285f4f3584&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp_uR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu-Zq2v-Hp2XoNRl4xcrDiGeR1OTI-QQ&access_token_ttl=1654923388393&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ&waccluster=PIE1&PdfMode=1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
732513c2d12f6f9cfdae1c4566ccd708a0707f30c09bbb30938ed391ec71b749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PIE1
x-wacfrontend
DB5PEPF0000F2FB
x-officeversion
16.0.15317.41002
x-officefe
DB5PEPF0000F2FB
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
110357
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp%5FuR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu%2DZq2v%2DHp2XoNRl4xcrDiGeR1OTI%2DQQ&access_token_ttl=1654923388393&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
d07d6564-1449-4cdd-9176-da90d672d692
x-officefd
DB5PEPF0000F2FB
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: 461B3D80BCB349FCB9911D1F95337F49 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:29 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		373 KB
374 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=b1173efe-0ac8-451f-ad1a-59285f4f3584&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp_uR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu-Zq2v-Hp2XoNRl4xcrDiGeR1OTI-QQ&access_token_ttl=1654923388393&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ&waccluster=PIE1&PdfMode=1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
254adc0b5e8f74441c3fbd0f53a50c4bca4f603d7e55f7c92c93831daf0083d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PIE1
x-wacfrontend
DB5PEPF000083D5
x-officeversion
16.0.15317.41002
x-officefe
DB5PEPF000083D5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
382223
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp%5FuR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu%2DZq2v%2DHp2XoNRl4xcrDiGeR1OTI%2DQQ&access_token_ttl=1654923388393&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ00000000-0000-0000-0000-000000000802p2.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
80e60faf-8849-4cb0-8a29-a3bb84fa062c
x-officefd
DB5PEPF000083D5
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 0CFB11FE29FC4E7B8C5398D584D88A2F Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:29 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p3.img&v=00000000-0000-0000-0000-000000000802&usid=b1173efe-0ac8-451f-ad1a-59285f4f3584&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp_uR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu-Zq2v-Hp2XoNRl4xcrDiGeR1OTI-QQ&access_token_ttl=1654923388393&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ&waccluster=PIE1&PdfMode=1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
52d0c1ba306bc56f25a87a6262cf0db02c6c9b29c4183a91c29036ac3ac7a693
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PIE1
x-wacfrontend
DB5PEPF0000F301
x-officeversion
16.0.15317.41002
x-officefe
DB5PEPF0000F301
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
96730
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp%5FuR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu%2DZq2v%2DHp2XoNRl4xcrDiGeR1OTI%2DQQ&access_token_ttl=1654923388393&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ00000000-0000-0000-0000-000000000802p3.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
fdab3f09-98a8-4ad4-a008-009b72f848f4
x-officefd
DB5PEPF0000F301
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: DDD7A9EBDD84494F8DC3CDDCEBDC897C Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:29 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		219 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p4.img&v=00000000-0000-0000-0000-000000000802&usid=b1173efe-0ac8-451f-ad1a-59285f4f3584&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp_uR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu-Zq2v-Hp2XoNRl4xcrDiGeR1OTI-QQ&access_token_ttl=1654923388393&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ&waccluster=PIE1&PdfMode=1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c594b393ab979196ab587153bfcb2d11eab73869581deac981baf7d872fdef2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PIE1
x-wacfrontend
DB5PEPF0000C637
x-officeversion
16.0.15317.41002
x-officefe
DB5PEPF0000C637
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
223992
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp%5FuR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu%2DZq2v%2DHp2XoNRl4xcrDiGeR1OTI%2DQQ&access_token_ttl=1654923388393&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ00000000-0000-0000-0000-000000000802p4.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
e2ddcbf4-891a-4bc1-99ef-94dce499e2d7
x-officefd
DB5PEPF0000C637
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 4C1448CEDD2E4998B01D614453213BBE Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:29 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p5.img&v=00000000-0000-0000-0000-000000000802&usid=b1173efe-0ac8-451f-ad1a-59285f4f3584&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp_uR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu-Zq2v-Hp2XoNRl4xcrDiGeR1OTI-QQ&access_token_ttl=1654923388393&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ&waccluster=PIE1&PdfMode=1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f5143a05c0b939b3e619a4f6ac4a016ae54eb33b22c557e2a0e4344b4c8ed437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PIE1
x-wacfrontend
DB5PEPF000083D3
x-officeversion
16.0.15317.41002
x-officefe
DB5PEPF000083D3
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
127220
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp%5FuR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu%2DZq2v%2DHp2XoNRl4xcrDiGeR1OTI%2DQQ&access_token_ttl=1654923388393&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ00000000-0000-0000-0000-000000000802p5.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid
97a3873a-4667-433a-acf2-a53ee223c51b
x-officefd
DB5PEPF000083D3
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: 9C5CEFDB469E488EBAA4918C62F2BB23 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:29 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=b1173efe-0ac8-451f-ad1a-59285f4f3584&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp%5FuR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu%2DZq2v%2DHp2XoNRl4xcrDiGeR1OTI%2DQQ&access_token_ttl=1654923387570&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ&waccluster=PIE1&PdfMode=1&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
3693f84484ba0a180dcf6d539b6ab3ba09fbbe879a28ec1fd30fdfe3cfbd1aec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-WacFrontEnd
DB5PEPF0000F301
X-UserSessionId
b1173efe-0ac8-451f-ad1a-59285f4f3584
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
BbGaxjC2RL7dTmwYuPuxyu9k/3EEaAKmpe9iW3pRrm4=,637887057880180476
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
PIE1

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PIE1
x-wacfrontend
DB5PEPF0000F301
x-officeversion
16.0.15317.41002
x-officefe
DB5PEPF0000F301
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
3131
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp%5FuR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu%2DZq2v%2DHp2XoNRl4xcrDiGeR1OTI%2DQQ&access_token_ttl=1654923387570&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-routed-to-target-server-path
WAC_WFE_AFFINITY_TARGET_URL
x-correlationid
e5ed40ba-e80b-4b4a-b517-e928596ce484, e5ed40ba-e80b-4b4a-b517-e928596ce484
x-officefd
DB5PEPF0000CE8C
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584, b1173efe-0ac8-451f-ad1a-59285f4f3584
x-powered-by
ARR/3.0
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
cache-control
private
x-msedge-ref
Ref A: 0DDDD9C8DED0448DBD100E02E49BA0E2 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
timing-allow-origin
*, *
expires
Sun, 21 May 2023 04:56:29 GMT
c.gif
c.live.com/ Frame 6F84
Redirect Chain
  • https://c.live.com/c.gif?DI=15347&wlxid=7ad1430f-a3fe-436a-af1e-aee35c4cda0a&reqid=001e8e28fb8&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99B84A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
  • https://c.bing.com/c.gif?DI=15347&wlxid=7ad1430f-a3fe-436a-af1e-aee35c4cda0a&reqid=001e8e28fb8&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99B84A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
  • https://c.live.com/c.gif?DI=15347&wlxid=7ad1430f-a3fe-436a-af1e-aee35c4cda0a&reqid=001e8e28fb8&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99B84A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
42 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.live.com/c.gif?DI=15347&wlxid=7ad1430f-a3fe-436a-af1e-aee35c4cda0a&reqid=001e8e28fb8&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99B84A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D2535%26IR%3D1%26EX%3D0%26L.h%3D1552%26L.sjs%3D1684%26L.ttg%3D1552%26C.st%3D1653108986969%26N.domIn%3D1566%26N.req%3D924%26N.resp%3D2%26N.navType%3D0%26N.redirectCount%3D0&r=0.004570106344270908&CtsSyncId=BA8C88666CC84DCDA3777290BC0ED07F&MUID=0486F0B3393261B22EBBE1183D326564
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 04:56:29 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 21 May 2022 04:56:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D60B8A0BA43F4D81A8E4822E7ECEB5DF Ref B: FRAEDGE1218 Ref C: 2022-05-21T04:56:29Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.live.com/c.gif?DI=15347&wlxid=7ad1430f-a3fe-436a-af1e-aee35c4cda0a&reqid=001e8e28fb8&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99B84A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D2535%26IR%3D1%26EX%3D0%26L.h%3D1552%26L.sjs%3D1684%26L.ttg%3D1552%26C.st%3D1653108986969%26N.domIn%3D1566%26N.req%3D924%26N.resp%3D2%26N.navType%3D0%26N.redirectCount%3D0&r=0.004570106344270908&CtsSyncId=BA8C88666CC84DCDA3777290BC0ED07F&MUID=0486F0B3393261B22EBBE1183D326564
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
officebrowserfeedback.css
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/ Frame 3509 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback.css
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"e372bdd1e36ad81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF0000C627
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
2711
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:31 GMT
x-officefd
DB5PEPF0000C627
x-msedge-ref
Ref A: 80F1DABFE3DA45359CF033DE5720AE37 Ref B: VIEEDGE2018 Ref C: 2022-05-18T18:19:31Z
x-usersessionid
7a58e968-5858-4692-8a78-fd96a06e729e
date
Sat, 21 May 2022 04:56:29 GMT
content-type
text/css
access-control-allow-origin
*
x-correlationid
7a58e968-5858-4692-8a78-fd96a06e729e
accept-ranges
bytes
timing-allow-origin
*
officebrowserfeedbackstrings.js
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/Intl/de/ Frame 3509 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/Intl/de/officebrowserfeedbackstrings.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
519dc56ed053dbbb1df9327006ed3777c667f9c88ba36af49ae6e64fe6d4c67e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"dc53f881e46ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF0001237C
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
1044
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:24:27 GMT
x-officefd
AM4PEPF0001237C
x-msedge-ref
Ref A: 214F69DA395549D6B0580266376BDB93 Ref B: VIEEDGE4311 Ref C: 2022-05-18T18:24:27Z
x-usersessionid
adfa7b85-95c6-409b-84f5-a6f28be3ff1f
date
Sat, 21 May 2022 04:56:29 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
adfa7b85-95c6-409b-84f5-a6f28be3ff1f
accept-ranges
bytes
timing-allow-origin
*
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame D247 		0
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId
8340c83a-8223-481e-8e20-13267fb79240
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon
[{"Index":3,"MsSinceStart":925,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000E940
x-officeversion
16.0.15317.41002
x-officefe
BL6PEPF0000E940
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
b90c4d72-0cbf-4503-9ec8-3128cb3521b0
x-officecluster
PGTUS6
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 932B45AD039B40F8AC892C3155FBCAD7 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
WordViewerDS.dll1.js
c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/ Frame D247 		838 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.dll1.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9a435242daabecff2c8118b1a3d0c5631f16bd96f61a3f9418c681be22cf1bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"e38ba5cce36ad81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF0000E7FD
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
140063
cache-control
public,max-age=31536000
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:23 GMT
x-officefd
DB5PEPF0000E7FD
x-msedge-ref
Ref A: 05BFF1554C514EA09D808CCDA5193044 Ref B: VIEEDGE2018 Ref C: 2022-05-18T18:19:22Z
x-usersessionid
59ebcab8-7ef1-4147-b438-cea85bc482fa
date
Sat, 21 May 2022 04:56:29 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
59ebcab8-7ef1-4147-b438-cea85bc482fa
accept-ranges
bytes
timing-allow-origin
*
progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/ Frame D247 		695 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/progress.gif
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
W/"2d763da6e46ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF000131E9
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
695
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:25:28 GMT
x-officefd
AM4PEPF000131E9
x-msedge-ref
Ref A: 791D4A5213D247FF862B413C1D14DEE2 Ref B: VIEEDGE3614 Ref C: 2022-05-18T18:25:28Z
x-usersessionid
81d9b371-bd9c-4913-8a11-e12433f27b6c
date
Sat, 21 May 2022 04:56:29 GMT
content-type
image/gif
access-control-allow-origin
*
x-correlationid
81d9b371-bd9c-4913-8a11-e12433f27b6c
accept-ranges
bytes
timing-allow-origin
*
officebrowserfeedback_floodgate.js
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/ Frame D247 		549 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9453a0d46bcb5bb3ef1982975b93214e05fc901c61cda2917fda568d7a3d4704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"b37487cce36ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF00006A0C
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
103228
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:22 GMT
x-officefd
AM4PEPF00006A0C
x-msedge-ref
Ref A: 85AA4CE43BB64C60AFD1EE9D3E8E3C58 Ref B: VIEEDGE1513 Ref C: 2022-05-18T18:19:22Z
x-usersessionid
7462f9e4-47ef-4215-845c-433ae4fea886
date
Sat, 21 May 2022 04:56:29 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
7462f9e4-47ef-4215-845c-433ae4fea886
accept-ranges
bytes
timing-allow-origin
*
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame D247 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

X-WacFrontEnd
AM4PEPF00006A32
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
B2ZntG7pUfKTOCPgJQnZ8Wi1GYDczLTpwdBo7c6sqxM=,637887057885598821
X-bULS-SuppressionETag
93275736E860D80D1598AD19ECC605672B1ABEF9
X-Requested-With
XMLHttpRequest
X-xhr
1
haep
1
X-AccessToken
4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm_U5P8h4wurzqbKsasoz3Cf0zpHuhF-CMdu77Eq69gSOHDy6N_molW3v1hZhAQBxwsm3_fnEXA0anddZfH4rgp6pTwntU86miKA
X-UserSessionId
8340c83a-8223-481e-8e20-13267fb79240
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType
WOPI
X-AccessTokenTtl
1654923387908
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PGTUS6
x-officeversion
16.0.15317.41002
x-officefe
BL6PEPF0000BB84
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
93275736E860D80D1598AD19ECC605672B1ABEF9
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
d485f26a-632d-410e-b527-f798d3e33aa2
x-officefd
BL6PEPF0000BB84
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 7FD1F618DCF740E38D7D6B8FCD3CDD31 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame D247 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=8340c83a-8223-481e-8e20-13267fb79240&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&access_token=4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm_U5P8h4wurzqbKsasoz3Cf0zpHuhF-CMdu77Eq69gSOHDy6N_molW3v1hZhAQBxwsm3_fnEXA0anddZfH4rgp6pTwntU86miKA&access_token_ttl=1654923388394&z=aRkMzMDcxQTVENzc5N0REMiE2OTUuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3fbfb080c0405faf65c426efd46f599a3053ff30e1a55174c441f58c84a7fc08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF000131F0
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF000131F0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
78693
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&access_token=4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm%5FU5P8h4wurzqbKsasoz3Cf0zpHuhF%2DCMdu77Eq69gSOHDy6N%5FmolW3v1hZhAQBxwsm3%5FfnEXA0anddZfH4rgp6pTwntU86miKA&access_token_ttl=1654923388394&z=aRkMzMDcxQTVENzc5N0REMiE2OTUuNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
b05fb648-8af2-4583-91d6-78a2c0a9dac7
x-officefd
AM4PEPF000131F0
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: F1168013057C422792C8541D238E352A Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:29 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame D247 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=8340c83a-8223-481e-8e20-13267fb79240&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&access_token=4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm_U5P8h4wurzqbKsasoz3Cf0zpHuhF-CMdu77Eq69gSOHDy6N_molW3v1hZhAQBxwsm3_fnEXA0anddZfH4rgp6pTwntU86miKA&access_token_ttl=1654923388394&z=aRkMzMDcxQTVENzc5N0REMiE2OTUuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
93a6c774ec964a86c8093d4ab42fdd6d05cd0aaa373a420482f4dc3f5b7625f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF00006A32
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF00006A32
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
27086
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&access_token=4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm%5FU5P8h4wurzqbKsasoz3Cf0zpHuhF%2DCMdu77Eq69gSOHDy6N%5FmolW3v1hZhAQBxwsm3%5FfnEXA0anddZfH4rgp6pTwntU86miKA&access_token_ttl=1654923388394&z=aRkMzMDcxQTVENzc5N0REMiE2OTUuNQ00000000-0000-0000-0000-000000000802p2.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
57297f2d-f6b2-46ed-9074-bd388d399d79
x-officefd
AM4PEPF00006A32
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: 39E3B1F05CBE4A4EACEFAAB1C859CC11 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:29 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame D247 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p3.img&v=00000000-0000-0000-0000-000000000802&usid=8340c83a-8223-481e-8e20-13267fb79240&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&access_token=4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm_U5P8h4wurzqbKsasoz3Cf0zpHuhF-CMdu77Eq69gSOHDy6N_molW3v1hZhAQBxwsm3_fnEXA0anddZfH4rgp6pTwntU86miKA&access_token_ttl=1654923388394&z=aRkMzMDcxQTVENzc5N0REMiE2OTUuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73d5d22252d5b175f85bf3bd0fa0fdc74df4c0726cbe694721bcf5fb5744a483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF000131E5
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF000131E5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
90894
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&access_token=4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm%5FU5P8h4wurzqbKsasoz3Cf0zpHuhF%2DCMdu77Eq69gSOHDy6N%5FmolW3v1hZhAQBxwsm3%5FfnEXA0anddZfH4rgp6pTwntU86miKA&access_token_ttl=1654923388394&z=aRkMzMDcxQTVENzc5N0REMiE2OTUuNQ00000000-0000-0000-0000-000000000802p3.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
3ff21fbf-5a02-436e-a9c9-1c3a3cbbaadd
x-officefd
AM4PEPF000131E5
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: 01B1B6D62CF645B9B47AB5B7242236FA Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:29 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame D247 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p4.img&v=00000000-0000-0000-0000-000000000802&usid=8340c83a-8223-481e-8e20-13267fb79240&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&access_token=4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm_U5P8h4wurzqbKsasoz3Cf0zpHuhF-CMdu77Eq69gSOHDy6N_molW3v1hZhAQBxwsm3_fnEXA0anddZfH4rgp6pTwntU86miKA&access_token_ttl=1654923388394&z=aRkMzMDcxQTVENzc5N0REMiE2OTUuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbabaf11b852af314cd0b007489eae363548ac2cd042acbb05461ddb78922395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF000131EC
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF000131EC
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
117389
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&access_token=4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm%5FU5P8h4wurzqbKsasoz3Cf0zpHuhF%2DCMdu77Eq69gSOHDy6N%5FmolW3v1hZhAQBxwsm3%5FfnEXA0anddZfH4rgp6pTwntU86miKA&access_token_ttl=1654923388394&z=aRkMzMDcxQTVENzc5N0REMiE2OTUuNQ00000000-0000-0000-0000-000000000802p4.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid
cf3e55f0-e8b1-48db-be4b-c8973d911c81
x-officefd
AM4PEPF000131EC
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: BFB132CA44D044099E030CB83E4AC54A Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:29 GMT
log_event
www.youtube.com/youtubei/v1/ Frame C897 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ec0ced91/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/NTOtI7HfE9I
X-YouTube-Client-Version
1.20220517.01.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgt3QWxoTmNLcTROdyj64aGUBg%3D%3D
X-YouTube-Ad-Signals
dt=1653108987280&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 21 May 2022 04:56:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 21 May 2022 04:56:29 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame D247 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=8340c83a-8223-481e-8e20-13267fb79240&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&access_token=4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm%5FU5P8h4wurzqbKsasoz3Cf0zpHuhF%2DCMdu77Eq69gSOHDy6N%5FmolW3v1hZhAQBxwsm3%5FfnEXA0anddZfH4rgp6pTwntU86miKA&access_token_ttl=1654923387908&z=aRkMzMDcxQTVENzc5N0REMiE2OTUuNQ&waccluster=PNL1&PdfMode=1&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
f02d7d6ed45bed9173e6d384626f491f6bb92a9cb71f8acbb9c83cbf02857a98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-WacFrontEnd
AM4PEPF00006A32
X-UserSessionId
8340c83a-8223-481e-8e20-13267fb79240
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
B2ZntG7pUfKTOCPgJQnZ8Wi1GYDczLTpwdBo7c6sqxM=,637887057885598821
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF00006A32
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF00006A32
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
3397
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&access_token=4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm%5FU5P8h4wurzqbKsasoz3Cf0zpHuhF%2DCMdu77Eq69gSOHDy6N%5FmolW3v1hZhAQBxwsm3%5FfnEXA0anddZfH4rgp6pTwntU86miKA&access_token_ttl=1654923387908&z=aRkMzMDcxQTVENzc5N0REMiE2OTUuNQ00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-routed-to-target-server-path
WAC_WFE_AFFINITY_TARGET_URL
x-correlationid
f5c4b124-e59f-4566-a39b-ecc36e9d979d, f5c4b124-e59f-4566-a39b-ecc36e9d979d
x-officefd
AM4PEPF00010AB4
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240, 8340c83a-8223-481e-8e20-13267fb79240
x-powered-by
ARR/3.0
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
cache-control
private
x-msedge-ref
Ref A: 97DC7637CA844D0383819FB2C1E42B44 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
timing-allow-origin
*, *
expires
Sun, 21 May 2023 04:56:29 GMT
wl.ms.js
js.live.net/v5.0/ Frame 3509 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.live.net/v5.0/wl.ms.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
104.92.80.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-80-28.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
X-MSNServer
RD0003FF1DA9E7
Last-Modified
Fri, 10 Jul 2020 18:30:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0b3b92be856d61:0"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=63018, public
X-ODWebServer
westeurope0-odwebp
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
16199
campaignmetadataaggregator
messaging.office.com/lifecycle/ Frame 3509 		324 B
584 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://messaging.office.com/lifecycle/campaignmetadataaggregator?country=DE&locale=de-DE&app=2155&platform=Web&version=16.0.15317.41002&campaignParams=pageWidth%3D647%26pageHeight%3D647%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPIE1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3B&ageGroup=0&sessionUserType=2
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.96 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04d665f864fd62714caaa53532b12d06b0e0f399dcf4926e46929773504d5f12
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://word-view.officeapps.live.com/
x-correlationid
8d99c1ea-0c2f-4a12-e38f-2b54a073b92e
x-usersessionid
03476295-c9e4-4ee5-8ee2-908d6afbfae8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
weu-000.omexmessaging.osi.office.net
x-gateids
AirTrafficControl.GovernanceRule
x-officeversion
22.4.10503.11112
x-officefe
OmexMessagingStorefront_IN_1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
vary
Accept-Encoding
content-length
243
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
no-cache
x-correlationid
4dad5adc-a319-4838-9e2d-fd0a6458cb2a
server
x-usersessionid
03476295-c9e4-4ee5-8ee2-908d6afbfae8
date
Sat, 21 May 2022 04:56:29 GMT
x-frame-options
deny
content-type
application/json; charset=utf-8
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
*
cache-control
private, no-store
x-machine
weu-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_1
access-control-allow-headers
authorization,X-CorrelationId,X-UserSessionId,Content-Type
campaignmetadataaggregator
messaging.office.com/lifecycle/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://messaging.office.com/lifecycle/campaignmetadataaggregator?country=DE&locale=de-DE&app=2155&platform=Web&version=16.0.15317.41002&campaignParams=pageWidth%3D647%26pageHeight%3D647%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPIE1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3B&ageGroup=0&sessionUserType=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.96 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-correlationid,x-usersessionid
Access-Control-Request-Method
GET
Origin
https://word-view.officeapps.live.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
authorization,X-CorrelationId,X-UserSessionId,Content-Type
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
*
access-control-max-age
86400
cache-control
private
content-length
0
date
Sat, 21 May 2022 04:56:29 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-correlationid
0a6adea2-07a0-402d-8366-e61e7a248e81
x-frame-options
deny
x-gateids
AirTrafficControl.GovernanceRule
x-machine
weu-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_1
x-officecluster
weu-000.omexmessaging.osi.office.net
x-officefe
OmexMessagingStorefront_IN_1
x-officeversion
22.4.10503.11112
x-ua-compatible
IE=edge
x-usersessionid
0a6adea2-07a0-402d-8366-e61e7a248e81
x-xss-protection
1; mode=block
officebrowserfeedback.css
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/ Frame D247 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback.css
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"e372bdd1e36ad81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF0000C627
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
2711
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:31 GMT
x-officefd
DB5PEPF0000C627
x-msedge-ref
Ref A: 80F1DABFE3DA45359CF033DE5720AE37 Ref B: VIEEDGE2018 Ref C: 2022-05-18T18:19:31Z
x-usersessionid
7a58e968-5858-4692-8a78-fd96a06e729e
date
Sat, 21 May 2022 04:56:29 GMT
content-type
text/css
access-control-allow-origin
*
x-correlationid
7a58e968-5858-4692-8a78-fd96a06e729e
accept-ranges
bytes
timing-allow-origin
*
officebrowserfeedbackstrings.js
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/Intl/de/ Frame D247 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/Intl/de/officebrowserfeedbackstrings.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
519dc56ed053dbbb1df9327006ed3777c667f9c88ba36af49ae6e64fe6d4c67e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"dc53f881e46ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF0001237C
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
1044
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:24:27 GMT
x-officefd
AM4PEPF0001237C
x-msedge-ref
Ref A: 214F69DA395549D6B0580266376BDB93 Ref B: VIEEDGE4311 Ref C: 2022-05-18T18:24:27Z
x-usersessionid
adfa7b85-95c6-409b-84f5-a6f28be3ff1f
date
Sat, 21 May 2022 04:56:29 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
adfa7b85-95c6-409b-84f5-a6f28be3ff1f
accept-ranges
bytes
timing-allow-origin
*
campaignmetadataaggregator
messaging.office.com/lifecycle/ Frame D247 		324 B
481 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://messaging.office.com/lifecycle/campaignmetadataaggregator?country=DE&locale=de-DE&app=2155&platform=Web&version=16.0.15317.41002&campaignParams=pageWidth%3D476%26pageHeight%3D288%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3B&ageGroup=0&sessionUserType=2
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.96 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04d665f864fd62714caaa53532b12d06b0e0f399dcf4926e46929773504d5f12
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://word-view.officeapps.live.com/
x-correlationid
8309acc6-b812-42c1-8012-02b812f30e2e
x-usersessionid
918d8dda-c17b-4ef6-07f4-6d894bd31cb8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
weu-000.omexmessaging.osi.office.net
x-gateids
AirTrafficControl.GovernanceRule
x-officeversion
22.4.10503.11112
x-officefe
OmexMessagingStorefront_IN_1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
vary
Accept-Encoding
content-length
243
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
no-cache
x-correlationid
a7fa7baa-c914-47f0-8fc3-0ae0a82f0bee
server
x-usersessionid
918d8dda-c17b-4ef6-07f4-6d894bd31cb8
date
Sat, 21 May 2022 04:56:29 GMT
x-frame-options
deny
content-type
application/json; charset=utf-8
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
*
cache-control
private, no-store
x-machine
weu-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_1
access-control-allow-headers
authorization,X-CorrelationId,X-UserSessionId,Content-Type
campaignmetadataaggregator
messaging.office.com/lifecycle/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://messaging.office.com/lifecycle/campaignmetadataaggregator?country=DE&locale=de-DE&app=2155&platform=Web&version=16.0.15317.41002&campaignParams=pageWidth%3D476%26pageHeight%3D288%26screenWidth%3D1600%26screenHeight%3D1200%26colorDepth%3D24%26more%3Dtrue%26OFC_Audience%3DProduction%26Datacenter%3DPNL1%26TenantId%3D9188040d-6c67-4c5b-b112-36a304b66dad%26SelfTriggerActivity%3D%3Bwordfloodgateflight13%3Bwordfloodgateflight14%26&contentType=CampaignContent%3BDynamicSettings&puid=&OFC_FLIGHTS=wordfloodgateflight13%3Bwordfloodgateflight14%3B&ageGroup=0&sessionUserType=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.88.96 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-correlationid,x-usersessionid
Access-Control-Request-Method
GET
Origin
https://word-view.officeapps.live.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
authorization,X-CorrelationId,X-UserSessionId,Content-Type
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
*
access-control-max-age
86400
cache-control
private
content-length
0
date
Sat, 21 May 2022 04:56:29 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-correlationid
aa308f11-ccae-4e98-a757-cc79c91bfd33
x-frame-options
deny
x-gateids
AirTrafficControl.GovernanceRule
x-machine
weu-000.omexmessaging.osi.office.net,OmexMessagingStorefront_IN_1
x-officecluster
weu-000.omexmessaging.osi.office.net
x-officefe
OmexMessagingStorefront_IN_1
x-officeversion
22.4.10503.11112
x-ua-compatible
IE=edge
x-usersessionid
aa308f11-ccae-4e98-a757-cc79c91bfd33
x-xss-protection
1; mode=block
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		0
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PIE1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId
b1173efe-0ac8-451f-ad1a-59285f4f3584
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon
[{"Index":4,"MsSinceStart":1220,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000BAFC
x-officeversion
16.0.15319.41002
x-officefe
BL6PEPF0000BAFC
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
eee8534b-7c4f-44c6-b947-9168aaba2fef
x-officecluster
PGTUS4
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 7AD68F68DBCE4BAB971CEF042D0E7CA3 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
otelFull.min.js
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/ Frame 3509 		117 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/otelFull.min.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
25be9a4bcb060e2b2862693b8d54a6231a86c37a0f7671e25eff984d4d3d512f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"99e7eecfe36ad81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF0000C627
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
30398
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:28 GMT
x-officefd
DB5PEPF0000C627
x-msedge-ref
Ref A: 0997AF549FFB403C9756B45D308F7AA0 Ref B: VIEEDGE2018 Ref C: 2022-05-18T18:19:28Z
x-usersessionid
f58b949e-4081-465a-8e0b-3965f0b2d1e8
date
Sat, 21 May 2022 04:56:29 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
f58b949e-4081-465a-8e0b-3965f0b2d1e8
accept-ranges
bytes
timing-allow-origin
*
wl.ms.js
js.live.net/v5.0/ Frame D247 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.live.net/v5.0/wl.ms.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
104.92.80.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-80-28.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
X-MSNServer
RD0003FF1DA9E7
Last-Modified
Fri, 10 Jul 2020 18:30:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0b3b92be856d61:0"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=63018, public
X-ODWebServer
westeurope0-odwebp
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
16199
ping
browser.events.data.microsoft.com/ Frame 3509 		4 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/ping
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/otelFull.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.239.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Server
Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://word-view.officeapps.live.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Content-Length
4
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame D247 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId
8340c83a-8223-481e-8e20-13267fb79240
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon
[{"Index":4,"MsSinceStart":1214,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000BAF6
x-officeversion
16.0.15319.41002
x-officefe
BL6PEPF0000BAF6
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
9b86d549-8408-4f52-b8cc-1849589a7ee1
x-officecluster
PGTUS4
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240
date
Sat, 21 May 2022 04:56:29 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 045E8D3D6EDE411DAB2205C0F5D47970 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:29Z
c.gif
c.live.com/ Frame A8D4 		42 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.live.com/c.gif?DI=15347&wlxid=13d10ae2-ec95-4a42-984d-b820cfbc0aef&reqid=001b0a668ee&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D99B630%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D2877%26IR%3D1%26EX%3D0%26L.h%3D888%26L.sjs%3D1614%26L.ttg%3D888%26C.st%3D1653108986948%26N.domIn%3D913%26N.dns%3D72%26N.tcp%3D18%26N.req%3D610%26N.resp%3D1%26N.navType%3D0%26N.redirectCount%3D0&r=0.3265502522320507
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 04:56:29 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
otelFull.min.js
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/ Frame D247 		117 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/otelFull.min.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
25be9a4bcb060e2b2862693b8d54a6231a86c37a0f7671e25eff984d4d3d512f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"99e7eecfe36ad81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF0000C627
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
30398
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:28 GMT
x-officefd
DB5PEPF0000C627
x-msedge-ref
Ref A: 0997AF549FFB403C9756B45D308F7AA0 Ref B: VIEEDGE2018 Ref C: 2022-05-18T18:19:28Z
x-usersessionid
f58b949e-4081-465a-8e0b-3965f0b2d1e8
date
Sat, 21 May 2022 04:56:29 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
f58b949e-4081-465a-8e0b-3965f0b2d1e8
accept-ranges
bytes
timing-allow-origin
*
ping
browser.events.data.microsoft.com/ Frame D247 		4 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/ping
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/otelFull.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.239.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:29 GMT
Server
Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://word-view.officeapps.live.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Content-Length
4
wordviewerframe.aspx
word-view.officeapps.live.com/wv/ Frame 5B86 		125 KB
127 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21696&authkey=AAiBHyhY5FXhPpo&em=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
33be6fa29441911f568fefd131834c7cab5eb870cb00ecb04ac90c4bc2f3d138
Security Headers
Name Value
Content-Security-Policy font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-security-policy
font-src data: c1h-word-view-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1h-word-view-15.cdn.office.net c1h-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' blob: https:; child-src blob: ms-word: 'self' https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /wv/reportcsp.ashx
content-type
text/html; charset=utf-8
date
Sat, 21 May 2022 04:56:29 GMT
document-policy
js-profiling
expires
-1
origin-trial
Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
39340354-8026-4cac-a2f0-6abac06134f5
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref
Ref A: F8125D05F6944B89AB7F93609FA71E52 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:30Z
x-officecluster
PNL1
x-officefd
AM4PEPF00010AB4
x-officefe
AM4PEPF00010AB4
x-officeversion
16.0.15317.41002
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
jquery-1.7.2-39eeb07e.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame AD96 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21696&authkey=AAiBHyhY5FXhPpo&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:30 GMT
content-encoding
gzip
content-md5
Oe6wfmgC4rV/XhCprZvKJA==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
33335
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E53DB4CCFD
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b1776575-301e-00d4-1575-2654f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=26148468
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
embed_s_embed-212fe29f.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame AD96 		483 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21696&authkey=AAiBHyhY5FXhPpo&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:30 GMT
content-encoding
gzip
content-md5
IS/in/g30QB+g7MVI79lXQ==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
135707
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E533D8DD7F
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1dd59f8f-f01e-0086-0c75-264900000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=26251277
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
embed1-0986a9b4.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame AD96 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21696&authkey=AAiBHyhY5FXhPpo&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:30 GMT
content-encoding
gzip
content-md5
CYaptDz18cVXSIKt0vWKWA==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
14119
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E5332E9B80
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1dd59fea-f01e-0086-5775-264900000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14722440
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
embed2-8c600200.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame AD96 		203 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21696&authkey=AAiBHyhY5FXhPpo&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:30 GMT
content-encoding
gzip
content-md5
jGACACXYYkvx7qKc5FskXg==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
69276
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:54:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E5337DDB83
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b17765c6-301e-00d4-5775-2654f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=17005608
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
embed0-54f3ec81.js
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame AD96 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21696&authkey=AAiBHyhY5FXhPpo&em=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.216.77.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-216.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer
https://onedrive.live.com/
Origin
https://onedrive.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 21 May 2022 04:56:30 GMT
content-encoding
gzip
content-md5
VPPsgWGZk5RDzVgXZtU7Yg==
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
6057
x-ms-lease-status
unlocked
last-modified
Mon, 14 May 2018 21:53:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D5B9E532CDCC12
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
19fba659-901e-0138-1775-261ade000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=25515341
x-ms-version
2009-09-19
timing-allow-origin
*
quic-version
Q050
WordViewer.css
c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/ Frame 5B86 		277 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/WordViewer.css
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2c4e7fa0c4a763e47a8a92be9ee72520adc7baa8caca0c5756e1a2542096e06d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
"b02159f21060d81:0"
x-officecluster
PNL1
x-officeversion
16.0.15229.41003
x-officefe
AM4PEPF000131F5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length
34097
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified
Wed, 04 May 2022 23:44:50 GMT
x-officefd
AM4PEPF000131F5
x-msedge-ref
Ref A: C0291C5432D1463082FD2EAAEF5E49C9 Ref B: VIEEDGE3414 Ref C: 2022-05-09T09:19:35Z
x-usersessionid
bba08fb5-1c1e-4262-bf32-5158a09bdfc4
date
Sat, 21 May 2022 04:56:30 GMT
content-type
text/css
access-control-allow-origin
*
x-correlationid
bba08fb5-1c1e-4262-bf32-5158a09bdfc4
accept-ranges
bytes
timing-allow-origin
*
MicrosoftAjaxDS.js
c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/ Frame 5B86 		106 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
793e4ef4951e7e51858eb21509bad1c5612ac636255129a4d9e5d5b3eebc85b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
"d2b7625cd664d81:0"
x-officecluster
PNL1
x-officeversion
16.0.15304.41015
x-officefe
AM4PEPF000131E5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
23675
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 11 May 2022 01:28:04 GMT
x-officefd
AM4PEPF000131E5
x-msedge-ref
Ref A: 25A120C8C6864BE2933890C0667C4C57 Ref B: VIEEDGE3705 Ref C: 2022-05-14T04:46:12Z
x-usersessionid
0bab3361-deaa-469e-ad69-14f392b63893
date
Sat, 21 May 2022 04:56:30 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
0bab3361-deaa-469e-ad69-14f392b63893
accept-ranges
bytes
timing-allow-origin
*
CommonIntl.js
c1h-word-view-15.cdn.office.net/wv/s/hBC024565F5406F5A_App_Scripts/1031/ Frame 5B86 		152 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/hBC024565F5406F5A_App_Scripts/1031/CommonIntl.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
49c031b42bbd5f4d0ea786c19badce9083340741b4080f2e54394879b6e3652e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"271bd67be46ad81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF0000F305
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
32291
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:24:17 GMT
x-officefd
DB5PEPF0000F305
x-msedge-ref
Ref A: CD94F165B4664B3CA0DD8FF339BAF50C Ref B: VIEEDGE1519 Ref C: 2022-05-18T18:24:16Z
x-usersessionid
0d663424-098b-45d4-99eb-9de830d3eaf6
date
Sat, 21 May 2022 04:56:30 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
0d663424-098b-45d4-99eb-9de830d3eaf6
accept-ranges
bytes
timing-allow-origin
*
Compat.js
c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/ Frame 5B86 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/hCBA89239522795D5_App_Scripts/Compat.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
"f96b2744cb64d81:0"
x-officecluster
PNL1
x-officeversion
16.0.15304.41015
x-officefe
AM4PEPF00010AB8
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
1373
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified
Wed, 11 May 2022 00:08:39 GMT
x-officefd
AM4PEPF000068C0
x-msedge-ref
Ref A: 9AB18C7BA4D5415389824AC8619E5142 Ref B: VIEEDGE3422 Ref C: 2022-05-12T07:24:40Z
x-usersessionid
aa2e584b-050f-4eb7-9d11-796e91a78a76
date
Sat, 21 May 2022 04:56:30 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
aa2e584b-050f-4eb7-9d11-796e91a78a76
accept-ranges
bytes
timing-allow-origin
*
WordViewerIntl.js
c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/ Frame 5B86 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h56A3B227C2922138_App_Scripts/1031/WordViewerIntl.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
"31851b3acb64d81:0"
x-officecluster
PNL1
x-officeversion
16.0.15304.41015
x-officefe
AM4PEPF000069FA
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
4307
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 11 May 2022 00:08:22 GMT
x-officefd
AM4PEPF000069FA
x-msedge-ref
Ref A: 511F028C46E5497DADAD2C122A4F33DF Ref B: VIEEDGE3419 Ref C: 2022-05-15T21:53:50Z
x-usersessionid
1a42f080-7306-4357-a185-ec76e4910f2f
date
Sat, 21 May 2022 04:56:30 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
1a42f080-7306-4357-a185-ec76e4910f2f
accept-ranges
bytes
timing-allow-origin
*
word-app-intl.min.js
c1h-word-view-15.cdn.office.net/wv/s/h6893F6D2177AB1D5_App_Scripts/1031/ Frame 5B86 		470 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h6893F6D2177AB1D5_App_Scripts/1031/word-app-intl.min.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6893f6d2177ab1d56333a6d41e89611747efe7231276b7dbdf9250a5962a3dce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"48d6da7be46ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF000131EF
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
74407
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:24:17 GMT
x-officefd
AM4PEPF000131EF
x-msedge-ref
Ref A: 750CADF039944042AD36769D44602EE8 Ref B: VIEEDGE3608 Ref C: 2022-05-18T18:24:16Z
x-usersessionid
8339461f-4da2-42b8-bac2-08f4eec9e51c
date
Sat, 21 May 2022 04:56:30 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
8339461f-4da2-42b8-bac2-08f4eec9e51c
accept-ranges
bytes
timing-allow-origin
*
appResourceLoader.min.js
c1h-word-view-15.cdn.office.net/wv/s/hE156DB1570C13C42_App_Scripts/exp/ Frame 5B86 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/hE156DB1570C13C42_App_Scripts/exp/appResourceLoader.min.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e156db1570c13c426d727df0b700884fac3ea70307c6ad350e47b8a266719393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"5f877cc8e36ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF00010AB5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
2858
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:16 GMT
x-officefd
AM4PEPF00010AB5
x-msedge-ref
Ref A: 6C6959184A5849048829EFDF48DB0A2B Ref B: VIEEDGE3422 Ref C: 2022-05-18T18:19:16Z
x-usersessionid
56d0c5cc-b42e-4a20-a92a-1730d42f1bc8
date
Sat, 21 May 2022 04:56:30 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
56d0c5cc-b42e-4a20-a92a-1730d42f1bc8
accept-ranges
bytes
timing-allow-origin
*
WordViewerDS.js
c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/ Frame 5B86 		3 MB
462 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
90869a05d5cb6f6864f79c1bdb28c83bd93cb0c3bd5d7a426a3f584af40b67e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"5ca07fc8e36ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF00012933
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
471073
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:16 GMT
x-officefd
AM4PEPF00012933
x-msedge-ref
Ref A: 2EC7E2BD41B44726A49C6D4B67AD3FF3 Ref B: VIEEDGE2912 Ref C: 2022-05-18T18:19:16Z
x-usersessionid
556096e8-7b4f-4fbd-a443-702d830a1b97
date
Sat, 21 May 2022 04:56:30 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
556096e8-7b4f-4fbd-a443-702d830a1b97
accept-ranges
bytes
timing-allow-origin
*
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		0
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId
39340354-8026-4cac-a2f0-6abac06134f5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon
[{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000B925
x-officeversion
16.0.15317.41002
x-officefe
BL6PEPF0000B925
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
9bb2390a-eb93-4136-ad39-856673577f05
x-officecluster
PGTUS6
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:30 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 349679CF817E4D59BC1348C88BB83C65 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:30Z
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId
39340354-8026-4cac-a2f0-6abac06134f5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon
[{"Index":1,"MsSinceStart":56,"Value":"https://c1h-word-view-15.cdn.office.net:443/wv/s/h2C4E7FA0C4A763E4_resources/1031/WordViewer.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000E940
x-officeversion
16.0.15317.41002
x-officefe
BL6PEPF0000E940
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
c4e4cf03-f027-4215-b530-884039ce7133
x-officecluster
PGTUS6
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:30 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 4489A1BBA37741118530868D3263474F Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:30Z
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&splashscreen=1&build=16.0.15317.41002&PdfMode=1&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF000131F0
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF000131F0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
1245
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
9dc2e944-b794-4af1-a102-4845be23ecec
x-officefd
AM4PEPF000131F0
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:30 GMT
x-download-options
noopen
content-type
text/html
cache-control
no-cache
x-msedge-ref
Ref A: 1E5A3773AF3244C89FF7A9E85519067E Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:30Z
timing-allow-origin
*
expires
-1
wapsw.png
c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/ Frame 5B86 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/wapsw.png?b=1601531741002
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
W/"275d4df4646bd81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF000083FF
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
5884
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Thu, 19 May 2022 09:43:54 GMT
x-officefd
DB5PEPF000083FF
x-msedge-ref
Ref A: 9BA0506BCC80453AAEF1BFC69C118CA6 Ref B: LON21EDGE2313 Ref C: 2022-05-19T09:43:54Z
x-usersessionid
1df555b6-ed69-4e27-9ec5-0ca6afea8785
date
Sat, 21 May 2022 04:56:30 GMT
content-type
image/png
access-control-allow-origin
*
x-correlationid
1df555b6-ed69-4e27-9ec5-0ca6afea8785
accept-ranges
bytes
timing-allow-origin
*
wv.png
c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/ Frame 5B86 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/wv.png
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
W/"642241abe66ad81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF00008420
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
35196
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:39:55 GMT
x-officefd
DB5PEPF00008420
x-msedge-ref
Ref A: 24F2D7F327874EB094B712E4FF613E6E Ref B: VIEEDGE4320 Ref C: 2022-05-18T18:39:55Z
x-usersessionid
e1e9cbfd-ff41-4367-bf12-ac2773159442
date
Sat, 21 May 2022 04:56:30 GMT
content-type
image/png
access-control-allow-origin
*
x-correlationid
e1e9cbfd-ff41-4367-bf12-ac2773159442
accept-ranges
bytes
timing-allow-origin
*
segoeui.woff
c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/ Frame 5B86 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/segoeui.woff
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/WordViewer.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://c1h-word-view-15.cdn.office.net/wv/s/h2C4E7FA0C4A763E4_resources/1031/WordViewer.css
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
W/"10bfad462a63d81:0"
x-officecluster
GEU4C
x-officeversion
16.0.15229.41003
x-officefe
DU2PEPF00009252
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length
22720
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified
Sun, 08 May 2022 22:23:43 GMT
x-officefd
DU2PEPF00009244
x-msedge-ref
Ref A: B6A3B639EFB946FB981A4E00AF8B4968 Ref B: VIEEDGE3809 Ref C: 2022-05-08T22:23:43Z
x-usersessionid
013e049b-9fa1-4caf-b02c-c32662303bf3
date
Sat, 21 May 2022 04:56:30 GMT
content-type
font/x-woff
access-control-allow-origin
*
x-correlationid
013e049b-9fa1-4caf-b02c-c32662303bf3
accept-ranges
bytes
timing-allow-origin
*
docdatahandler.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		357 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/docdatahandler.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&type=png&o15=1&ui=de-DE&PdfMode=1&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
8d4ed7dc95240c00bcab002c5e0d341b6041634e293457e15a3acb020390d054
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-WacFrontEnd
AM4PEPF00010AB4
X-UserSessionId
39340354-8026-4cac-a2f0-6abac06134f5
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
qoSoCGEStpR+sAgZGxizfMyDetdFyOws0Kf3PE9yMg4=,637887057900706235
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF00010AB4
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF00010AB4
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
353
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path
WAC_WFE_AFFINITY_TARGET_URL
x-correlationid
76880ab1-9d13-4bb4-918c-edcd9914965c, 76880ab1-9d13-4bb4-918c-edcd9914965c
x-officefd
AM4PEPF000131EC
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5, 39340354-8026-4cac-a2f0-6abac06134f5
x-powered-by
ARR/3.0
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
cache-control
private
x-msedge-ref
Ref A: 5E713CBDB72249619AF6DA5EF2E021C1 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:30Z
timing-allow-origin
*, *
expires
Sun, 21 May 2023 04:56:31 GMT
wacairspaceanimationlibrary.js
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/ Frame 5B86 		40 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/wacairspaceanimationlibrary.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"99bbbfc9e36ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF0001293C
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
5997
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:18 GMT
x-officefd
AM4PEPF0001293C
x-msedge-ref
Ref A: C762064E68864BD6B50460E41BEFAEAB Ref B: VIEEDGE1708 Ref C: 2022-05-18T18:19:18Z
x-usersessionid
17d54f5f-b3ee-40b3-ba11-30d2970fde0b
date
Sat, 21 May 2022 04:56:30 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
17d54f5f-b3ee-40b3-ba11-30d2970fde0b
accept-ranges
bytes
timing-allow-origin
*
990660ad-89fa-4c42-9d52-7175c8bd7cf0
https://word-view.officeapps.live.com/ Frame 5B86 		189 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://word-view.officeapps.live.com/990660ad-89fa-4c42-9d52-7175c8bd7cf0
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6581c42a8df061bde74f89c567379ffd74cd8a9447192f7d2c2bb366a476293a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
189
Content-Type
application/javascript
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		0
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId
39340354-8026-4cac-a2f0-6abac06134f5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon
[{"Index":2,"MsSinceStart":223,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000BAFC
x-officeversion
16.0.15319.41002
x-officefe
BL6PEPF0000BAFC
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
9c0b6ef3-d5e9-4c28-badf-64215ea04def
x-officecluster
PGTUS4
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:30 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 4CF9AFA8421C43429690F941186371B6 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:30Z
translation.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp%5FuR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu%2DZq2v%2DHp2XoNRl4xcrDiGeR1OTI%2DQQ&access_token_ttl=1654923387570&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ&uilang=de-DE&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
922201786205da9c51ac0752e274be6614d995d39e92d18908babf44c74517c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-WacFrontEnd
DB5PEPF0000F301
X-UserSessionId
b1173efe-0ac8-451f-ad1a-59285f4f3584
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
BbGaxjC2RL7dTmwYuPuxyu9k/3EEaAKmpe9iW3pRrm4=,637887057880180476
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
PIE1

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PIE1
x-wacfrontend
DB5PEPF0000F301
x-officeversion
16.0.15317.41002
x-officefe
DB5PEPF0000F301
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
1455
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path
WAC_WFE_AFFINITY_TARGET_URL
x-correlationid
ef32db6d-ef20-46a2-99ea-edd473306597, ef32db6d-ef20-46a2-99ea-edd473306597
x-officefd
DB5PEPF0000CE8C
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584, b1173efe-0ac8-451f-ad1a-59285f4f3584
x-powered-by
ARR/3.0
date
Sat, 21 May 2022 04:56:30 GMT
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store
x-msedge-ref
Ref A: 40904AD1E28540BB9FEBD9C269ACD6D3 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:30Z
timing-allow-origin
*, *
expires
-1
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1731416227&t=pageview&_s=1&dl=http%3A%2F%2Fwww.allfordrugs.com%2F&ul=en-us&de=UTF-8&dt=All%20About%20Drugs%20%E2%80%93%20Tout%20sur%20les%20m%C3%A9dicaments%20%D7%94%D7%9B%D7%9C%20%D7%A2%D7%9C%20%D7%AA%D7%A8%D7%95%D7%A4%D7%95%D7%AA%20%D9%83%D9%84%20%D8%B4%D9%8A%D8%A6%20%D8%B9%D9%86%20%D8%A7%D9%84%D8%A3%D8%AF%D9%88%D9%8A%D8%A9%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B0%D1%80%D0%BA%D0%BE%D1%82%D0%B8%D0%BA%D0%B0%D1%85%20%E5%85%B3%E4%BA%8E%E8%8D%AF%E5%93%81%E7%9A%84%E4%B8%80%E5%88%87%20%E0%B0%A1%E0%B1%8D%E0%B0%B0%E0%B0%97%E0%B1%8D%E0%B0%B8%E0%B1%8D%20%E0%B0%97%E0%B1%81%E0%B0%B0%E0%B0%BF%E0%B0%82%E0%B0%9A%E0%B0%BF%20%E0%B0%85%E0%B0%A8%E0%B1%8D%E0%B0%A8%E0%B0%BF%20%EB%A7%88%EC%95%BD%EC%97%90%20%EA%B4%80%ED%95%9C%20%EB%AA%A8%EB%93%A0%20%EA%B2%83%20%CE%8C%CE%BB%CE%B1%20%CE%B3%CE%B9%CE%B1%20%CF%84%CE%B1%20%CE%9D%CE%B1%CF%81%CE%BA%CF%89%CF%84%CE%B9%CE%BA%CE%AC%20Complete%20Tracking%20of%20Drugs%20Across%20the%20World%20by%20Dr%20Anthony%20Melvin%20Crasto%2C%20Worldpeacepeaker%2C%20worlddrugtracker%2C%20PH.D%20(ICT)%2C%20MUMBAI%2C%20INDIA%2C%20Worlddrugtracker%2C%20Helping%20millions%2C%209%20million%20hits%20on%20google%20on%20all%20websites%2C%202.5%20lakh%20connections%20on%20all%20networks%2C%20%E2%80%9CALL%20FOR%20DRUGS%E2%80%9D%20CATERS%20TO%20EDUCATION%20GLOBALLY%2C%20No%20commercial%20exploits%20are%20done%20or%20advertisements%20added%20by%20me.%20This%20is%20a%20compilation%20for%20educational%20purposes%20only.%20P.S.%20%3A%20The%20views%20expressed%20are%20my%20personal%20and%20in%20no-way%20suggest%20the%20views%20of%20the%20professional%20body%20or%20the%20company%20that%20I%20represent&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=17536765&gjid=1408300651&cid=783969548.1653108990&tid=UA-47478536-1&_gid=407713236.1653108990&_r=1&_slc=1&z=379687277
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.allfordrugs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 May 2022 04:56:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.allfordrugs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sm.23.html
static.addtoany.com/menu/ Frame 8706 		741 B
820 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.23.html
Requested by
Host: static.addtoany.com
URL: http://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.allfordrugs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1392421
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
70eab9d6cd0b0204-ZRH
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 21 May 2022 04:56:30 GMT
etag
W/"2e5-5cc9e128a4c38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 22 Sep 2021 23:42:51 GMT
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
e2s
x-content-type-options
nosniff
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/gif
icons.30.svg.js
static.addtoany.com/menu/svg/ 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons.30.svg.js
Requested by
Host: static.addtoany.com
URL: http://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:30 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
16580561
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 10 Nov 2021 01:49:04 GMT
server
cloudflare
etag
W/"132a9-5d0656e4a26b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
cf-ray
70eab9d6cd0c0204-ZRH
cf-bgj
minify
c.gif
c.live.com/ Frame AD96 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.live.com/c.gif?DI=15347&wlxid=1ee0f04d-45ac-4396-9bda-575e4e896008&reqid=001a09831e8&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D999B0A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D3576%26IR%3D1%26EX%3D0%26L.h%3D3067%26L.sjs%3D3145%26L.ttg%3D3067%26C.st%3D1653108986968%26N.domIn%3D3079%26N.req%3D1086%26N.resp%3D84%26N.navType%3D0%26N.redirectCount%3D0&r=0.6676172382600467
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onedrive.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 04:56:30 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
translation.ashx
word-view.officeapps.live.com/wv/ Frame D247 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&access_token=4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm%5FU5P8h4wurzqbKsasoz3Cf0zpHuhF%2DCMdu77Eq69gSOHDy6N%5FmolW3v1hZhAQBxwsm3%5FfnEXA0anddZfH4rgp6pTwntU86miKA&access_token_ttl=1654923387908&z=aRkMzMDcxQTVENzc5N0REMiE2OTUuNQ&uilang=de-DE&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
922201786205da9c51ac0752e274be6614d995d39e92d18908babf44c74517c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-WacFrontEnd
AM4PEPF00006A32
X-UserSessionId
8340c83a-8223-481e-8e20-13267fb79240
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
B2ZntG7pUfKTOCPgJQnZ8Wi1GYDczLTpwdBo7c6sqxM=,637887057885598821
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF00006A32
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF00006A32
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
1455
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
ca40350b-cd97-4aca-9a9c-7e22714c74d3
x-officefd
AM4PEPF00006A32
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240
date
Sat, 21 May 2022 04:56:30 GMT
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store
x-msedge-ref
Ref A: 916D7546BBA5408EA729AE69AE79D04B Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:30Z
timing-allow-origin
*
expires
-1
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&splashscreen=1&build=16.0.15317.41002&PdfMode=1&waccluster=PNL1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF000131E5
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF000131E5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
1245
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
6070a52b-893c-4f88-871c-fb627f2e6960
x-officefd
AM4PEPF000131E5
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
text/html
cache-control
no-cache
x-msedge-ref
Ref A: 8D3F4805454F4B06BF004715D40C5AF1 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
timing-allow-origin
*
expires
-1
a.php
rc.revolvermaps.com/w/1/a/ Frame 6EA8 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rc.revolvermaps.com/w/1/a/a.php?i=2afvg8irrbf&s=220&m=0&v=false&r=false&b=000000&n=false&c=ff0000
Requested by
Host: jc.revolvermaps.com
URL: http://jc.revolvermaps.com/2/1.js?i=2afvg8irrbf&s=220&m=0&v=false&r=false&b=000000&n=false&c=ff0000
Protocol
HTTP/1.1
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
c886b49ca24babfb5d25f357437cecdd5247643a3edb0603631017696bab5549

Request headers

Referer
http://www.allfordrugs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
public, max-age=2592000
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
7897
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 May 2022 04:56:31 GMT
Keep-Alive
timeout=4, max=100
Server
Apache
Vary
Accept-Encoding
shares.json
api-public.addthis.com/url/ 		34 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.allfordrugs.com%2F&callback=_ate.cbs.rcb_ct2l0
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
06e5b96cea009ab42be65692efd0b967fb14a300f9a68d4865f6d460ef8e5466
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.allfordrugs.com/
last-modified
Sat, 21 May 2022 04:56:31 GMT
server
nginx/1.15.8
date
Sat, 21 May 2022 04:56:31 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
54
shares-post.json
api-public.addthis.com/url/serviceapi/ 		2 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.allfordrugs.com%2F
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://www.allfordrugs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://www.allfordrugs.com/
last-modified
Sat, 21 May 2022 04:00:00 GMT
server
nginx/1.15.8
date
Sat, 21 May 2022 04:56:31 GMT
content-type
application/json
access-control-allow-origin
http://www.allfordrugs.com
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
shares.json
api-public.addthis.com/url/ 		34 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.allfordrugs.com%2F&callback=_ate.cbs.rcb_j6v40
Requested by
Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
ef11e2fa34dffbfa5cfc4e14e269963985c0951cf645390fe9ac70d0588e69e2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
www.allfordrugs.com/
last-modified
Sat, 21 May 2022 04:56:31 GMT
server
nginx/1.15.8
date
Sat, 21 May 2022 04:56:31 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
54
truncated
/ 		443 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		0
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId
39340354-8026-4cac-a2f0-6abac06134f5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon
[{"Index":3,"MsSinceStart":1303,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000BB17
x-officeversion
16.0.15319.41002
x-officefe
BL6PEPF0000BB17
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
dcc78494-dc8c-44af-92d6-a6f0683f8a35
x-officecluster
PGTUS4
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: C0CBF52BC05548938011A8FAFA5D4DB0 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
WordViewerDS.dll1.js
c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/ Frame 5B86 		838 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.dll1.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9a435242daabecff2c8118b1a3d0c5631f16bd96f61a3f9418c681be22cf1bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"e38ba5cce36ad81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF0000E7FD
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
140063
cache-control
public,max-age=31536000
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:23 GMT
x-officefd
DB5PEPF0000E7FD
x-msedge-ref
Ref A: 05BFF1554C514EA09D808CCDA5193044 Ref B: VIEEDGE2018 Ref C: 2022-05-18T18:19:22Z
x-usersessionid
59ebcab8-7ef1-4147-b438-cea85bc482fa
date
Sat, 21 May 2022 04:56:31 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
59ebcab8-7ef1-4147-b438-cea85bc482fa
accept-ranges
bytes
timing-allow-origin
*
progress.gif
c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/ Frame 5B86 		695 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_resources/1031/progress.gif
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
W/"2d763da6e46ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF000131E9
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
695
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:25:28 GMT
x-officefd
AM4PEPF000131E9
x-msedge-ref
Ref A: 791D4A5213D247FF862B413C1D14DEE2 Ref B: VIEEDGE3614 Ref C: 2022-05-18T18:25:28Z
x-usersessionid
81d9b371-bd9c-4913-8a11-e12433f27b6c
date
Sat, 21 May 2022 04:56:31 GMT
content-type
image/gif
access-control-allow-origin
*
x-correlationid
81d9b371-bd9c-4913-8a11-e12433f27b6c
accept-ranges
bytes
timing-allow-origin
*
officebrowserfeedback_floodgate.js
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/ Frame 5B86 		549 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9453a0d46bcb5bb3ef1982975b93214e05fc901c61cda2917fda568d7a3d4704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"b37487cce36ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF00006A0C
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
103228
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:22 GMT
x-officefd
AM4PEPF00006A0C
x-msedge-ref
Ref A: 85AA4CE43BB64C60AFD1EE9D3E8E3C58 Ref B: VIEEDGE1513 Ref C: 2022-05-18T18:19:22Z
x-usersessionid
7462f9e4-47ef-4215-845c-433ae4fea886
date
Sat, 21 May 2022 04:56:31 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
7462f9e4-47ef-4215-845c-433ae4fea886
accept-ranges
bytes
timing-allow-origin
*
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

X-WacFrontEnd
AM4PEPF00010AB4
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
qoSoCGEStpR+sAgZGxizfMyDetdFyOws0Kf3PE9yMg4=,637887057900706235
X-bULS-SuppressionETag
93275736E860D80D1598AD19ECC605672B1ABEF9
X-Requested-With
XMLHttpRequest
X-xhr
1
haep
1
X-AccessToken
4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ
X-UserSessionId
39340354-8026-4cac-a2f0-6abac06134f5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType
WOPI
X-AccessTokenTtl
1654923387982
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PGTUS6
x-officeversion
16.0.15317.41002
x-officefe
BL6PEPF0000BB84
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
93275736E860D80D1598AD19ECC605672B1ABEF9
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
f688e898-ca6b-4a2c-9e1d-6cb8ca2979ef
x-officefd
BL6PEPF0000BB84
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: C11774892B2A4610B610934E7ECDAF57 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF000131EC
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF000131EC
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
1245
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
96eac3ab-a012-4a36-8090-23a67af71c65
x-officefd
AM4PEPF000131EC
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
text/html
cache-control
no-cache
x-msedge-ref
Ref A: DDA402F26324416D963E6950DA7D0844 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
timing-allow-origin
*
expires
-1
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF00006A32
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF00006A32
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
1245
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
f4dfb473-a021-4115-8d93-e77c30e0743d
x-officefd
AM4PEPF00006A32
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
text/html
cache-control
no-cache
x-msedge-ref
Ref A: D561906FD38D44609D43BA528D427540 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
timing-allow-origin
*
expires
-1
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		227 KB
228 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p3.img&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
783568ee7db7e3ca349d6f64fbe9c6d9a9c10614445352489a40a55f00bf3293
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF000131F0
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF000131F0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
231981
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ00000000-0000-0000-0000-000000000802p3.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
386cf581-797c-46c3-bc42-e4af33a243c5
x-officefd
AM4PEPF000131F0
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: 97AB658B4E6C4B95AF101D94E4B3D200 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:31 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p4.img&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89adc9abbb5d6f1594eb0e7caa71a0f0fb95ccdf135453c1be50e159ddba243e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF00010AB4
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF00010AB4
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
62457
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ00000000-0000-0000-0000-000000000802p4.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
d51049a1-c2c7-4d4f-87ef-45b4c29de6c4
x-officefd
AM4PEPF00010AB4
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: F86030E073264B668B895A0CFF130C37 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:31 GMT
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 3509 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PIE1&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

X-WacFrontEnd
DB5PEPF0000F301
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
BbGaxjC2RL7dTmwYuPuxyu9k/3EEaAKmpe9iW3pRrm4=,637887057880180476
X-bULS-SuppressionETag
93275736E860D80D1598AD19ECC605672B1ABEF9
X-Requested-With
XMLHttpRequest
X-xhr
1
haep
1
X-AccessToken
4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp_uR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu-Zq2v-Hp2XoNRl4xcrDiGeR1OTI-QQ
X-UserSessionId
b1173efe-0ac8-451f-ad1a-59285f4f3584
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=0ULIrVIT40axB1hQLVjt6w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType
WOPI
X-AccessTokenTtl
1654923387570
X-WacCluster
PIE1

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PGTUS6
x-officeversion
16.0.15317.41002
x-officefe
BL6PEPF0000B925
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
93275736E860D80D1598AD19ECC605672B1ABEF9
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
35255b6d-516c-4750-8b01-8c2f8081e169
x-officefd
BL6PEPF0000B925
x-usersessionid
b1173efe-0ac8-451f-ad1a-59285f4f3584
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 8746D0FA02A24DBCB4F6E121F62100C1 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		125 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p_1_10.xml&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
bb3eb47ae0e6951633dd951a12f9a4fb43e3dde63196c9e8de4485ba7a5d4f5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-WacFrontEnd
AM4PEPF00010AB4
X-UserSessionId
39340354-8026-4cac-a2f0-6abac06134f5
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
qoSoCGEStpR+sAgZGxizfMyDetdFyOws0Kf3PE9yMg4=,637887057900706235
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF00010AB4
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF00010AB4
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
34213
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ00000000-0000-0000-0000-000000000802p_1_10.xml"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path
WAC_WFE_AFFINITY_TARGET_URL
x-correlationid
cf4fbc30-8c42-403c-af7a-cd7b08c3c787, cf4fbc30-8c42-403c-af7a-cd7b08c3c787
x-officefd
AM4PEPF000131E5
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5, 39340354-8026-4cac-a2f0-6abac06134f5
x-powered-by
ARR/3.0
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
cache-control
private
x-msedge-ref
Ref A: 34AFBA93C68647FD8CBAC5227A8606DD Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
timing-allow-origin
*, *
expires
Sun, 21 May 2023 04:56:31 GMT
asd100.bin
freychang.fun/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/asd100.bin
Requested by
Host: d2fbkzyicji7c4.cloudfront.net
URL: http://d2fbkzyicji7c4.cloudfront.net/?zkbfd=728531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:31 GMT
access-control-allow-methods
GET
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 21 May 2022 04:56:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQT0zWo3hclAsFx2AObNmutbs2h8id1jszhxBqhal89Iof%2F%2FWL%2B7eWPb0NGP85o6YrXUlZMcK5GYyL65bhmOmlCrzlzNd5pgTEKPTa7LqX6lS0G4TYodLCMF%2BlSx%2FN6NxpZk3jF1cyO4Frve"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
access-control-allow-origin
http://www.allfordrugs.com
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
70eab9dd1ebe5a3d-MXP
access-control-allow-headers
X-Requested-With, content-type
/
freychang.fun/ 		27 B
722 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/
Requested by
Host: d2fbkzyicji7c4.cloudfront.net
URL: http://d2fbkzyicji7c4.cloudfront.net/?zkbfd=728531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a41129c324c88468b292bca75eb8ca7bb9231a6b2bd5f8036ee6df99e5491d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
http://www.allfordrugs.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wc%2FdJFUygRPBAMZ1f6%2BNVMOCorIgbFx4F0NlHElZtJtJVJtgVTu8jaJD9NEFVpCViwshmGJugcHhiyFPQbvoV2AowQNHmyGmaLhgDP1bL2uSpS4d6EoSNwbW3xRUoQTQ1T1vR59smpbP8wq4"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
70eab9dd1ec15a3d-MXP
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
audiosech.xyz/ 		0
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiosech.xyz/utx?cb=Y80sRKI5Y3kQ&top=www.allfordrugs.com&tid=728531
Requested by
Host: d2fbkzyicji7c4.cloudfront.net
URL: http://d2fbkzyicji7c4.cloudfront.net/?zkbfd=728531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.99.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-99-75.arn1.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 May 2022 04:56:31 GMT
via
1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
ARN1-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://www.allfordrugs.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
skV21DyWM3KSB_jgTMGIplsT4g204_lj3-SElMMfd0fGey5T7xFLWw==
THdObGotFS0BVS1KLEofPhtzSVgKUnwqDn4RLAcQNR4tBgN7FHpCCSAYOwgMPhggGEQiEjpJWAonGAIoHhYgLVsEDXYhPjU+FCI8KD8UKQInIBsqHQseByoiJS0AJxAjIwE4CQo0CjkOAjUYNSIONmteLAsiOSkmDiU9OwYVQQs4UgIjFi08HAAiIjB9LjkoAgYFH...
audiosech.xyz/ Frame B665 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://audiosech.xyz/THdObGotFS0BVS1KLEofPhtzSVgKUnwqDn4RLAcQNR4tBgN7FHpCCSAYOwgMPhggGEQiEjpJWAonGAIoHhYgLVsEDXYhPjU+FCI8KD8UKQInIBsqHQseByoiJS0AJxAjIwE4CQo0CjkOAjUYNSIONmteLAsiOSkmDiU9OwYVQQs4UgIjFi08HAAiIjB9LjkoAgYFHCQJKTYKBwguNiUoIw0YJigSI08LFjwBNRoIJBw2Gyc6NAB3L1saHAABOAkmBiIpFSIHJDo0Q38uOy8bGDskLT8nJjwVRj4uMCBCJjhaASIYOyQtNTRUDxZGezowGD1+Oy8NAhwBRxozGDs4DToMAysDHxsBLjQ+dys5GicfBCgKLiJdDxYiFFw9CTVrXigLDSUJIhgHGDUTICEUKSt1NjYfEBogAA0sNjoaIw0aLS1cICQ0HAsBBA05PDwbJnw1LDw1KykoaUUINAEgHR80Uy8lBiIpFSUlPicOMiQtWxocAAE4FiV9BC4WRzkqC3wyaAYZIxk+URAcFCErPi4yBSgufhsIIyI
Requested by
Host: d2fbkzyicji7c4.cloudfront.net
URL: http://d2fbkzyicji7c4.cloudfront.net/?zkbfd=728531
Protocol
HTTP/1.1
Server
54.230.99.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-99-75.arn1.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
714aae416fb3679c9bc8248bbc9d6b43e39df3c5b5f2c351ad16d4af35e8af7f

Request headers

Referer
http://www.allfordrugs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Connection
keep-alive
Content-Length
1242
Content-Type
text/html
Date
Sat, 21 May 2022 04:56:31 GMT
P3P
CP="NID DSP ALL COR"
Pragma
no-cache
Server
openresty/1.17.8.2
Via
1.1 d975c23165964b20999503339a61d1ae.cloudfront.net (CloudFront)
X-Amz-Cf-Id
smnatkwHddV3NSzbBxtlfeuFzr-SoZ32yRdtVhnH9S-e6Fey9s-76w==
X-Amz-Cf-Pop
ARN1-C1
X-Cache
Miss from cloudfront
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
ECdwPxwzF3YfNAJAdTIuGyBXYAYpHV02UQlBcjMoDyZYBwsdBA
audiosech.xyz/RmxacjMnDjkfDCdROFRGNABnVwEASWg0V3QKOBlJPwU5GFpxD25cUCoDLxZVNAM0Bh0oCS5XAQAmFSVLHj9pNFIHFjEGZy1cHD8AHCsZHlsqCh8VVQQFCxl7dgAIMHshGw4xVAUkIgIHBRQbS2V2XA0/ABwuEgVydCYIK3YVBhMediE+PhFgKTo... Frame 164B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://audiosech.xyz/RmxacjMnDjkfDCdROFRGNABnVwEASWg0V3QKOBlJPwU5GFpxD25cUCoDLxZVNAM0Bh0oCS5XAQAmFSVLHj9pNFIHFjEGZy1cHD8AHCsZHlsqCh8VVQQFCxl7dgAIMHshGw4xVAUkIgIHBRQbS2V2XA0/ABwuEgVydCYIK3YVBhMediE+PhFgKToNQ3UsDgsgahM4NRlwdy0bPUo2ORkLQy82DzdQHgE+GHEqLRk/ShcrCRlfKgkiS30VOwxFYgcAGSgBcy8/Ql8qCS0oYgcBHFcBADobHUYlAjYwYhAcMCtfFyACNmpxLQwneQ8vbiZmITkwEFgISWg0ZBFBCEprMRw7EV0qLh8jUGNeHCJLPjoJJWYPOhsGUAkVExNrAwA2F0scDx4IRC07GApWHBU9KGAxIWw+XxcgER9pcT0YFlAjNGM7dwBdbxRmEw8CH1ByKRxKfQw/ECdwPxwzF3YfNAJAdTIuGyBXYAYpHV02UQlBcjMoDyZYBwsdBA
Requested by
Host: d2fbkzyicji7c4.cloudfront.net
URL: http://d2fbkzyicji7c4.cloudfront.net/?zkbfd=728531
Protocol
HTTP/1.1
Server
54.230.99.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-99-75.arn1.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
22e88120eed3fe5f1a482af810442171639bd8d1a9179d29656d772109efe1e4

Request headers

Referer
http://www.allfordrugs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Connection
keep-alive
Content-Length
1215
Content-Type
text/html
Date
Sat, 21 May 2022 04:56:31 GMT
P3P
CP="NID DSP ALL COR"
Pragma
no-cache
Server
openresty/1.17.8.2
Via
1.1 3529bf84e9522012233c3dd2a59fdfe8.cloudfront.net (CloudFront)
X-Amz-Cf-Id
ESyiSCoPi652U0DoZkfovb9rqgfDvvU9-kEtPnKXWDE5wgAJZqBYgg==
X-Amz-Cf-Pop
ARN1-C1
X-Cache
Miss from cloudfront
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
cnd2cnhdSBUBRSMgJDodGTFCJDAoOxMqLhEUI0tKEUZHQCscMlAGERZKQUBAR0RHVAgbE0tDXgEDFwYNAUpHVBEcERlPXgRKR1xLRllERFZCUQNPSVQDBhMfT0ZQAgwGG0tDTkdER0JAS05HRkBK
ckgroundan.xyz/ 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ckgroundan.xyz/cnd2cnhdSBUBRSMgJDodGTFCJDAoOxMqLhEUI0tKEUZHQCscMlAGERZKQUBAR0RHVAgbE0tDXgEDFwYNAUpHVBEcERlPXgRKR1xLRllERFZCUQNPSVQDBhMfT0ZQAgwGG0tDTkdER0JAS05HRkBK
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnQhODg%2BmMpypmVNC7PP%2Bcx5GVzW2%2B140oBVYW5D2%2BcQdCw4ydadhPcGIg1DV5w54S0xZbEVmGiKKxsgcPJa1OGAZmtUAOEuT49pKIQhYcsgYCoiA%2Fwic7lFLNMCgiBygRB6KHbFAX4clIjn8w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
70eab9dd6eef0f76-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
c3JzaDFcTRAbDCQkHx1VQwIUMXdCNBZaABQlGC5LEiVCMWNAQlUcWBdPRFsFQUVKTkEaFk5ZCVUBBwlFBgFOWRcaHBUHDFUETlkfQ1xCRgFVB05ZFwcCEg8MQlQDHEUfT0JeBEBDQ1AISkNGWgE
ckgroundan.xyz/ 		0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ckgroundan.xyz/c3JzaDFcTRAbDCQkHx1VQwIUMXdCNBZaABQlGC5LEiVCMWNAQlUcWBdPRFsFQUVKTkEaFk5ZCVUBBwlFBgFOWRcaHBUHDFUETlkfQ1xCRgFVB05ZFwcCEg8MQlQDHEUfT0JeBEBDQ1AISkNGWgE
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 04:56:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sW9PXZU6N9m9xZ1wPV2%2FPTmhv%2FJbBLBnCg4HcIo4upPEV7rQhnhbDVhRtkmW5MaMrDeTmrK%2Bg9TUJEvB%2BBC6hZOEygFr33LSs3uEFQHwk9ZtFfE3oH1hkdY%2BW0gTQQh6qHRDhoEWBMlH%2FDa6mA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
70eab9dd6ef80f76-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame D247 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

X-WacFrontEnd
AM4PEPF00006A32
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
B2ZntG7pUfKTOCPgJQnZ8Wi1GYDczLTpwdBo7c6sqxM=,637887057885598821
X-bULS-SuppressionETag
93275736E860D80D1598AD19ECC605672B1ABEF9
X-Requested-With
XMLHttpRequest
X-xhr
1
haep
1
X-AccessToken
4wc38yuF9XdqPzQy8fzXQsNHLxhCjGbcPAVCK0SBufAgYXNS0FHtQm_U5P8h4wurzqbKsasoz3Cf0zpHuhF-CMdu77Eq69gSOHDy6N_molW3v1hZhAQBxwsm3_fnEXA0anddZfH4rgp6pTwntU86miKA
X-UserSessionId
8340c83a-8223-481e-8e20-13267fb79240
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=rfRdgbAo6E+nM93HQrXj6g.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21695&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType
WOPI
X-AccessTokenTtl
1654923387908
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PGTUS4
x-officeversion
16.0.15319.41002
x-officefe
BL6PEPF0000BAFC
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
93275736E860D80D1598AD19ECC605672B1ABEF9
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
4ddb5352-edb9-49ef-a916-18c0ac7c6e3e
x-officefd
BL6PEPF0000BAFC
x-usersessionid
8340c83a-8223-481e-8e20-13267fb79240
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: B90997455A9E4EFEB8074C27B7D2BE66 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
officebrowserfeedback.css
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/ Frame 5B86 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback.css
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"e372bdd1e36ad81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF0000C627
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
2711
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:31 GMT
x-officefd
DB5PEPF0000C627
x-msedge-ref
Ref A: 80F1DABFE3DA45359CF033DE5720AE37 Ref B: VIEEDGE2018 Ref C: 2022-05-18T18:19:31Z
x-usersessionid
7a58e968-5858-4692-8a78-fd96a06e729e
date
Sat, 21 May 2022 04:56:31 GMT
content-type
text/css
access-control-allow-origin
*
x-correlationid
7a58e968-5858-4692-8a78-fd96a06e729e
accept-ranges
bytes
timing-allow-origin
*
officebrowserfeedbackstrings.js
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/Intl/de/ Frame 5B86 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/Intl/de/officebrowserfeedbackstrings.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
519dc56ed053dbbb1df9327006ed3777c667f9c88ba36af49ae6e64fe6d4c67e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"dc53f881e46ad81:0"
x-officecluster
PNL1
x-officeversion
16.0.15313.41013
x-officefe
AM4PEPF0001237C
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
1044
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:24:27 GMT
x-officefd
AM4PEPF0001237C
x-msedge-ref
Ref A: 214F69DA395549D6B0580266376BDB93 Ref B: VIEEDGE4311 Ref C: 2022-05-18T18:24:27Z
x-usersessionid
adfa7b85-95c6-409b-84f5-a6f28be3ff1f
date
Sat, 21 May 2022 04:56:31 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
adfa7b85-95c6-409b-84f5-a6f28be3ff1f
accept-ranges
bytes
timing-allow-origin
*
/
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 3509 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.239.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:30 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
97
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
XkljQX9cRHNCYRkRMBEjA1VkNmRZR3hDZ0wFa0E
d2fbkzyicji7c4.cloudfront.net/PVnBRanA1Hz8MTyIZNVdHZEhkWUFwGiIFHiZNKzoTOTcFCDUdNBVYHBA/GUwELBRsWlY6ET8NTXAVPwlNZ1YwDhJrRHceADkbbAkDIAohDxo8EzVMBTdNPAUKPxw9C1VkNmREQHNCYUIHPx41BQclVWNaHiJVY1pBZl5hT0... Frame B665 		744 B
930 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d2fbkzyicji7c4.cloudfront.net/PVnBRanA1Hz8MTyIZNVdHZEhkWUFwGiIFHiZNKzoTOTcFCDUdNBVYHBA/GUwELBRsWlY6ET8NTXAVPwlNZ1YwDhJrRHceADkbbAkDIAohDxo8EzVMBTdNPAUKPxw9C1VkNmREQHNCYUIHPx41BQclVWNaHiJVY1pBZl5hT0MUVWNaBz8eZ15VZTJ0WEAuRm-VDVWRAMBoAOhUmDxI9GSVPQhBFYl1eZUZ0WEB+GzkeHTpVYylVZEA9AxszVWNaFzMTOgVZc0JhCRgkHzwPVWQ2YFpBeEB/XkljQX9cRHNCYRkRMBEjA1VkNmRZR3hDZ0wFa0E
Requested by
Host: audiosech.xyz
URL: http://audiosech.xyz/THdObGotFS0BVS1KLEofPhtzSVgKUnwqDn4RLAcQNR4tBgN7FHpCCSAYOwgMPhggGEQiEjpJWAonGAIoHhYgLVsEDXYhPjU+FCI8KD8UKQInIBsqHQseByoiJS0AJxAjIwE4CQo0CjkOAjUYNSIONmteLAsiOSkmDiU9OwYVQQs4UgIjFi08HAAiIjB9LjkoAgYFHCQJKTYKBwguNiUoIw0YJigSI08LFjwBNRoIJBw2Gyc6NAB3L1saHAABOAkmBiIpFSIHJDo0Q38uOy8bGDskLT8nJjwVRj4uMCBCJjhaASIYOyQtNTRUDxZGezowGD1+Oy8NAhwBRxozGDs4DToMAysDHxsBLjQ+dys5GicfBCgKLiJdDxYiFFw9CTVrXigLDSUJIhgHGDUTICEUKSt1NjYfEBogAA0sNjoaIw0aLS1cICQ0HAsBBA05PDwbJnw1LDw1KykoaUUINAEgHR80Uy8lBiIpFSUlPicOMiQtWxocAAE4FiV9BC4WRzkqC3wyaAYZIxk+URAcFCErPi4yBSgufhsIIyI
Protocol
HTTP/1.1
Server
143.204.214.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-142.fra53.r.cloudfront.net
Software
/
Resource Hash
40594d7643afe87e9e81fb5a53209133c439d6c0a35b4f30e1ad64dac93c3248

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://audiosech.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:31 GMT
content-encoding
gzip
X-Amz-Cf-Pop
FRA53-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
Connection
keep-alive
Content-Length
543
Via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
4n13SZEwXTjO71lY5dCt0b6EWKqShkaNbY5qJeOGC5qtfvr2dXUAuQ==
wl.ms.js
js.live.net/v5.0/ Frame 5B86 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.live.net/v5.0/wl.ms.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
104.92.80.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-80-28.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:31 GMT
X-MSNServer
RD0003FF1DA9E7
Last-Modified
Fri, 10 Jul 2020 18:30:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0b3b92be856d61:0"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=63016, public
X-ODWebServer
westeurope0-odwebp
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
16199
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		196 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1&r=1&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
635100cb40c6fd4f8495013edfd0ac1cb108c4ec41350cdd1e7b82f34be1f66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-WacFrontEnd
AM4PEPF00010AB4
X-UserSessionId
39340354-8026-4cac-a2f0-6abac06134f5
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
qoSoCGEStpR+sAgZGxizfMyDetdFyOws0Kf3PE9yMg4=,637887057900706235
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF00010AB4
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF00010AB4
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
250
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path
WAC_WFE_AFFINITY_TARGET_URL
x-correlationid
5acd50c8-fce0-47f0-bf9d-00fc473e8ded, 5acd50c8-fce0-47f0-bf9d-00fc473e8ded
x-officefd
AM4PEPF000131F0
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5, 39340354-8026-4cac-a2f0-6abac06134f5
x-powered-by
ARR/3.0
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
cache-control
no-cache
x-msedge-ref
Ref A: BBC12C4ED5134BB69ACA74C7A6AC8554 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
timing-allow-origin
*, *
expires
-1
PxxVSWUIVAtcOyIaXEllexZcDzwkWBxeZygZSwM6LlQLKmZ7QBdceX9IDF15fUUcXmc4EF8NJSJUCypieEYXX2FtBARd
d2fbkzyicji7c4.cloudfront.net/JOWxXS3FaAzktTk0FM3ZGClhlfEgfBiQkH0lRBHgwTCgCHxp4CxA9V00WM3ZBHwA2JRYESjIlEgRdcSoVW1FjbQRYUTokC1AAOypUCypiZUEcXmdjBlACMyQGSkllex9NSWV7QAlCZ25Ce0llewZQAmF/VAoucnlBQVpjYl... Frame 164B 		180 B
571 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d2fbkzyicji7c4.cloudfront.net/JOWxXS3FaAzktTk0FM3ZGClhlfEgfBiQkH0lRBHgwTCgCHxp4CxA9V00WM3ZBHwA2JRYESjIlEgRdcSoVW1FjbQRYUTokC1AAOypUCypiZUEcXmdjBlACMyQGSkllex9NSWV7QAlCZ25Ce0llewZQAmF/VAoucnlBQVpjYlQLXDY7AVUJIC4TUgUjbkN/WW-R8XwpacnlBEQc/PxxVSWUIVAtcOyIaXEllexZcDzwkWBxeZygZSwM6LlQLKmZ7QBdceX9IDF15fUUcXmc4EF8NJSJUCypieEYXX2FtBARd
Requested by
Host: audiosech.xyz
URL: http://audiosech.xyz/RmxacjMnDjkfDCdROFRGNABnVwEASWg0V3QKOBlJPwU5GFpxD25cUCoDLxZVNAM0Bh0oCS5XAQAmFSVLHj9pNFIHFjEGZy1cHD8AHCsZHlsqCh8VVQQFCxl7dgAIMHshGw4xVAUkIgIHBRQbS2V2XA0/ABwuEgVydCYIK3YVBhMediE+PhFgKToNQ3UsDgsgahM4NRlwdy0bPUo2ORkLQy82DzdQHgE+GHEqLRk/ShcrCRlfKgkiS30VOwxFYgcAGSgBcy8/Ql8qCS0oYgcBHFcBADobHUYlAjYwYhAcMCtfFyACNmpxLQwneQ8vbiZmITkwEFgISWg0ZBFBCEprMRw7EV0qLh8jUGNeHCJLPjoJJWYPOhsGUAkVExNrAwA2F0scDx4IRC07GApWHBU9KGAxIWw+XxcgER9pcT0YFlAjNGM7dwBdbxRmEw8CH1ByKRxKfQw/ECdwPxwzF3YfNAJAdTIuGyBXYAYpHV02UQlBcjMoDyZYBwsdBA
Protocol
HTTP/1.1
Server
143.204.214.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-142.fra53.r.cloudfront.net
Software
/
Resource Hash
9d96f9ed741923b7862e6de674bd0305ee6ff6245143c884d7cb61c33264b7a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://audiosech.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:32 GMT
content-encoding
gzip
X-Amz-Cf-Pop
FRA53-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
Connection
keep-alive
Content-Length
184
Via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
X-Amz-Cf-Id
o2rpJmPVZmWZG7hsgxFU6veOq0mrtAW9XuYsu-yBAUJhoBbhrSWC4g==
/
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame D247 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.239.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:30 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
33
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f773e7144fa4ba9d812cdfcd0d4c10c51fa96309ca63f6c081534f378eec634e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF00006A32
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF00006A32
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
89053
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
32e563de-2103-4b7a-aca3-49d431627fc9
x-officefd
AM4PEPF00006A32
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: 99720A06905A45DB865EB060DBA71A63 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:31 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
868f8c2736315d46a22c179b31765226c303ff6c8abf6f04a77fedf6834db37c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF00010AB4
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF00010AB4
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
132060
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ00000000-0000-0000-0000-000000000802p2.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
4ebfb8d8-4658-4df8-aba3-7ed066379e5c
x-officefd
AM4PEPF00010AB4
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: 9365234B1F20401BBE6732E6BC61727E Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:31 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		227 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p3.img&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
783568ee7db7e3ca349d6f64fbe9c6d9a9c10614445352489a40a55f00bf3293
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF000131EC
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF000131EC
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
231981
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ00000000-0000-0000-0000-000000000802p3.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
efcbbc93-6ae5-43f6-80cb-54536f28c0a8
x-officefd
AM4PEPF000131EC
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: CA0D4F35BC694899A55BE3786F8E7DB2 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:31 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p4.img&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89adc9abbb5d6f1594eb0e7caa71a0f0fb95ccdf135453c1be50e159ddba243e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF000131F0
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF000131F0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
62457
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ00000000-0000-0000-0000-000000000802p4.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
b61d94d1-0a0a-4d4e-be7a-c38f3362c530
x-officefd
AM4PEPF000131F0
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 4DB66333661E4812B77E1B312044108D Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:31 GMT
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 3509 		24 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1653108991795&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/otelFull.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.239.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer
https://word-view.officeapps.live.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 21 May 2022 04:56:31 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
100
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://word-view.officeapps.live.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
24
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame D247 		24 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1653108991891&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/otelFull.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.239.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer
https://word-view.officeapps.live.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 21 May 2022 04:56:31 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
19
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://word-view.officeapps.live.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
24
popunder.gif
ckgroundan.xyz/ 		35 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ckgroundan.xyz/popunder.gif
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.allfordrugs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:31 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
221387
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
58
Pragma
public
Last-Modified
Wed, 18 May 2022 15:26:44 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etpx3ccSubGTOFP3yFUH3C%2FV%2FNsf10SZfxA7gPFyh6fg3MqkM%2FxM0%2Birfp8KbDS5c%2BAgk5JTemBNsQs4enYvhuw82xcKBjk4v%2Bwx%2FmvE6QqJ1MqxP0GlLB9cj%2B7yH%2BhvcVhKZdVVXF3o1Xr%2Fug%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Accept-Ranges
bytes
CF-RAY
70eab9dfae130e1e-MXP
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1
Requested by
Host: word-view.officeapps.live.com
URL: https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId
39340354-8026-4cac-a2f0-6abac06134f5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
X-BrowserUlsBeacon
[{"Index":4,"MsSinceStart":1845,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
BL6PEPF0000E940
x-officeversion
16.0.15317.41002
x-officefe
BL6PEPF0000E940
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
5638041a-210f-4bec-ba25-0b0d504d74db
x-officecluster
PGTUS6
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: DD85EF29EC214BD9ABC67A11F3DCC2A4 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		227 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p3.img&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
783568ee7db7e3ca349d6f64fbe9c6d9a9c10614445352489a40a55f00bf3293
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF00010AB4
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF00010AB4
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
231981
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ00000000-0000-0000-0000-000000000802p3.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
fba26139-170e-472c-8cfa-91f674f6f63e
x-officefd
AM4PEPF00010AB4
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: A2B53524F7154E42ACDF2E4958160607 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:31 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p4.img&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89adc9abbb5d6f1594eb0e7caa71a0f0fb95ccdf135453c1be50e159ddba243e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF000131F0
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF000131F0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
62457
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ00000000-0000-0000-0000-000000000802p4.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
21630629-6cca-4236-85eb-72867dd08def
x-officefd
AM4PEPF000131F0
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 2E724D752B224D4ABC48C3611BF7F32F Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:31 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f773e7144fa4ba9d812cdfcd0d4c10c51fa96309ca63f6c081534f378eec634e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF000131E5
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF000131E5
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
89053
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ00000000-0000-0000-0000-000000000802p1.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
ffe9ad0c-1569-452a-8e9e-ae02a0895c35
x-officefd
AM4PEPF000131E5
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:32 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: E5AE70906CE3407A8D344FB6C38CC225 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:32 GMT
ResReader.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
868f8c2736315d46a22c179b31765226c303ff6c8abf6f04a77fedf6834db37c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF00006A32
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF00006A32
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
132060
etag
"WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ00000000-0000-0000-0000-000000000802p2.img"
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
afe8fb1d-a70b-4a61-b6e3-4d4e2a752fc5
x-officefd
AM4PEPF00006A32
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:31 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: 8F927C958F0A47119EE4FD16B442B4C6 Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:31Z
timing-allow-origin
*
expires
Sun, 21 May 2023 04:56:31 GMT
otelFull.min.js
c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/ Frame 5B86 		117 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/otelFull.min.js
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h90869A05D5CB6F68_App_Scripts/WordViewerDS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:de:591::1c24 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
25be9a4bcb060e2b2862693b8d54a6231a86c37a0f7671e25eff984d4d3d512f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://word-view.officeapps.live.com/
Origin
https://word-view.officeapps.live.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"99e7eecfe36ad81:0"
x-officecluster
PIE1
x-officeversion
16.0.15313.41013
x-officefe
DB5PEPF0000C627
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
30398
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 18 May 2022 18:19:28 GMT
x-officefd
DB5PEPF0000C627
x-msedge-ref
Ref A: 0997AF549FFB403C9756B45D308F7AA0 Ref B: VIEEDGE2018 Ref C: 2022-05-18T18:19:28Z
x-usersessionid
f58b949e-4081-465a-8e0b-3965f0b2d1e8
date
Sat, 21 May 2022 04:56:31 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
f58b949e-4081-465a-8e0b-3965f0b2d1e8
accept-ranges
bytes
timing-allow-origin
*
ping
browser.events.data.microsoft.com/ Frame 5B86 		4 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/ping
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/otelFull.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.239.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:31 GMT
Server
Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://word-view.officeapps.live.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Content-Length
4
translation.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/translation.ashx?WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&uilang=de-DE&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
922201786205da9c51ac0752e274be6614d995d39e92d18908babf44c74517c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-WacFrontEnd
AM4PEPF00010AB4
X-UserSessionId
39340354-8026-4cac-a2f0-6abac06134f5
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
qoSoCGEStpR+sAgZGxizfMyDetdFyOws0Kf3PE9yMg4=,637887057900706235
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-wacfrontend
AM4PEPF00010AB4
x-officeversion
16.0.15317.41002
x-officefe
AM4PEPF00010AB4
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
1455
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-routed-to-target-server-path
WAC_WFE_AFFINITY_TARGET_URL
x-correlationid
71ae8692-d2d1-4a80-998f-3056fc7155a2, 71ae8692-d2d1-4a80-998f-3056fc7155a2
x-officefd
AM4PEPF000131EC
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5, 39340354-8026-4cac-a2f0-6abac06134f5
x-powered-by
ARR/3.0
date
Sat, 21 May 2022 04:56:32 GMT
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store
x-msedge-ref
Ref A: B209A8CDF5F64373AADB9F1638204DDA Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:32Z
timing-allow-origin
*, *
expires
-1
RemoteUls.ashx
word-view.officeapps.live.com/wv/ Frame 5B86 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://word-view.officeapps.live.com/wv/RemoteUls.ashx?build=16.0.15317.41002&waccluster=PNL1&DebugRedirectionInfo=true
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/h793E4EF4951E7E51_App_Scripts/MicrosoftAjaxDS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

X-WacFrontEnd
AM4PEPF00010AB4
accept-language
de-DE,de;q=0.9
X-OfficeVersion
16.0.15317.41002
X-Key
qoSoCGEStpR+sAgZGxizfMyDetdFyOws0Kf3PE9yMg4=,637887057900706235
X-bULS-SuppressionETag
93275736E860D80D1598AD19ECC605672B1ABEF9
X-Requested-With
XMLHttpRequest
X-xhr
1
haep
1
X-AccessToken
4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ
X-UserSessionId
39340354-8026-4cac-a2f0-6abac06134f5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://word-view.officeapps.live.com/wv/wordviewerframe.aspx?embed=1&PdfMode=1&ui=de-DE&rs=en-US&hid=YOXgIQlwFEuzzOqhT+8O2Q.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserType
WOPI
X-AccessTokenTtl
1654923387982
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PGTUS4
x-officeversion
16.0.15319.41002
x-officefe
BL6PEPF0000BB17
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
93275736E860D80D1598AD19ECC605672B1ABEF9
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
7e8e4c7b-aa60-4e7c-965d-93ba47916baa
x-officefd
BL6PEPF0000BB17
x-usersessionid
39340354-8026-4cac-a2f0-6abac06134f5
date
Sat, 21 May 2022 04:56:33 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://word-view.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: A88330772F57482A94F623BE4DDEA93D Ref B: AM3EDGE0819 Ref C: 2022-05-21T04:56:33Z
/
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 5B86 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.239.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://word-view.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sat, 21 May 2022 04:56:32 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
14
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers
Accept, Content-Type, Content-Encoding, Client-Id
Content-Length
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 5B86 		24 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,ff7e2f12a4be407096fc01eeb760eda3-eeeb63cf-35d9-4734-ab45-66a873412359-7045&upload-time=1653108994054&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by
Host: c1h-word-view-15.cdn.office.net
URL: https://c1h-word-view-15.cdn.office.net/wv/s/161531741002_App_Scripts/otelFull.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.239.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer
https://word-view.officeapps.live.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 21 May 2022 04:56:33 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
13
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://word-view.officeapps.live.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
24
Plt.mvc
onedrive.live.com/Handlers/ Frame 6F84 		42 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onedrive.live.com/Handlers/Plt.mvc?bicild=&v=0.0.0
Requested by
Host: www.allfordrugs.com
URL: http://www.allfordrugs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21695&authkey=AFGZEzonZ2jUUMA&em=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-msnserver
RD00155D999B0A
x-content-type-options
nosniff
x-msedge-ref
Ref A: 48679C77F07C4706BAFC392A5599D6DC Ref B: FRAEDGE1310 Ref C: 2022-05-21T04:56:34Z
x-odwebserver
eastus0-odwebpl
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
private, max-age=31536000
date
Sat, 21 May 2022 04:56:34 GMT
content-encoding
gzip
expires
Sun, 21 May 2023 04:56:34 GMT
Plt.mvc
onedrive.live.com/Handlers/ Frame A8D4 		42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onedrive.live.com/Handlers/Plt.mvc?bicild=&v=0.0.0
Requested by
Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21698&authkey=AEyGmKgcCfylBYQ&em=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-msnserver
RD00155D99B84A
x-content-type-options
nosniff
x-msedge-ref
Ref A: 00D6C199C1794D2D8CE81A04D66A86E7 Ref B: FRAEDGE1310 Ref C: 2022-05-21T04:56:34Z
x-odwebserver
eastus0-odwebpl
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
private, max-age=31536000
date
Sat, 21 May 2022 04:56:34 GMT
content-encoding
gzip
expires
Sun, 21 May 2023 04:56:34 GMT
Plt.mvc
onedrive.live.com/Handlers/ Frame AD96 		42 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onedrive.live.com/Handlers/Plt.mvc?bicild=&v=0.0.0
Requested by
Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21696&authkey=AAiBHyhY5FXhPpo&em=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-msnserver
RD00155D99B287
x-content-type-options
nosniff
x-msedge-ref
Ref A: 69251BA8BCE943A1810C2BDCADC79434 Ref B: FRAEDGE1310 Ref C: 2022-05-21T04:56:35Z
x-odwebserver
eastus0-odwebpl
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
private, max-age=31536000
date
Sat, 21 May 2022 04:56:35 GMT
content-encoding
gzip
expires
Sun, 21 May 2023 04:56:35 GMT
log
onedrive.live.com/ Frame A8D4 		78 KB
78 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onedrive.live.com/log
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21698&authkey=AEyGmKgcCfylBYQ&em=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
db68b201803a6af9ceb02b1d37c95d653a60e173c7b884e7109ed00252ff326b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21698&authkey=AEyGmKgcCfylBYQ&em=2
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-msnserver
RD00155D99B630
x-content-type-options
nosniff
x-msedge-ref
Ref A: 7618A17AA2764EC9BB12CF2109F50090 Ref B: FRAEDGE1310 Ref C: 2022-05-21T04:56:37Z
x-odwebserver
eastus0-odwebpl
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store
date
Sat, 21 May 2022 04:56:37 GMT
content-length
79409
expires
-1
log
onedrive.live.com/ Frame 6F84 		78 KB
78 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onedrive.live.com/log
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21695&authkey=AFGZEzonZ2jUUMA&em=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
29014e9388e6f27e41f86611f5be4defcede5c427f5441e9bce248b39fd550db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://onedrive.live.com/embed?cid=FC3071A5D7797DD2&resid=FC3071A5D7797DD2%21695&authkey=AFGZEzonZ2jUUMA&em=2
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-msnserver
RD00155D999B0A
x-content-type-options
nosniff
x-msedge-ref
Ref A: 1BA2C4EFD6774BB7BAD309C196965846 Ref B: FRAEDGE1310 Ref C: 2022-05-21T04:56:38Z
x-odwebserver
eastus0-odwebpl
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store
date
Sat, 21 May 2022 04:56:38 GMT
content-length
79411
expires
-1
log
onedrive.live.com/ Frame AD96 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
homepage.ntlworld.com
URL
http://homepage.ntlworld.com/bhandari/Imperial/Atenolol/earth.gif
Domain
feedjit.com
URL
http://feedjit.com/serve/?bc=FFFFFF&tc=494949&brd1=ffffff&lnk=494949&hc=336699&ww=160
Domain
static.networkedblogs.com
URL
http://static.networkedblogs.com/static/images/logo_small.png
Domain
nwidget.networkedblogs.com
URL
http://nwidget.networkedblogs.com/getnetworkwidget?bid=1320753
Domain
www.podcastready.com
URL
http://www.podcastready.com/images/podcastready_button.gif
Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
onedrive.live.com
URL
https://onedrive.live.com/log

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| oncontextlost object| oncontextrestored function| structuredClone object| _wpemojiSettings undefined| $ function| jQuery object| FB object| gapi object| ___jsl object| __twttrll object| twttr object| __twttr object| Suffusion_JS function| sufHtmlEncode function| sufHtmlDecode function| ResponsiveSlideShow function| $j object| a2a_config object| wpa2a number| myWidth number| myHeight number| trueheight number| truewidth function| showFollowMe function| hideFollowMe string| GoogleAnalyticsObject function| ga function| elp_submit_page boolean| http_req function| elp_submit_request function| elp_submitresult object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| bannersnack_embed number| sc_project number| sc_invisible string| sc_security string| scJsHost function| _statcounter function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| define function| require object| dojo object| dijit object| dojox object| dojo_request_script_callbacks function| wsg_inject_script function| w3counter number| _w3counter object| networkedblogs object| _atw object| stlib boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus boolean| sop_pview_logged string| stWidgetVersion object| stLight boolean| st_showing object| options function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| wp object| jQuery111307055572210937693 object| addthis_config object| addthis_share string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| _rm5tat30bj_ function| ping_rm_ki101 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init number| a2apage_init boolean| __@@##MUH object| __callbacks number| len number| LAST_CORRECT_EVENT_TIME number| _2236789460 number| iinf

33 Cookies

Domain/Path Name / Value
allfordrugs.com/ Name: PHPSESSID
Value: 60d387d0baaee6360a358b588a5ec1f0
www.allfordrugs.com/ Name: PHPSESSID
Value: abb0f06f6a5501b2c2b9653b9e6c98c7
.scoop.it/ Name: userId
Value: b9754f63-9b4f-4ec5-9ce7-c568aeafcdba
.youtube.com/ Name: YSC
Value: cZTNMFqshqM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: wAlhNcKq4Nw
.allfordrugs.com/ Name: sc_is_visitor_unique
Value: rx8961413.1653108987.47DD393B7F6E4F7F630BF2B191C78B19.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc8961413.1653108987.0
word-view.officeapps.live.com/ Name: DcLcid
Value: ui=1031&data=1033
word-view.officeapps.live.com/ Name: BIGipCookie
Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
www.allfordrugs.com/ Name: __atuvc
Value: 1%7C20
www.allfordrugs.com/ Name: __atuvs
Value: 628870fb6d8f4f24000
.researchgate.net/ Name: __cf_bm
Value: IHFYCWNYMIw68PCJ5cgGmwgd1M6UwVlDBCQNw4j5z90-1653108989-0-Abv4ezjSI9KC/TgL4Y6Y0C/O3NoPzv3HS59plXgZg4IjLY7l2Coj0xyPa8wL/ePnerbHIC/U519vfds00y2dYB8=
.addthis.com/ Name: uvc
Value: 1%7C20
.linkedin.com/ Name: bcookie
Value: "v=2&5a562a5c-2687-4265-86aa-248b1862cb0d"
.www.linkedin.com/ Name: bscookie
Value: "v=1&2022052104562912aa032c-0445-4123-8c10-f82e61d96a7cAQEtUOIONm6gwpkgH07P6niDPyZJGIgn"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTMxMDg5ODk7MjswMjEZem3762gP2BSwe9Xi5sAURHAYtS021nvSFDs9T+MRjQ==
.live.com/ Name: MUID
Value: 0486F0B3393261B22EBBE1183D326564
.bing.com/ Name: MUID
Value: 0486F0B3393261B22EBBE1183D326564
.c.bing.com/ Name: SRM_B
Value: 0486F0B3393261B22EBBE1183D326564
.c.bing.com/ Name: SRM_L
Value: 0486F0B3393261B22EBBE1183D326564
.c.live.com/ Name: SM
Value: C
.c.live.com/ Name: ANONCHK
Value: 0
.allfordrugs.com/ Name: _ga
Value: GA1.2.783969548.1653108990
.allfordrugs.com/ Name: _gid
Value: GA1.2.407713236.1653108990
.allfordrugs.com/ Name: _gat
Value: 1
.w3counter.com/ Name: 73105_visit
Value: 1
www.w3counter.com/ Name: SERVERID
Value: s3
.list-manage.com/ Name: _abck
Value: 65BFB38ADC57B1F484693E06EE6323B1~-1~YAAQhnp7XP/HaNyAAQAAMmT55AexN9Qk6EK31c8typONETUjBqyRw38gVTfPbbUj1BMoxZ4a6oD+EnnRtH2JoSXAVFGWHaXW75gt6W8sgGoDucYOCW962VCHlRZaDO/BPfgyqiVLa3qXs0xsp6OPxtIuGgzbfjKTTOV0mZcE1ynnpDGecox1iIhSLpf30lW326mEyZ7eiiN3n2c6hml2PwYSQxNNOLasFE4AY/6vwxd3tLGe3ACeO6Kavb6ZDAB8VmM7XkGII460uTX4a7Ior0wYvgVSsFQ2ZnwfaMihkrrRlgIwEVn0m42+cZ6hsZ241YdPq45zCUzlliqbSgZaskTSMniRs2dQjUdGOM/4U4sioAKjHedh47fCuTrrDclTNA==~-1~-1~-1
.us14.list-manage.com/ Name: ak_bmsc
Value: 4FF054CE8ACE179AE1BC0446017052AF~000000000000000000000000000000~YAAQhnp7XADIaNyAAQAAMmT55A+3fNGC/2Zy6l/CfJp4l7YM38pPEExaRfRINdfmy4WsuT1H/zRKcEXPLUBDrxf/U6KSgKdFRIhpevaUDEx0ldP3IGl6CmtzlEZZjrFM0eqje0jTggxkR6/n7TqHgTM+ho0JNCF5cCOwnjdA3ffR8PTSefFnjKcF1s9vXALvNbZMzLDdEWobzoIvvklWzxFlnzQF1IdKpXcerDGqRKTxAzdfCT6CwDTvubcbnbYX8MEExhsBobSvVcjPNKNu5nwL5edIcTgE5SmJD23YQUsMgAf59a3Z4DjATF2tkPumUnibImcrq7SrBuxrCR6P+VACe5ZlHkmlkcLFagpw9Ou/jwXghJbIu9oD1vqa3lMeZvdbCQqycKC8TzWoWeovHyoWFm4=
.list-manage.com/ Name: bm_sz
Value: 59F205333E28E0A81B3A73402A850905~YAAQhnp7XAHIaNyAAQAAMmT55A+bDvS658X7gtboKBseWVkgEw0QRjIAheuEhKnt4h4Q4U8LXEUA/rzxEkf65AOJo206vbquUM3VhThmvqI0DaHkEBm+10egMp0/2ZTvd1hUzYXl3F5GGJfgSXQMs763FuZGEwOnYMwvIzyh5gn9MhCHZMEZEuypOGWmMV82tpPH2D/UXJx2HGuTu6hSUaT9V/8kb6s9GXcFY8Q8sEpJ3zkbUg3uofnj+d+zydbwI7f2ZcymXiN2Xzl04IM4UoKFUPAqxuqFiBmvoyaTk/w8eZPnLDOgCQ==~3553081~4601410
www.synthesiswithcatalysts.com/ Name: ci_session
Value: d8e0806bb06f71829b750361a03d9ffc11acea5c
freychang.fun/ Name: csu
Value: 1317841692317801@1@1653108991
.addthis.com/ Name: loc
Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==

25 Console Messages

Source Level URL
Text
network error URL: http://feedjit.com/serve/?bc=FFFFFF&tc=494949&brd1=ffffff&lnk=494949&hc=336699&ww=160
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: http://nwidget.networkedblogs.com/getnetworkwidget?bid=1320753
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: http://files.bannersnack.com/iframe/embed.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: http://www.allfordrugs.com/(Line 2032)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.allfordrugs.com/(Line 2032)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.scoop.it/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: http://files.bannersnack.com/iframe/embed.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21698&access_token=4wPK6LVCd4pGby4QdVGsxNtHpbJjGEYqg4t1Ftp%5FuR4I9Z6ekIvHZlhxyMauW4lxYexDhSIFIuz6gTXRSMqYDqA1FAtTbNkjfF5ZGehxdFqUglMdOMPvThablu%2DZq2v%2DHp2XoNRl4xcrDiGeR1OTI%2DQQ&access_token_ttl=1654923387570&z=aRkMzMDcxQTVENzc5N0REMiE2OTguNQ&v=00000000-0000-0000-0000-000000000802&usid=b1173efe-0ac8-451f-ad1a-59285f4f3584&splashscreen=1&build=16.0.15317.41002&PdfMode=1&waccluster=PIE1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: http://feeds.feedburner.com/~fc/dianakcury?bg=FF9900&fg=000&anim=1&label=readers
Message:
Failed to load resource: the server responded with a status of 403 (FeedCount is not enabled for that feed)
network error URL: http://homepage.ntlworld.com/bhandari/Imperial/Atenolol/earth.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.labcompliance.com/pictures/misc_pic/news-flash.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://feeds.feedburner.com/~fc/http://feeds.feedburner.com/AllAboutDrugsByDrAnthonyMCrasto?bg=99CCFF&fg=444444&anim=0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://static.networkedblogs.com/static/images/logo_small.png
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.bloglines.com/images/sub_modern11.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: http://www.blogkeen.com/stats.aspx?id=676667&p=1&l=en
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.allfordrugs.com/valid-rss-rogers.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&splashscreen=1&build=16.0.15317.41002&PdfMode=1&waccluster=PNL1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mc.us14.list-manage.com/subscribe/form-settings?u=dc68c77b5ddfb530cb6930297&id=6ba142263f&u=dc68c77b5ddfb530cb6930297&id=6ba142263f&c=dojo_request_script_callbacks.dojo_request_script0
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.webwag.com/images/wwgthis.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923387982&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&splashscreen=1&build=16.0.15317.41002&PdfMode=1&waccluster=PNL1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p2.img&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://word-view.officeapps.live.com/wv/ResReader.ashx?n=p1.img&v=00000000-0000-0000-0000-000000000802&usid=39340354-8026-4cac-a2f0-6abac06134f5&build=16.0.15317.41002&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FFC3071A5D7797DD2%21696&access_token=4wqsZGKIx8Gp3RvRsgzgG1YjeFT1ZLuXG20oZzbfPA6cPvy3gBUAgEYF3vabtIwsldxn15rHdMBmlzhi3Qx496pw6G6ghQCvHrRPWEgSK66uD80px7PBTfeuxGm28N2eF6lzgob41z81rpmDW1WjJDyQ&access_token_ttl=1654923388080&z=aRkMzMDcxQTVENzc5N0REMiE2OTYuNQ&waccluster=PNL1&PdfMode=1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://images-blogger-opensocial.googleusercontent.com/gadgets/proxy?url=http%3A%2F%2Fwww.ipcalabs.com%2Fimages%2Fcontact_us.jpg&container=blogger&gadget=a&rewriteMime=image%2F*
Message:
Failed to load resource: the server responded with a status of 415 ()
network error URL: https://onedrive.live.com/log
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://onedrive.live.com/log
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
accounts.google.com
ajax.googleapis.com
allfordrugs.com
amcrasto.simplesite.com
api-public.addthis.com
apis.google.com
ars.els-cdn.com
audiosech.xyz
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
buttons.googlesyndication.com
c.bing.com
c.live.com
c.statcounter.com
c1h-word-view-15.cdn.office.net
ckgroundan.xyz
connect.facebook.net
d2fbkzyicji7c4.cloudfront.net
d2vlcm61l7u1fs.cloudfront.net
drugapprovalsint.com
encrypted-tbn0.gstatic.com
feedjit.com
feeds.feedburner.com
files.bannersnack.com
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
googleads.g.doubleclick.net
homepage.ntlworld.com
i.ytimg.com
i0.wp.com
image.excite.co.uk
images-blogger-opensocial.googleusercontent.com
img.tfd.com
jc.revolvermaps.com
jnn-pa.googleapis.com
js.live.net
l.sharethis.com
lh6.googleusercontent.com
m.addthis.com
mail.google.com
mc.us14.list-manage.com
media.cheggcdn.com
media.giphy.com
messaging.office.com
newdrugapprovals.files.wordpress.com
nwidget.networkedblogs.com
onedrive.live.com
parts.igem.org
platform.twitter.com
pulse.w3counter.com
rc.revolvermaps.com
s04.flagcounter.com
s08.flagcounter.com
s2.googleusercontent.com
s3.amazonaws.com
s7.addthis.com
slideplayer.com
spoprod-a.akamaihd.net
static.addtoany.com
static.doubleclick.net
static.networkedblogs.com
syndication.twitter.com
t1.gstatic.com
t3.gstatic.com
translate.google.com
translate.googleapis.com
twitter-badges.s3.amazonaws.com
upload.wikimedia.org
us.i1.yimg.com
v1.addthisedge.com
w.sharethis.com
word-view.officeapps.live.com
www.123gif.de
www.123gifs.eu
www.afternic.com
www.albinoblacksheep.com
www.allfordrugs.com
www.bitty.com
www.blogkeen.com
www.bloglines.com
www.chemistryrules.me.uk
www.easycounter.com
www.ema.europa.eu
www.facebook.com
www.feedburner.com
www.fourmilab.ch
www.fwicki.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.labcompliance.com
www.linkedin.com
www.netvibes.com
www.newsgator.com
www.podcastready.com
www.pragmetis.com
www.researchgate.net
www.scoop.it
www.scrubtheweb.com
www.statcounter.com
www.synthesiswithcatalysts.com
www.w3counter.com
www.webwag.com
www.youtube.com
yt3.ggpht.com
z.moatads.com
feedjit.com
homepage.ntlworld.com
nwidget.networkedblogs.com
onedrive.live.com
s7.addthis.com
static.networkedblogs.com
www.podcastready.com
104.117.200.54
104.20.229.67
104.243.42.114
104.244.42.200
104.75.88.126
104.92.80.28
108.157.4.120
13.107.42.13
13.69.239.72
14.1.22.220
143.204.214.127
143.204.214.142
144.76.166.55
148.62.49.124
151.101.2.114
162.241.24.224
163.172.62.39
166.62.28.131
172.106.80.2
18.66.122.42
185.94.140.20
192.0.72.28
192.0.77.2
193.189.143.34
199.232.194.2
204.11.58.210
209.124.74.201
23.216.77.216
23.35.237.151
2600:9000:2057:8200:3:c04e:c780:93a1
2600:9000:214f:a200:6:2114:f4c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:2794
2606:4700:20::681a:65d
2606:4700:3030::ac43:dadd
2606:4700::6811:2169
2606:4700::6811:8e24
2620:0:862:ed1a::2:b
2620:1ec:21::14
2620:1ec:a92::171
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:802::2004
2a00:1450:4001:802::200e
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200d
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::2006
2a00:1450:4001:830::2016
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400f:805::2002
2a00:1450:4014:80a::2005
2a00:f820:425::3
2a01:238:20a:202:1143::
2a02:26f0:6c00:2a0::364d
2a02:26f0:de:591::1c24
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a05:d014:d43:3101:c6ee:ea42:3836:6cbf
2a06:98c1:3120::a
2a06:98c1:3121::a
3.65.88.85
34.102.136.180
45.58.124.226
52.1.22.171
52.109.88.96
52.142.114.2
52.216.141.222
52.216.241.164
52.217.80.68
54.230.99.75
62.141.56.200
63.135.106.45
65.9.63.85
76.223.65.111
82.99.3.235
85.233.160.146
87.118.73.226
0169ba6bc42abb42f072c01caf8ca60ba106975992f1914d8f96690db3e49928
016ddb88e17fbf94ef8db53aed2e19d67b839d00f19b2925e07839f19d81d1e9
02610a5bcf071e4e042af5fa2f8db4bdeec5d34f7e0152726d3fc545ebf89b9d
04d3b49116b035e5a61e33d707f714504ac76627aeaa132f4c5717431aef74d5
04d665f864fd62714caaa53532b12d06b0e0f399dcf4926e46929773504d5f12
04da323eda0bca5a733222a8c3b7855692340adff669d6d908c16d452013e4c6
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0698983232c68b8bb3b85c6414a00838aa1cbe28b021de922c44aae6ad919a47
06e5b96cea009ab42be65692efd0b967fb14a300f9a68d4865f6d460ef8e5466
07442f2bc9e417e7e700d142493b5564d926d3b28a365632e87f9e0a1c992b70
0789605ae3291d3d3cabf6b28cb89cdc725b7ecc5d7f7324acea08cd3af58f9a
08f32d897f4232313e3c537771d1b79a1411826528db86f36efbc89286810160
0919e84d7c8e7908f1327d557a1a5a1d9b125d7144008d876adba33ae639a6c7
094a8c123869af0b39a4e308ac7d86ae0414d155fff96862270220d87b50daf4
0ad9d5676bdd0af368c0df06312d0886e72a2bfa07f3811df72f15751d3cb099
0b0d65d1982cb1c65d42bf23d16e5ec8e3d850c5765f129ee51d97a52a72dca2
0b311447ca8f3d1bbd8b8457a70ea8298ad08605b6328144016fc70ef4d652ef
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8
0cb4f3d810317e4c709e0177a03c48596e105f8709b56d38bcf05bf2fc20d6e5
0ce4e8c1581321d5c1b97bde09eb85c0e43ef1651a9b30acc8e4298c037cbb60
0defae5096080298c530b765aed1eb778622527ada34a909ff7643d00604fb4f
0f49ed4d5b9fc2a506d1cc60b5c23ed6b540613b4984865da84a6367a4370f5b
0f52d7197439b4ceb7d95725ef42de723f310889cf0a333f9a3dea932f82679a
10bcd7baafe466806fb168368476dfa42b45ef3379fc5b09185ed048529f8951
11706bbfd5799d586af17e712c0db39d778df5da5ae59098e6a38a9e3a5b987b
12cee209579c4c51406b6b893d9001e95e4d3aa9a72786775509ef4c7d505776
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
13b30982c3be2699d78a3e9471ae77753540d2d12cfaa4b4371642520879c208
149bccf7e467541fc83e870e967ac322b26065e5d6797169c8a677a67db07e60
154681a9d485061c5baab68d0ca600282c249a1b9c6e1a40753ee533cfd89c77
1746895462e31894fb6dd855205cfe90e49aa8df7366d3aabbdee9fb81f4956c
17f004588b542b7882d24dcc7e0fd24919f5683c126484c6e6a306037ed18fd8
18459fa2ac91289ed5536ad8a18f241c9464e89cfbd34babacae745cfd8473ba
1849552fc54ed3e6e693af5aac04e2a00183d6478a0bc4e56d855110aa5f301d
18c0c27e7335ea56091690317e8f8b52a1546503060efa8eb04fe88f33cc9503
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
1a716066fe333ba8bf3ffcd91132b150e845781a9a3c0f15ce6ca519a5168477
1b40474b858de805939f53d92400fd728c680790fd4bbb2712f788a6da9ee90e
1c003389bbcadef9af1b354a6754fa5b2f00a6e2935a6ea88283ac58bb1e7950
1c0f7904848ddba4c9bc5db31dc84ab14a1120171961904edaed391fdfe4f372
1e261796ec9ef4a4d9a1ab1e679ed333c08aca8e4daf69711b1a51091b2a5cb1
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1e8930b54e0b99f51a77bba20982ffab9372a622b8931e4c55645becaffc767f
1f93d6dc9f2aba741fba3365788cc601d36866aee6f0f49f9bd80550728e97cb
22e88120eed3fe5f1a482af810442171639bd8d1a9179d29656d772109efe1e4
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
23732cfd4450cb370fb6eadc8c9eb997659a9667c6eab1935ae491d83a74eead
23b05c48297ab11f72d0e69f2de75353fcadff0c2b6bb1bcd9a4dec9a9b1667b
24539433fce4b27fc6c4a4c471eb078a394d562681dc15f3b7f1fc1550ab41f2
2459a6715f8259aabc04ade61148d09549b32c8b46db7dfeb9c8c5ab53165a20
247abbfcb40dddeeed9b3de2f865835d3b86d2ba47036d3c6daee4c9adfd09e2
24c93c728602ce74bc3e340d11f44cf2f016c2252cdd5a6ab2895bf3354a8196
25415822c6400c05d66414264823f232ed4135b50d058da9799c9699f598fc5e
254adc0b5e8f74441c3fbd0f53a50c4bca4f603d7e55f7c92c93831daf0083d1
2557b1ac8e4cf1d037a2a03368b24b4f1877f90d9015c9ec88436813be80e7cc
2585b92e7586a3f2ab692e26b208d8dd069a37f3cfdf629a7bf201bbea7c234d
2598813e11fd5d3cd3762323d77e06db39692fc20e5280bf5f83a92fb6d10f02
25be9a4bcb060e2b2862693b8d54a6231a86c37a0f7671e25eff984d4d3d512f
26356d5d75e80312c07f8edff6c4b79a1e56f34bae520d9dbb699cfef12f46d2
27d38617d70af4a17e3b7f21f2c32eac836705be0c4f6ccc38f4de647134edad
27e26ac0376b1ccac01b1e76188ec0fdcf339772d59792267da60ccdfef9b352
29014e9388e6f27e41f86611f5be4defcede5c427f5441e9bce248b39fd550db
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2b8fb11cc4dcf188f856edea9347e7e1934cd3008cce79d555ed46349ac63d48
2c4e7fa0c4a763e47a8a92be9ee72520adc7baa8caca0c5756e1a2542096e06d
2ebdfb38976f7756a1b223efe6a96fa04f5bdb85a44e66cab48026750c3b0f76
2efd56968cfd13844fa86fb967ca2cd504fdcb8ac384157875c105b3956c3811
2f6100bc6c388d2c529952df0b36345aa2aac2f6a22abef5c2f558adade5f4e7
2fe662fad79a24ed9b11e94a75c98fb35f6fab10fa3387e0a1f3758ff0f45646
30d61fca52a15fae53cc0c2f7b0a4076176a91ab8ca85238d39a4007d787e34a
326935ed5a633e3990c37fcf9b61be6fcfb2a56a2eebc9dc50927d4b5ccd8298
32e6c249ab0ed89a4757599ae658aa8b375dd0b293def707512c1c304cdd1d04
33be6fa29441911f568fefd131834c7cab5eb870cb00ecb04ac90c4bc2f3d138
35fe98b3576e0bd1f14fdf7728b0ef97e5c8d317ba31374a2bbc23e36cd59e64
364ba5268d11ed9fbd16763df098faf8a1c059e9681c2debddf15d0830360427
3666497221a71bdd57d9461c28f7dac6d4ecdac42a4152598ba6b16885fbfcd0
3693f84484ba0a180dcf6d539b6ab3ba09fbbe879a28ec1fd30fdfe3cfbd1aec
36a848320d905b257b222c5f3681cc628dac600beb23ca2a542fd45b0ea0d763
38e02636781416dd7b3ff77fef63f5fd2f1e96db224bcae74c9214c459cba7d4
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3ba3cb2761b1a2c5a8c2e22f09df82ca2a897dc7eaff8fd0608fa4f1fe43989e
3be0cc440e7f7cb4227c1c39ce3e441c8722d3f89dc44a69ebf5a83fdb253699
3d6b3dc37e9b069ab65981453aa2a5c77528dbf5b22c51409e5b100bfd82769c
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ed18ee68d31d1a6ca29daab32f2e2d34801dbbf40f97646f4b43831a22cf361
3f73ab3657809ce06f280b0fe9451c42b3fbdc81f16a114fdd8ffedf1ce56ae6
3fbfb080c0405faf65c426efd46f599a3053ff30e1a55174c441f58c84a7fc08
40594d7643afe87e9e81fb5a53209133c439d6c0a35b4f30e1ad64dac93c3248
409c16852a61e50980a17fed11c6434aa362731291b49f9923f5a9bbc8c030b4
40ea1454a5fe2db373e7cd0157ad9b72662ab722bd6b53a165af729d0b434f47
4114f99c5992bab27f43ae5e3c7c196ce63fac0b4b43915af913c1a30ca1f3da
425750b15059277894c1b2d8b1f2bfa59c1e2ce5974c594dc3faa12dcbd89b56
438a553fe27817e6b4f1be1ac0c67c76ba5105ab5f6bddf200b67714fd42b793
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45cd5c5ceb1f116c44e034252bce387e448ebbe7e9edddbd966d4a0be21e8d50
46056d679c41459e4ab553857d2549a0ccf93b491fd13841b06a26529e874d76
46ad9c0eaa1cf7e5b59345a0e2d98d7b1dc4ff8306abc9e489df1cb0ea9503c7
46fe595c03a201d2619b1bfe39dde0e3a68e074c9a8b1a68125bdff73abb2a0c
48f20dc3130552095a8548e4e25de6aaeea058a00b813d023be861a52bc9bc38
492b3750558bd768f32767c5d37c6a7bc7d2514760d4403d7b24ef482544de2e
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49c031b42bbd5f4d0ea786c19badce9083340741b4080f2e54394879b6e3652e
4a59fc61d6acc6bea9418c85f3ccaba25af11f593f70e4299988874714a46eb8
4c76f832e1b589c931ced2c770f35ce4cd595ca941c18c5893b23f27ef587ec4
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
4e383e4bba9d6a53b6e92f64a10f289cc4a58e3d28bff3880aa3507c6d61e8f4
515a2bbc6e5950854009ea380fdcab9a7b0ae3290eb73a70fbbd4956351b606e
519dc56ed053dbbb1df9327006ed3777c667f9c88ba36af49ae6e64fe6d4c67e
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
52d0c1ba306bc56f25a87a6262cf0db02c6c9b29c4183a91c29036ac3ac7a693
541c2d6f5a885beb69e825dcc336434bc1ba592774b5328dc3b4bc427d77cb32
54cbac76c6e6c2bc96c9a53a3bf49807f1dab72fea5ed537ba61f346e5c257c7
54f4950e05103a45239ce9e86586bbbf4972316d47bea0b6923f88ade2214d6e
5513a07cc957676a7293f8de0f763998a774131448182347a5de05b2230897cf
5556de91a01b25102704ae0a95b499899ecf31281611b5f7ad8b7047dd848090
56e4a4bbc726cb7995bf30b0a853217ae25e9c9cbdae7f9ccfbcc1f74674a905
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5a97cf38ed8eb9722346f2ecad5ea0b4c49a92af13d1c48a677f1d942ce58396
5b785b402a9570b89a1a124ba0187fad29687280084edcf4c58aefff8b894284
5bf4f0187f8b56b1ecd95eb89dc1cd74ce4c54c9abc47899b2eaa0370b5fff19
5c0d3d40f6df7c4bec2acddf27ddcc3e72ef1d5815b296f44e8fd8b7a087a9f9
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
5c28f9a241f1ca8a29c124a6f32f15b69932776558c5d252b16efc1fe2d6384f
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5ea57846b0581b006dd0ff147e37c2f1cfa98171a96313f2f46d2a34612ada88
607484eaeaad6f5ced0f71619e566d0cb04d7a3c61bc58913075eb133264e801
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
630216694d727993e4756003f5deb781f2794180a3ecf5f6a458650cf6e279cc
635100cb40c6fd4f8495013edfd0ac1cb108c4ec41350cdd1e7b82f34be1f66b
6581c42a8df061bde74f89c567379ffd74cd8a9447192f7d2c2bb366a476293a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6893f6d2177ab1d56333a6d41e89611747efe7231276b7dbdf9250a5962a3dce
6a46e721738fe773283959d5c78be8e4b74f398ef65efddcc2bc8b2c87f6b02b
6caa81541b5c87c24029ecc21347fda3fb0691243d4d8a9054bae46c6f5457e4
6d72be57956ed849951aaf306ab0f400c3474f21ef7cb13d369ae95625bb6db5
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6d93112f2c055e6843cb1e48264220c6583cc16f7fe21b50c10273f6a6217714
714aae416fb3679c9bc8248bbc9d6b43e39df3c5b5f2c351ad16d4af35e8af7f
71b11d5640c0745937a0fc71547c4f484e7a859cbc4fd22f1c853c557b8f739c
732513c2d12f6f9cfdae1c4566ccd708a0707f30c09bbb30938ed391ec71b749
739598c047d7c15a20b6535a42ade431ce271d2e31d804d06f1007fcd4f8351c
73d5d22252d5b175f85bf3bd0fa0fdc74df4c0726cbe694721bcf5fb5744a483
74713aa7d11ae5368109cbc6b43b9fd5ea25456c1d3e202455b33ff121e550b8
754e7f3a85a201043c7045484113643c2d17353e5245ef31f4e3fbe41b0ced5c
7694092db9514c6643c47d692e5ac7bc1c924c3aa712c8ae4504a5cdd6cfb420
76f977c5468520cc4912ae71aff8fdfa5a65481495157ace0180471a5b2510e1
783568ee7db7e3ca349d6f64fbe9c6d9a9c10614445352489a40a55f00bf3293
78c4a79e21ffdd251b5af85384dd976f1bcbabede4fd136f29ce6ff42d0213df
793e4ef4951e7e51858eb21509bad1c5612ac636255129a4d9e5d5b3eebc85b8
7968875f3c24fef0635bfe54c50d854bc30a5c8399874028b1141d130a7bdccc
7a3bd7297bf524b4a58d217f8e314ddf4a8cc8d4fa6ea0f6d890d39211df4ce7
7a60da84435f859836542fdba501f71732b3b6b88795b72affa79e1f6e0ee64d
7b623dcca358bb7b7c37c4e7e84d69c014fd1556efd7d8fe10c4f08a796d8227
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bb952a98cde9a7dfc578683f01759b84a86496caa55823fb7a35d42d7154b5d
7c58457b4197da5cf6045e8cee98bfaba2848be0d1138ff24dec20388288c5b3
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
7e8d54d6c6a4ebd0237786d41ff5d205096eda696f2a5b591e074fe94ba3b3af
814f49578802ce5b37dafb98b958267089cd78c4b5305f084542f444bc0d0392
8160a522da5eb62cf9d8d30c6ac5dc397b043eb03c8d6382d539326b22d54b67
81ab4806e40a03e81d346a4dfdbf38d964bd2406417c2d0c4f36f8d1906c2c3f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8352cba388675a2ea6bb36213ad0753380bc4a80a1c1c38fece48fe6095702b9
83853734a305cdfd9edba7cbc8ea69aaea31eddd72d689b33042f1c0c49bea2b
8628816b47b5bda9d3a4f8f86139902934a808a96f0faaf104acc36973a53020
868f8c2736315d46a22c179b31765226c303ff6c8abf6f04a77fedf6834db37c
8743fc46ea229a2f578612a7d7dcd42d8aaabf6b865b784b598379ac663c98ed
89adc9abbb5d6f1594eb0e7caa71a0f0fb95ccdf135453c1be50e159ddba243e
8ab8684916403437a4dd18ff4c72855cc79b94a0b2aa67599676172959313521
8b375a6bd85fc341601239f53bd2190e944e9a5a16e73c3584b0abb54616b7a5
8d4ed7dc95240c00bcab002c5e0d341b6041634e293457e15a3acb020390d054
8dafd115d36a6ae418a778c8d12812e30ff7bad3d817b7ad77ecab491d14fd92
90869a05d5cb6f6864f79c1bdb28c83bd93cb0c3bd5d7a426a3f584af40b67e7
922201786205da9c51ac0752e274be6614d995d39e92d18908babf44c74517c0
9278438ede280e1f9c13dfe122f2c42654ef70fee31e234581d3ac5b978c1288
92c898ba6b094f9ea8967a9c6d1675c6d4b3de9128a65f2ba04390f20ec20be9
93740babd1ed00c24fed30e826acbe96945d83ed79e23904e7dad13a36bf842e
93a6c774ec964a86c8093d4ab42fdd6d05cd0aaa373a420482f4dc3f5b7625f4
9453a0d46bcb5bb3ef1982975b93214e05fc901c61cda2917fda568d7a3d4704
95aeaa21c5cd4f3b693b78d103ec0ccd3b58343977b6edd239687dc212d5f978
96c21773a9a306073347e4a8b8541db095f8c786c34478713bf5382ccb8eb1fa
9818dee454afc78c0e00fb8e626526286a35ed5c177adde0ee56d2bd339968fd
98572c10296b382ce4d77cacbf12bf3b2a9680611fab3a865feb35d0a2cd799a
99ada7e01817367027759ac452a1dd11eca7557272b8940d659c07adb6bc8cbe
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a435242daabecff2c8118b1a3d0c5631f16bd96f61a3f9418c681be22cf1bcf
9aa3744a86bce320cb18b6de7452a23e9951dfece6db7ebb158e87047c06ac65
9c948e266f09df26573b74c768f84f62c443c84476d6e227ec580786174907ae
9cc8ab44cf8e5058648bc6a04e7843433dbadddab3a686e21484933438a0a360
9d96f9ed741923b7862e6de674bd0305ee6ff6245143c884d7cb61c33264b7a5
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0bd9bfaf4def6656a9233d93df518c01be681326e72cd9e00aa73fd29702b83
a0c11855af59e707cc41bb87dbe2f7b527361bf9a3f1ee0350b5e9fdc519109e
a14e7739b0b5c4010e594e4b9d1baeeccda6ea348a336262b9b8f11c6f106b42
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2ef58087114bab20a1dcca3200f69a144467a421f84c4b30b205d2c84606f04
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a41129c324c88468b292bca75eb8ca7bb9231a6b2bd5f8036ee6df99e5491d27
a5a4eee2f84df74c203391e2f8fbf67dc1cd3c1023848ca5ba3bcbd398511ba5
a5e5f86fe6caf818d06cbc85776ec3548c98ba29080854726342bd6b2eab236d
a5eb9578265453ef425a4c9e52eedddafd7f1d44c24d19cd016ed75b22c1bf02
a6168f8d9be8fd28c2602431967ca1fac8e5f8a03faa34b42f6e2c0e41a93ea8
a667c3feb68929a9fa9a024d1631d6f97d3629bfa86a076efb5268ad11f5bc1f
a6df7fbbd11fc67047b586ebfb98853ce5e1abf13d2bf95feb4f26e566c9fe59
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
adac63cb18f2d903d5a8151c028cbc937d13f3e356ac64f8c43fc0100c27537c
adee789a1dcc37fe49243ff3377aa8aaf619e4c39ebcc0901a5e96f2d3469e59
ae34556bbf287cbb457e815df73d9510b93e8d743266b8d5116ad89aa4b6145b
ae4a9b83a6d3bd8bc7e13b123bd1b672988aa61fb4ccd9e8213b379e9be932bf
afbb624cd9ae5618544ad1be58251d75bdf64d085450048aceddc606cbfb8ef5
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b00a93d08e2421edcb4589114d62d2a6bd9d6b9cc034dc8e5b9f597527a0952c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b32497bc42edc5a9cfb948004ab9717072bcc8d4b37cc1fb64b00f95b7e501ff
b780b3ccf6f2b1d78863566328639d152e4d3316c95d3fa92bebb77f286f0283
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
bb3eb47ae0e6951633dd951a12f9a4fb43e3dde63196c9e8de4485ba7a5d4f5a
bbe91504a09140d13351499873e660b9494cc6b4a851d3ba3992f4d3d94167d5
bbf005f2a161b2845e878b9a8fe5fb6e5aeed5d577f61d458ff19a29f8b74afd
bc7ed73db73021c0a0c2678dea8335423e6ad232786be00a15d70257f0227a51
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
befcd4e60c417c14b31ec54d3897c17bccaa837ef59e68c5aa45a881130b8f9e
bf428aaa348d904fc5a772bd2bc2e1404d6b8e305c1924c8391e397ada7beafd
bf48523ba0bc58a505e5ebbd8f3f5186b1c8bc8d493c78a09aa7fd70689f822b
bfe932268645eec8b65b8f8aaf73a5fde0ca2d4622ff8dd6d63470b18eabd6dd
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c0cc898820e28ef59f08ab4446cb3aa6afd6647d9fbc40843c64c2f549ea778c
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c594b393ab979196ab587153bfcb2d11eab73869581deac981baf7d872fdef2f
c5b1037ced609d68e6d0b08b4d0a24e78fd0af34ae706ce897663c753ae01495
c6ba0c56919d76219628f59713b483e2c592573741375510f7196ae6e55fa8f4
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c722b5e8d6cd39963883ebfec2d5bfa592463b27b49c3abb42845348d2144139
c886b49ca24babfb5d25f357437cecdd5247643a3edb0603631017696bab5549
ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20
ca806173739fb0438dcc8525994bb1d059465a9b2f333e431362527ec161fb75
cb57752edc96294323252e8d84fa25f975943b2ef3e87b2c984b15ca935d7657
cba89239522795d55fcf43087637399562c8fb25cf3baadf59f488bb97bffd6d
cbabaf11b852af314cd0b007489eae363548ac2cd042acbb05461ddb78922395
cfedac3827f5b3f0b586b6a7c0cf41b1657da3e4e66bb9e56034e3fa068c06f1
d14de0e3dc5be11c2cc331a6e98b4b377c9f1c871412149d910e35faaa8e4756
d2f81b4a08b126c8368d3d4589c7545d5645a4d213ea936426a7b8ec767fffc6
d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4
d4720741686e5585525c60fe54ca2d8c0d15a6914bf5c12077381ae314502de9
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d505627ba4f764e1a6835d08d60a8e01368904b7dbea94a18c07195b790e227d
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
d74545379996bf8d93e03d1d082fa20792be16b0ced0f489bdf1e5d1dbde8e46
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7df7fe05ddc4df97f62cc04a7d5e5ba7396f97faa2046a0d43a019453175f26
d82ef856de89920ccc056ac5583e6ad768d80b7e04f94550fb2ad713f97e4848
dadf26bf8bbafa114227b7e3b9d1116c24a6b9dd8fe0043e875222e8fd6008eb
db00fc9ec635de5e631d0ff39a30dc83d611d26fc2baba3880356355c137dcb7
db59de0ff0476552e8705e665a603965064b4ca6db584ead41c74a81a98a1b41
db68b201803a6af9ceb02b1d37c95d653a60e173c7b884e7109ed00252ff326b
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
dd5bb66bac9f2d27689f537a7beaf5630134204e7327c42c066f0b64717fb3d3
ded4d91a71b2a9cb34007f73cdf24c27c3ae7b27ae86baf510395c94286ae679
df6fffd563d57f2c1489af67a6f1c9aaf2cb23c7be9186fe1ebd944cd4e1bc5f
df7569d295f5b93e79e08f8324c867f901f0831a227f40ed0b8c15ede52d923f
e156db1570c13c426d727df0b700884fac3ea70307c6ad350e47b8a266719393
e16e8435f79251870393eb3468ae26b274b0c1cf7bb6f69821a8388131f40bd7
e1d983dd45739b8dadaa4d2419789fda8bbb46c8dc930fa0110742d05e1fc4ee
e202072816923f804cddd74077bef8703ab76fd226445a64c24c302ab70f84a1
e2d27f57875b98fff2e642b4fba35661199bd8dd23fa7498b6f8dbce5cd20cc2
e36aba4e9f396af22a05341bb83e521bc236a21b8e855a555ac7b424b6db44df
e39abfd4ed883a07c05570177864c3ce5a72f55a8b79b7410ceebfc3a75369d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4262072fd2e9ad103d4d43be4334ffcad014d799a9eb97aeaa14d266b656adf
e4a8b0c74d455a205f1be188d41e123c961d0cf44d4321a6d1d2a8852e155304
e619a0cb7388dcea406e44574eca03ea10f5d10955816954fdc93baec242a50b
e68b2d2efd1b7f25593795d295dece45a1f403e8768ca22a945114ca940c18e9
e718f0ca397af61af80bde5241e0dbeb9ede2723a01ed545c145ae57d053ad7d
e8691755a8ed913625d56f33a4ec9abf91166dacdb6d9607d7055c86a7064fad
e87e6c59106b462f188025940292ab617736a13769c59549566e9d379d9a093f
ea6ba1709b3ac79adec10192dfba4849d041ddfa41e6fef7ff3046a632d29c17
ea9d164a8d2dde0c347726050a4eae7f21f27603c416d9cf7308b8ed0b7aa7b5
ed1baecd4649695baef9330d9aa30579ef25ed945131b3e990f34e4ec0e6e2df
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee4fcaba20da687e1cb933aabd8f7376c996a88d6ddf787f9c6fe947c71e5c33
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef11e2fa34dffbfa5cfc4e14e269963985c0951cf645390fe9ac70d0588e69e2
ef299e50720bdcf3a1008de8d98e247875bf0162590ccaa5b4974fdb3f8f9dd0
f02d7d6ed45bed9173e6d384626f491f6bb92a9cb71f8acbb9c83cbf02857a98
f08f448dc5a8fd6c81c80eeb77e400735ee761a52562a19e36d4e234f4821f4b
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f2b947fc04b88f3c4f6085b03f16e2aa1b8b0bb29590047d5118733d6f3f716f
f33374f59d95b33d3bef76526357c6398c7a24c93485b7e39933396333f648c2
f35cd23b642989e3aa579043c5a5221720e38b6ede6dd96829f1965762e62ac7
f39cfb6336d2c67e6920c9cd42ec3bc8ed4273a16448ed43eed60249ed580441
f48e8278dbd5f830c3e36b053e5d330d93dbf9a81ffb61b4351305628dbd8e73
f4ee009a24925f6617ea25066e34d260d1e5e22352183e261dd36961bb4dd35c
f5143a05c0b939b3e619a4f6ac4a016ae54eb33b22c557e2a0e4344b4c8ed437
f5ed9fd0544d74c3c09043600e6b53c33360bfbfc93042694fdb9358d1303cd9
f5f879872c9e7087e996fe67e77a635e8ebbbbd4e5f9a49c5a8537247ba5db65
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f773e7144fa4ba9d812cdfcd0d4c10c51fa96309ca63f6c081534f378eec634e
f90915db46a74069adae201fd95ce4c809f01e9e81ac68b115cecb30a3f422cc
f9f374abeb89213734e3a32fc705d6291030298fe9019de5702a6fcd753d3789
fa79c6668d348fca2670dd8991f48e951c1cd8ba9c2818b99305c4214f135909
fcf76db6698396261f69621e34287f15c1b1c643de02d01faff7cf9933e14594
fcf8dedca2e77614334d1eb5de6245023a71f4f05d731a5353037bce9d863438
fe4b623a83a5a3c4a331d34e87593a4521e19c9cb80c3943cc45c967a7393c07
fe68f9bfb04579c651b4d154a78aec364683142c8d9eb9de299ce0cc71a81154