urlscan.io logo urlscan.io
SecurityTrails logo

speedyshare.com Open in urlscan Pro
2606:4700:3036::ac43:b7df  Public Scan

Go To Rescan Add Verdict Report
URL: http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Submission: On September 10 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 82 HTTP transactions. The main IP is 2606:4700:3036::ac43:b7df, located in United States and belongs to CLOUDFLARENET, US. The main domain is speedyshare.com.
This is the only time speedyshare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2606:4700:3036::ac43:b7df (United States)

ASN13335 (CLOUDFLARENET, US)
speedyshare.com
1    2a00:1450:4007:817::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4007:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4007:819::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4007:812::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3036::6815:13c8 (United States)

ASN13335 (CLOUDFLARENET, US)
freegeoip.app
2    2a00:1450:4007:80b::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    216.58.214.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: mad01s26-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4007:813::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4007:818::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4007:810::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
35    2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
view.officeapps.live.com
pnl1-powerpoint.officeapps.live.com
2    2a00:1450:4007:819::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2a02:26f0:ec:289::4b36 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
c1-powerpoint-15.cdn.office.net
3    2a02:26f0:ec:2bb::4b36 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
c1-officeapps-15.cdn.office.net
1    2a00:1450:4007:806::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    23.72.19.83 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-19-83.deploy.static.akamaitechnologies.com
js.live.net
1    20.189.173.11 (None, )

ASN- ()
browser.events.data.microsoft.com
Domain Requested by
34 pnl1-powerpoint.officeapps.live.com pnl1-powerpoint.officeapps.live.com
c1-powerpoint-15.cdn.office.net
c1-officeapps-15.cdn.office.net
9 c1-powerpoint-15.cdn.office.net pnl1-powerpoint.officeapps.live.com
c1-powerpoint-15.cdn.office.net
9 speedyshare.com speedyshare.com
7 pagead2.googlesyndication.com speedyshare.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 c1-officeapps-15.cdn.office.net pnl1-powerpoint.officeapps.live.com
c1-powerpoint-15.cdn.office.net
3 www.google-analytics.com speedyshare.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
1 browser.events.data.microsoft.com c1-powerpoint-15.cdn.office.net
1 js.live.net c1-powerpoint-15.cdn.office.net
1 www.google.com tpc.googlesyndication.com
1 view.officeapps.live.com speedyshare.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 freegeoip.app speedyshare.com
1 fonts.googleapis.com speedyshare.com
82 19

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
officeapps.live.com
DigiCert Cloud Services CA-1		 2021-04-30 -
2022-04-29		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.cdn.office.net
Microsoft RSA TLS CA 01		 2021-01-26 -
2022-01-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
p.sfx.ms
Microsoft RSA TLS CA 02		 2020-09-28 -
2021-09-28		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2021-08-12 -
2022-08-07		 a year crt.sh

This page contains 7 frames:

Primary Page: http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Frame ID: 0EA459EFC28519BA069FC4E869912479
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Frame ID: 0E78F105B4CE67AC06E3C40D56CBEB3F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7360086138245943&output=html&adk=1812271804&adf=3025194257&lmt=1631257358&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1UmBBKro&ea=0&flash=0&pra=5&wgl=1&dt=1631257358705&bpp=3&bdt=290&idt=162&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3414978416149&frm=20&pv=2&ga_vid=2121236439.1631257359&ga_sid=1631257359&ga_hid=80153914&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4146189975073038&pem=406&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=181
Frame ID: DA78D200D650E001E97C634A59B6C8A5
Requests: 1 HTTP requests in this frame

Frame: https://view.officeapps.live.com/op/embed.aspx?src=http%3A%2F%2Fspeedyshare.com%2Fsecure%2Fuploads%2F50474%3Fshareable_link%3D33388
Frame ID: BD04825D842D2A4E6BC0839B2ACA36A1
Requests: 2 HTTP requests in this frame

Frame: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
Frame ID: B245AC2B74C6E239929CEF92D9B20D2F
Requests: 49 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A146366BD437C58CC2839E2F56E72EEA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3170402F412240ED4579030F9D971CD1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SpeedyShare

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

82
Requests

87 %
HTTPS

83 %
IPv6

15
Domains

19
Subdomains

19
IPs

4
Countries

2189 kB
Transfer

6095 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 15
  • http://www.google-analytics.com/collect?v=1&_v=j93&a=80153914&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1UmBBKro&dp=%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1UmBBKro&ul=en-us&de=UTF-8&dt=SpeedyShare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=2121236439.1631257359&tid=UA-62006872-1&_gid=1738454305.1631257359&z=1769948989 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j93&a=80153914&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1UmBBKro&dp=%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1UmBBKro&ul=en-us&de=UTF-8&dt=SpeedyShare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=2121236439.1631257359&tid=UA-62006872-1&_gid=1738454305.1631257359&z=1769948989

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request D4JeV8KkGxruhE8SaGq72c1UmBBKro
speedyshare.com/drive/s/ 		97 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2865547d7ebee7044283d469b95f447f5cde6fb7455a4ea665d12ca10c7adb3c

Request headers

Host
speedyshare.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 10 Sep 2021 07:02:38 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IjFDYlllazAxc09pN2poMHFQVVhDRVE9PSIsInZhbHVlIjoiaE1VSjduR2YxeDJYRmxsZEc2YkVvTHkvLzVNdzdxdGcrVGJxUDlrZDVEbXBKdlJ2ZlNRYzQrZWRWZDAxU3RxRUJWeDRSWGdpeFgvNjB1RG8vRnc3SnJ1ZlFIaUVVMDRiVnhrUERkZkdEMnE2eVlvbzROTjRXeXgwREZSVEF3RUUiLCJtYWMiOiJkMjNiNDdhNmVmNzMzYzZkY2RkZTk2MWQyOTIyMWNkM2EyMTY3MjQxOGQzMGFiOWNjNDEzMzgyYzVkYWNkZTE2In0%3D; expires=Fri, 10-Sep-2021 09:02:38 GMT; Max-Age=7200; path=/ speedyshare_session=eyJpdiI6Im1ZcDE4bmt0ekJpS3Q5VU9ydDIzSmc9PSIsInZhbHVlIjoia0ErL2lJYjlGMUsxazFURjVaZXRkUDdyTG9zM1pEQXVzQys5S3lKUHdsMTQ3N2psS2dsOFgxY3NINWdSN2Urd0p0T1VUQThvVUhJc0JCK3M2Z1pnR01OMXhaYnkvYktHWlRPOEU3NTVvSVBKUUswSkl5VkJwdXFncFJtUjU5YkMiLCJtYWMiOiJjYzhhMDJkZTJmY2YwMjM0NTU3ODQ3ZGIyMWFkYzI3NzQxZjViNjU5ZGFjMTFiOWZmNGM5YWMyNWUyZjA2MmMzIn0%3D; expires=Fri, 10-Sep-2021 09:02:38 GMT; Max-Age=7200; path=/; httponly
vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVhA5gyjj8sQIi2cVd40Jz7wpHOGAR4sz9x%2FvDaNQe6mb1%2BO3LthYSr6ZO%2FKXEJezMNr6htEor%2FlXj0vK4DAbxi1z4TcVZWTTz2imOlWJCtx%2B2pJAtOoY%2FGAfBDPfqL8%2FHK7qTgEjUlARX%2FNxWI%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
68c6cab92838c2ae-FRA
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:817::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb9384f7a4fbdb141e673788b2b80d39e36b5ba956b176207ff315dfc40a8df0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 06:15:08 GMT
server
ESF
date
Fri, 10 Sep 2021 07:02:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Sep 2021 07:02:38 GMT
styles.ad79e8d05c75455030dd.css
speedyshare.com/client/ 		105 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/styles.ad79e8d05c75455030dd.css
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed321a25a5100de9b889259a32f457ac6e6987bcb3c0a1921f4295ac9858e53

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Cookie
XSRF-TOKEN=eyJpdiI6IjFDYlllazAxc09pN2poMHFQVVhDRVE9PSIsInZhbHVlIjoiaE1VSjduR2YxeDJYRmxsZEc2YkVvTHkvLzVNdzdxdGcrVGJxUDlrZDVEbXBKdlJ2ZlNRYzQrZWRWZDAxU3RxRUJWeDRSWGdpeFgvNjB1RG8vRnc3SnJ1ZlFIaUVVMDRiVnhrUERkZkdEMnE2eVlvbzROTjRXeXgwREZSVEF3RUUiLCJtYWMiOiJkMjNiNDdhNmVmNzMzYzZkY2RkZTk2MWQyOTIyMWNkM2EyMTY3MjQxOGQzMGFiOWNjNDEzMzgyYzVkYWNkZTE2In0%3D; speedyshare_session=eyJpdiI6Im1ZcDE4bmt0ekJpS3Q5VU9ydDIzSmc9PSIsInZhbHVlIjoia0ErL2lJYjlGMUsxazFURjVaZXRkUDdyTG9zM1pEQXVzQys5S3lKUHdsMTQ3N2psS2dsOFgxY3NINWdSN2Urd0p0T1VUQThvVUhJc0JCK3M2Z1pnR01OMXhaYnkvYktHWlRPOEU3NTVvSVBKUUswSkl5VkJwdXFncFJtUjU5YkMiLCJtYWMiOiJjYzhhMDJkZTJmY2YwMjM0NTU3ODQ3ZGIyMWFkYzI3NzQxZjViNjU5ZGFjMTFiOWZmNGM5YWMyNWUyZjA2MmMzIn0%3D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 07:02:38 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3047
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
15442
Last-Modified
Thu, 12 Nov 2020 14:21:55 GMT
Server
cloudflare
ETag
"1a2fd-5b3e9a24906c0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMSYduN%2BdcOf%2FpzT%2BOLEgNgK0sCVbbjo%2B%2Bdl%2FiXy%2FWUQpePQ2g7aJVDSnCASlb3CvVjh42ABMlI4grmFi1eTg4SwzaZUfKLCOaEqBBOf6PgYjMqB2Y9qUGk4Hxd08Cmi07n3KZuwie6WsojajeE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
68c6caba49d7c2ae-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cedfbfa784fad02997626a083882aa3a2765c5f5909fba298d9e08b01b375de3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 07:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49407
x-xss-protection
0
server
cafe
etag
15848656404417496526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Sep 2021 07:02:38 GMT
runtime-es2015.079d2104455a7fd227c6.js
speedyshare.com/client/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/runtime-es2015.079d2104455a7fd227c6.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f123e9ef3f393e0de6b24f9ccab82d4e8ab276319ddee6a1e9349e1eba309287

Request headers

Pragma
no-cache
Origin
http://speedyshare.com
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Cookie
XSRF-TOKEN=eyJpdiI6IjFDYlllazAxc09pN2poMHFQVVhDRVE9PSIsInZhbHVlIjoiaE1VSjduR2YxeDJYRmxsZEc2YkVvTHkvLzVNdzdxdGcrVGJxUDlrZDVEbXBKdlJ2ZlNRYzQrZWRWZDAxU3RxRUJWeDRSWGdpeFgvNjB1RG8vRnc3SnJ1ZlFIaUVVMDRiVnhrUERkZkdEMnE2eVlvbzROTjRXeXgwREZSVEF3RUUiLCJtYWMiOiJkMjNiNDdhNmVmNzMzYzZkY2RkZTk2MWQyOTIyMWNkM2EyMTY3MjQxOGQzMGFiOWNjNDEzMzgyYzVkYWNkZTE2In0%3D; speedyshare_session=eyJpdiI6Im1ZcDE4bmt0ekJpS3Q5VU9ydDIzSmc9PSIsInZhbHVlIjoia0ErL2lJYjlGMUsxazFURjVaZXRkUDdyTG9zM1pEQXVzQys5S3lKUHdsMTQ3N2psS2dsOFgxY3NINWdSN2Urd0p0T1VUQThvVUhJc0JCK3M2Z1pnR01OMXhaYnkvYktHWlRPOEU3NTVvSVBKUUswSkl5VkJwdXFncFJtUjU5YkMiLCJtYWMiOiJjYzhhMDJkZTJmY2YwMjM0NTU3ODQ3ZGIyMWFkYzI3NzQxZjViNjU5ZGFjMTFiOWZmNGM5YWMyNWUyZjA2MmMzIn0%3D
Connection
keep-alive
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Origin
http://speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 07:02:38 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3047
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
1359
last-modified
Thu, 12 Nov 2020 14:21:55 GMT
Server
cloudflare
etag
"a04-5b3e9a24906c0-gzip"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwgwyEpFwC2wj8%2BE3gvnzlvjhjUQj327YNkne%2BSGrd0u%2BOXO12h8GtwfiUYAWWehTjZ3c8FJy%2FXYd%2F52gPcMHgq6fjGSPdodkmRFEyHaD4UjFuBOyc%2Bn7sTGZ0gJWL9qvkbZVTpSaZrqxr4WCIs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
68c6caba5d3b2c2e-FRA
polyfills-es2015.cf8a40a25e05e5019c0d.js
speedyshare.com/client/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01fbbb934342964bf4725afbfcb9c9be37fedb54237432a45717d41a1f1d9475

Request headers

Pragma
no-cache
Origin
http://speedyshare.com
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Cookie
XSRF-TOKEN=eyJpdiI6IjFDYlllazAxc09pN2poMHFQVVhDRVE9PSIsInZhbHVlIjoiaE1VSjduR2YxeDJYRmxsZEc2YkVvTHkvLzVNdzdxdGcrVGJxUDlrZDVEbXBKdlJ2ZlNRYzQrZWRWZDAxU3RxRUJWeDRSWGdpeFgvNjB1RG8vRnc3SnJ1ZlFIaUVVMDRiVnhrUERkZkdEMnE2eVlvbzROTjRXeXgwREZSVEF3RUUiLCJtYWMiOiJkMjNiNDdhNmVmNzMzYzZkY2RkZTk2MWQyOTIyMWNkM2EyMTY3MjQxOGQzMGFiOWNjNDEzMzgyYzVkYWNkZTE2In0%3D; speedyshare_session=eyJpdiI6Im1ZcDE4bmt0ekJpS3Q5VU9ydDIzSmc9PSIsInZhbHVlIjoia0ErL2lJYjlGMUsxazFURjVaZXRkUDdyTG9zM1pEQXVzQys5S3lKUHdsMTQ3N2psS2dsOFgxY3NINWdSN2Urd0p0T1VUQThvVUhJc0JCK3M2Z1pnR01OMXhaYnkvYktHWlRPOEU3NTVvSVBKUUswSkl5VkJwdXFncFJtUjU5YkMiLCJtYWMiOiJjYzhhMDJkZTJmY2YwMjM0NTU3ODQ3ZGIyMWFkYzI3NzQxZjViNjU5ZGFjMTFiOWZmNGM5YWMyNWUyZjA2MmMzIn0%3D
Connection
keep-alive
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Origin
http://speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 07:02:38 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3047
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
18380
Last-Modified
Thu, 12 Nov 2020 14:21:55 GMT
Server
cloudflare
ETag
"d6ee-5b3e9a24906c0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pVEnzQDo2tPsP36Sqe7kUrLgZ4aDEZLjHxRBc1tB%2BBRPDIEYeIY0VVzqAYCAxY7qFLqjskRw%2FwDN5TjMt9daS7qoQ84qia%2FZOBri66tl1dbjfTAuVDhHcd%2FM0%2F5PT6pPwzVralLhZBj8kViAY0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
68c6caba491c4e74-FRA
main-es2015.ad03a1dd0f3781611ef9.js
speedyshare.com/client/ 		1 MB
285 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/main-es2015.ad03a1dd0f3781611ef9.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33b6505c289d57802a0ac8ef3be7193985853a2f34813011fb68f0d341281e72

Request headers

Pragma
no-cache
Origin
http://speedyshare.com
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Cookie
XSRF-TOKEN=eyJpdiI6IjFDYlllazAxc09pN2poMHFQVVhDRVE9PSIsInZhbHVlIjoiaE1VSjduR2YxeDJYRmxsZEc2YkVvTHkvLzVNdzdxdGcrVGJxUDlrZDVEbXBKdlJ2ZlNRYzQrZWRWZDAxU3RxRUJWeDRSWGdpeFgvNjB1RG8vRnc3SnJ1ZlFIaUVVMDRiVnhrUERkZkdEMnE2eVlvbzROTjRXeXgwREZSVEF3RUUiLCJtYWMiOiJkMjNiNDdhNmVmNzMzYzZkY2RkZTk2MWQyOTIyMWNkM2EyMTY3MjQxOGQzMGFiOWNjNDEzMzgyYzVkYWNkZTE2In0%3D; speedyshare_session=eyJpdiI6Im1ZcDE4bmt0ekJpS3Q5VU9ydDIzSmc9PSIsInZhbHVlIjoia0ErL2lJYjlGMUsxazFURjVaZXRkUDdyTG9zM1pEQXVzQys5S3lKUHdsMTQ3N2psS2dsOFgxY3NINWdSN2Urd0p0T1VUQThvVUhJc0JCK3M2Z1pnR01OMXhaYnkvYktHWlRPOEU3NTVvSVBKUUswSkl5VkJwdXFncFJtUjU5YkMiLCJtYWMiOiJjYzhhMDJkZTJmY2YwMjM0NTU3ODQ3ZGIyMWFkYzI3NzQxZjViNjU5ZGFjMTFiOWZmNGM5YWMyNWUyZjA2MmMzIn0%3D
Connection
keep-alive
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Origin
http://speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 07:02:38 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3047
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Last-Modified
Thu, 12 Nov 2020 14:21:55 GMT
Server
cloudflare
ETag
"101c50-5b3e9a24906c0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbaAQnWbrVWbqQDs4hzVddVcybuzhxuwJjgcuf5HtyeHJtKgxy6uJHkSjE%2BRL%2FHc2%2B2nNQEBy1mrFHphVK9nchQLoCAFWNCP52buNgaNgik6K%2FfwThXO3bB5dOOyAAVv83dZSY0PJQ6pip4x0%2BQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
68c6caba48c54e9e-FRA
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:819::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1398
date
Fri, 10 Sep 2021 06:39:20 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 08:39:20 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:812::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 17:57:59 GMT
x-content-type-options
nosniff
age
306279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 17:57:59 GMT
/
freegeoip.app/json/ 		249 B
889 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freegeoip.app/json/
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:13c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fd307b5982d3254d9f60f7ce04d8fe154cf6195c3ceb519d558801df29ac31f

Request headers

Accept
application/json, text/plain, */*
Referer
http://speedyshare.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 07:02:38 GMT
content-encoding
br
vary
Origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-database-date
Wed, 25 Aug 2021 10:15:20 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
14999
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWHUQMBeLc0cREsxv9BNybUoBHIn6TqFISlbkQSNS%2BWbLDa1xf%2FuVieVjkCCAN09%2FwGFZoG%2ByrhrRUl13PyXVzOY0egeQ5ncjCS0S7gkVPxasQ24SIgINpbbbYCiLqhExUsrcDN1P9CfJ8%2Bz"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
http://speedyshare.com
access-control-allow-credentials
true
x-ratelimit-reset
3600
x-ratelimit-limit
15000
cf-ray
68c6cabc0d325c92-FRA
7-es2015.e9e23d5f8ea9fb14cae6.js
speedyshare.com/client/ 		431 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/7-es2015.e9e23d5f8ea9fb14cae6.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/runtime-es2015.079d2104455a7fd227c6.js
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
712b9ed53864ed16b5e81f7d6d90569a6e1d5c58fdeb88a4756f70bc0e79b0fe

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Cookie
XSRF-TOKEN=eyJpdiI6IjFDYlllazAxc09pN2poMHFQVVhDRVE9PSIsInZhbHVlIjoiaE1VSjduR2YxeDJYRmxsZEc2YkVvTHkvLzVNdzdxdGcrVGJxUDlrZDVEbXBKdlJ2ZlNRYzQrZWRWZDAxU3RxRUJWeDRSWGdpeFgvNjB1RG8vRnc3SnJ1ZlFIaUVVMDRiVnhrUERkZkdEMnE2eVlvbzROTjRXeXgwREZSVEF3RUUiLCJtYWMiOiJkMjNiNDdhNmVmNzMzYzZkY2RkZTk2MWQyOTIyMWNkM2EyMTY3MjQxOGQzMGFiOWNjNDEzMzgyYzVkYWNkZTE2In0%3D; speedyshare_session=eyJpdiI6Im1ZcDE4bmt0ekJpS3Q5VU9ydDIzSmc9PSIsInZhbHVlIjoia0ErL2lJYjlGMUsxazFURjVaZXRkUDdyTG9zM1pEQXVzQys5S3lKUHdsMTQ3N2psS2dsOFgxY3NINWdSN2Urd0p0T1VUQThvVUhJc0JCK3M2Z1pnR01OMXhaYnkvYktHWlRPOEU3NTVvSVBKUUswSkl5VkJwdXFncFJtUjU5YkMiLCJtYWMiOiJjYzhhMDJkZTJmY2YwMjM0NTU3ODQ3ZGIyMWFkYzI3NzQxZjViNjU5ZGFjMTFiOWZmNGM5YWMyNWUyZjA2MmMzIn0%3D; theme=dark
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 07:02:38 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3046
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Last-Modified
Thu, 12 Nov 2020 14:21:49 GMT
Server
cloudflare
ETag
"6bc01-5b3e9a1ed7940-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYOGeo%2FTwjLhQXNncxH9FPnC5De6LOZHeSdNPAPB2Az3tHUi30uxjdbhzGgOtjGP6PBDfSNqCRorf58RqzvJLUPzpsLA0UG9TGP1xGCnCXMzRyCzX6y6MRA%2FxRWCDh%2FEtI9GhrdQw8STR1ENAjg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
68c6cabbcbab4e9e-FRA
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ 		251 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b70365b09badf5fceb9effc21b9cca9d19e08b0045fc0ebcaf5765293b2518d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 07:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95420
x-xss-protection
0
server
cafe
etag
5659919450890713277
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Sep 2021 07:02:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/ Frame 0E78 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80b::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210831/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://speedyshare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 09 Sep 2021 17:26:13 GMT
expires
Thu, 23 Sep 2021 17:26:13 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
48985
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
D4JeV8KkGxruhE8SaGq72c1UmBBKro
speedyshare.com/secure/drive/shareable-links/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/secure/drive/shareable-links/D4JeV8KkGxruhE8SaGq72c1UmBBKro?withEntries=true
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d97afe5111d65582151593e4ee9f5d926b4797475f45b16efecca7d2c27cd2a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
application/json, text/plain, */*
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Cookie
XSRF-TOKEN=eyJpdiI6IjFDYlllazAxc09pN2poMHFQVVhDRVE9PSIsInZhbHVlIjoiaE1VSjduR2YxeDJYRmxsZEc2YkVvTHkvLzVNdzdxdGcrVGJxUDlrZDVEbXBKdlJ2ZlNRYzQrZWRWZDAxU3RxRUJWeDRSWGdpeFgvNjB1RG8vRnc3SnJ1ZlFIaUVVMDRiVnhrUERkZkdEMnE2eVlvbzROTjRXeXgwREZSVEF3RUUiLCJtYWMiOiJkMjNiNDdhNmVmNzMzYzZkY2RkZTk2MWQyOTIyMWNkM2EyMTY3MjQxOGQzMGFiOWNjNDEzMzgyYzVkYWNkZTE2In0%3D; speedyshare_session=eyJpdiI6Im1ZcDE4bmt0ekJpS3Q5VU9ydDIzSmc9PSIsInZhbHVlIjoia0ErL2lJYjlGMUsxazFURjVaZXRkUDdyTG9zM1pEQXVzQys5S3lKUHdsMTQ3N2psS2dsOFgxY3NINWdSN2Urd0p0T1VUQThvVUhJc0JCK3M2Z1pnR01OMXhaYnkvYktHWlRPOEU3NTVvSVBKUUswSkl5VkJwdXFncFJtUjU5YkMiLCJtYWMiOiJjYzhhMDJkZTJmY2YwMjM0NTU3ODQ3ZGIyMWFkYzI3NzQxZjViNjU5ZGFjMTFiOWZmNGM5YWMyNWUyZjA2MmMzIn0%3D; theme=dark
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 07:02:38 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7kaU3H6WWKAEHPYL2GiRcB5JgoFAIWh8lDaqlqeN871whh%2FuzAgLiF32uBKphmy0s3CDuKAGR1%2BJcFigVi6vYeH5kq%2FY3JOrLumKn7tcFEzVY269Y5HFfAlVaEPinYyi6mvEmF93C4t0lEtFEU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/json
set-cookie
XSRF-TOKEN=eyJpdiI6ImJPaEEvRTJ2VmljWFlhdjhyQXpNNmc9PSIsInZhbHVlIjoiUkhMV3puc1liRm9iZE96V2NOdVZNaE83YTZrd2hyWU9oWFhUclRXa1NsY25YYkFnbG1PRCtkMjlqcEdYczZMaXBIbmxXUkNLRjBGSi82RCtBRzJYY3FONmhVSnNmNUttOGZZVk51Y0VUNlNMRnFkWjZtd2cyVXAvWUtXelpqK1QiLCJtYWMiOiIwOGNhNDI0ZTYzNGQwMjVmMDUwZThkYTE2ZjU5NjkwMzFiMDQ2Y2I2NGQ0ZjFkNzMyYzU4YjViZjYwMmM0MTQ0In0%3D; expires=Fri, 10-Sep-2021 09:02:38 GMT; Max-Age=7200; path=/ speedyshare_session=eyJpdiI6IlB6ZnVIMHJxTFRkS1NYMzR6UWZlQ3c9PSIsInZhbHVlIjoiZ2NDaVZxRlN6TnR1OUZ1RGJwZldjc1JGVFNNaXR3TzZQQlE0QkVKdmYrRFl6aVM1MWlXcldvZ3EvNWwxcVVJWjVJQkFkR1J5Zkh1Q2hGeElSZUJWeUNhZEppajlIQloxN0N0cXVUS0l1YVp1ZzEvU1B2T0FSZExVSUg2ZCtLU3YiLCJtYWMiOiI4MzJmMjMzYTM4OTAwNzYyNWYxOTA1MjQ0YjNmYWM3ZDhlOTI5ODYyODU1NWI2NmQ1MDNlNGUxMWQ0YjgzNmM5In0%3D; expires=Fri, 10-Sep-2021 09:02:38 GMT; Max-Age=7200; path=/; httponly
cache-control
no-cache, private
Connection
keep-alive
CF-RAY
68c6cabc6d864e9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:812::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:10:55 GMT
x-content-type-options
nosniff
age
561103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Sep 2022 19:10:55 GMT
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=80153914&t=pageview&_s=1&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1UmBBKro&ul=en-us&de=UTF-8&dt=SpeedyShare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2091832638&gjid=1636316723&cid=2121236439.1631257359&tid=UA-62006872-1&_gid=1738454305.1631257359&_r=1&_slc=1&z=279100178
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:819::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://speedyshare.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 07:02:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://speedyshare.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j93&a=80153914&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1UmBBKro&dp=%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1U...
  • https://www.google-analytics.com/collect?v=1&_v=j93&a=80153914&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1UmBBKro&dp=%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1...
35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=80153914&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1UmBBKro&dp=%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1UmBBKro&ul=en-us&de=UTF-8&dt=SpeedyShare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=2121236439.1631257359&tid=UA-62006872-1&_gid=1738454305.1631257359&z=1769948989
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:819::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 15:23:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56332
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j93&a=80153914&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1UmBBKro&dp=%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1UmBBKro&ul=en-us&de=UTF-8&dt=SpeedyShare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=2121236439.1631257359&tid=UA-62006872-1&_gid=1738454305.1631257359&z=1769948989
Non-Authoritative-Reason
HSTS
cookie.js
partner.googleadservices.com/gampad/ 		205 B
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=speedyshare.com&callback=_gfp_s_&client=ca-pub-7360086138245943
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.214.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad01s26-in-f2.1e100.net
Software
cafe /
Resource Hash
06b0c7dc582005d1f7507490da3c57d873a7b0c706b4e8fdb0ee07484f8971c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 07:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1UmBBKro&tn=DIV&cls=cdk-overlay-container&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Protocol
HTTP/1.1
Server
2a00:1450:4007:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 07:02:38 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=speedyshare.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:813::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 07:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=speedyshare.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:818::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 07:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DA78 		603 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7360086138245943&output=html&adk=1812271804&adf=3025194257&lmt=1631257358&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1UmBBKro&ea=0&flash=0&pra=5&wgl=1&dt=1631257358705&bpp=3&bdt=290&idt=162&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3414978416149&frm=20&pv=2&ga_vid=2121236439.1631257359&ga_sid=1631257359&ga_hid=80153914&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4146189975073038&pem=406&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=181
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80b::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7360086138245943&output=html&adk=1812271804&adf=3025194257&lmt=1631257358&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FD4JeV8KkGxruhE8SaGq72c1UmBBKro&ea=0&flash=0&pra=5&wgl=1&dt=1631257358705&bpp=3&bdt=290&idt=162&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3414978416149&frm=20&pv=2&ga_vid=2121236439.1631257359&ga_sid=1631257359&ga_hid=80153914&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062297&oid=3&pvsid=4146189975073038&pem=406&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=181
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://speedyshare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 10 Sep 2021 07:02:38 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Sep-2021 07:17:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 10 Sep 2021 07:02:38 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:810::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16ed299b472d3f09c1fecfb67a63c435bfabd6e582f5b4d6703cd7030fc6701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 07:02:38 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631100470313954"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27651
x-xss-protection
0
expires
Fri, 10 Sep 2021 07:02:38 GMT
merged.svg
speedyshare.com/client/assets/icons/ 		57 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/assets/icons/merged.svg?v3
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
989567004f6e207c2fa550e55b4bca1c7d0b5be92b92f6d7bc67a8579e154244

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
application/json, text/plain, */*
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Cookie
theme=dark; _ga=GA1.2.2121236439.1631257359; _gid=GA1.2.1738454305.1631257359; _gat=1; XSRF-TOKEN=eyJpdiI6ImJPaEEvRTJ2VmljWFlhdjhyQXpNNmc9PSIsInZhbHVlIjoiUkhMV3puc1liRm9iZE96V2NOdVZNaE83YTZrd2hyWU9oWFhUclRXa1NsY25YYkFnbG1PRCtkMjlqcEdYczZMaXBIbmxXUkNLRjBGSi82RCtBRzJYY3FONmhVSnNmNUttOGZZVk51Y0VUNlNMRnFkWjZtd2cyVXAvWUtXelpqK1QiLCJtYWMiOiIwOGNhNDI0ZTYzNGQwMjVmMDUwZThkYTE2ZjU5NjkwMzFiMDQ2Y2I2NGQ0ZjFkNzMyYzU4YjViZjYwMmM0MTQ0In0%3D; speedyshare_session=eyJpdiI6IlB6ZnVIMHJxTFRkS1NYMzR6UWZlQ3c9PSIsInZhbHVlIjoiZ2NDaVZxRlN6TnR1OUZ1RGJwZldjc1JGVFNNaXR3TzZQQlE0QkVKdmYrRFl6aVM1MWlXcldvZ3EvNWwxcVVJWjVJQkFkR1J5Zkh1Q2hGeElSZUJWeUNhZEppajlIQloxN0N0cXVUS0l1YVp1ZzEvU1B2T0FSZExVSUg2ZCtLU3YiLCJtYWMiOiI4MzJmMjMzYTM4OTAwNzYyNWYxOTA1MjQ0YjNmYWM3ZDhlOTI5ODYyODU1NWI2NmQ1MDNlNGUxMWQ0YjgzNmM5In0%3D
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 07:02:38 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
3046
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Last-Modified
Thu, 12 Nov 2020 14:21:50 GMT
Server
cloudflare
ETag
W/"e33a-5b3e9a1fcbb80"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlgEynQ5FmZGDgqSSzfgbFhj0DtRsJF8gyt5SgXK6JsWoN7PCDuMnAI6RijzjcWgF7R7EuJvKltPmtkQup8TEO88kWsA8DZmk3L5Zr7QZ9Vwy1sCJtioJu%2FnjnIPfK0ElDVsZNXc0JUcTWcXKu0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Cache-Control
max-age=14400
CF-RAY
68c6cabd6f9e4e9e-FRA
embed.aspx
view.officeapps.live.com/op/ Frame BD04 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://view.officeapps.live.com/op/embed.aspx?src=http%3A%2F%2Fspeedyshare.com%2Fsecure%2Fuploads%2F50474%3Fshareable_link%3D33388
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/7-es2015.e9e23d5f8ea9fb14cae6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c3a8de2e7d7f5cbf7b45ead02f4171abd27e613433767791f50175ed7f0579f9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
view.officeapps.live.com
:scheme
https
:path
/op/embed.aspx?src=http%3A%2F%2Fspeedyshare.com%2Fsecure%2Fuploads%2F50474%3Fshareable_link%3D33388
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://speedyshare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/

Response headers

cache-control
private
content-type
text/html; charset=utf-8
set-cookie
PNL1-ARRAffinity=609ced3a904481487f5cc6fa5dd14a1277133a8c1cfe1dc9745754ff56300767;Path=/;Domain=view.officeapps.live.com; samesite=none; secure
x-correlationid
82e1ad16-d623-472c-999b-e80960819e57
x-officefe
AM4PEPF0000602F
x-officeversion
16.0.14423.41001
x-officecluster
PNL1
x-content-type-options
nosniff
x-officefd
AM4PEPF000068AD
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-msedge-ref
Ref A: 2A06D89C8F0C47A3A9C17B41FB2F7148 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:39Z
date
Fri, 10 Sep 2021 07:02:38 GMT
logo-light.png
speedyshare.com/client/assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://speedyshare.com/client/assets/images/logo-light.png
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974a05a2c6331bff6ee67a441283ad0dcd9cdf25b84ac700fb351abfa1ddc49f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
Cookie
theme=dark; _ga=GA1.2.2121236439.1631257359; _gid=GA1.2.1738454305.1631257359; _gat=1; XSRF-TOKEN=eyJpdiI6ImJPaEEvRTJ2VmljWFlhdjhyQXpNNmc9PSIsInZhbHVlIjoiUkhMV3puc1liRm9iZE96V2NOdVZNaE83YTZrd2hyWU9oWFhUclRXa1NsY25YYkFnbG1PRCtkMjlqcEdYczZMaXBIbmxXUkNLRjBGSi82RCtBRzJYY3FONmhVSnNmNUttOGZZVk51Y0VUNlNMRnFkWjZtd2cyVXAvWUtXelpqK1QiLCJtYWMiOiIwOGNhNDI0ZTYzNGQwMjVmMDUwZThkYTE2ZjU5NjkwMzFiMDQ2Y2I2NGQ0ZjFkNzMyYzU4YjViZjYwMmM0MTQ0In0%3D; speedyshare_session=eyJpdiI6IlB6ZnVIMHJxTFRkS1NYMzR6UWZlQ3c9PSIsInZhbHVlIjoiZ2NDaVZxRlN6TnR1OUZ1RGJwZldjc1JGVFNNaXR3TzZQQlE0QkVKdmYrRFl6aVM1MWlXcldvZ3EvNWwxcVVJWjVJQkFkR1J5Zkh1Q2hGeElSZUJWeUNhZEppajlIQloxN0N0cXVUS0l1YVp1ZzEvU1B2T0FSZExVSUg2ZCtLU3YiLCJtYWMiOiI4MzJmMjMzYTM4OTAwNzYyNWYxOTA1MjQ0YjNmYWM3ZDhlOTI5ODYyODU1NWI2NmQ1MDNlNGUxMWQ0YjgzNmM5In0%3D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/drive/s/D4JeV8KkGxruhE8SaGq72c1UmBBKro
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 07:02:39 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 12 Nov 2020 14:21:50 GMT
Server
cloudflare
ETag
"d73-5b3e9a1fcbb80"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCbjSV3SliyZigAqtFsjeSg9F%2B5YvqqoxOv6sumXp%2FBtkQp1NocFTCL9SeleI2SY44EcsLggtyotP2J7G6uUMqv0qXDUWZfmCWwWRbFTHO0MGnIuQw%2F3ABlyTLv5aLqV4nYFI8IQfv6spIkJigU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
68c6cabd980c4e9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
3443
truncated
/ Frame BD04 		695 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210831&st=env
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08445f804412fee43ebe376da920a0b3a5c5f195cb5ac65e6ea08f5aaafdc548
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 07:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8468
x-xss-protection
0
PowerPointFrame.aspx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		83 KB
85 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
12379a580c88828ce4ba4ae86452a750b5f0be6f25ccaeb486d29a0d3f39df46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
POST
:authority
pnl1-powerpoint.officeapps.live.com
:scheme
https
:path
/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
content-length
14
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://view.officeapps.live.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://view.officeapps.live.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://view.officeapps.live.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://view.officeapps.live.com/

Response headers

cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
expires
-1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1031&data=1031; expires=Fri, 10-Dec-2021 08:02:40 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure
x-correlationid
b8afdbb8-178c-417c-8345-d2fe30603116
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-officefe
AM4PEPF00006965
x-officeversion
16.0.14424.40504
x-officecluster
PNL1
x-content-type-options
nosniff
content-security-policy-report-only
font-src data: c1-powerpoint-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com content.lifecycle.office.net www.microsoft.com *.youtube.com s.ytimg.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com *.officeapps.live.com https:; object-src 'self' *.youtube.com s.ytimg.com https:; child-src blob: * https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /p/reportcsp.ashx
document-policy
js-profiling
x-officefd
AM4PEPF00006965
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-msedge-ref
Ref A: 4F16DEA33AB443E08BDDB437CC2B942C Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:40Z
date
Fri, 10 Sep 2021 07:02:39 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:819::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 07:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 10 Sep 2021 07:02:40 GMT
styleschromeless.css
c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/ Frame B245 		285 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/styleschromeless.css
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:289::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dee875b498ab5a091abe0451bcc9cb2b96435205a31f7aa650b2d837cae427da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
"a2601514be9ed71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
AM4PEPF00007277
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
Content-Length
34770
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
Last-Modified
Tue, 31 Aug 2021 23:15:24 GMT
X-OFFICEFD
AM4PEPF00007277
X-MSEdge-Ref
Ref A: 2A0BD3B0A5CE4BA99B5D06585972FAF3 Ref B: LON21EDGE1116 Ref C: 2021-09-04T20:13:30Z
X-UserSessionId
d99dc3e4-d358-4eed-ae4c-10e0c10a4421
Date
Fri, 10 Sep 2021 07:02:41 GMT
Content-Type
text/css
Access-Control-Allow-Origin
*
X-CorrelationId
d99dc3e4-d358-4eed-ae4c-10e0c10a4421
Accept-Ranges
bytes
Timing-Allow-Origin
*
MicrosoftAjax.js
c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/ Frame B245 		106 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:2bb::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
"6794977919ed71:0"
X-OfficeCluster
GEU3C
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
DU2PEPF000082E0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
Content-Length
23714
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
Last-Modified
Tue, 31 Aug 2021 17:56:03 GMT
X-OFFICEFD
DU2PEPF000082D6
X-MSEdge-Ref
Ref A: 61EC99EB9AC44274B2150AC27FB0E189 Ref B: LON21EDGE0720 Ref C: 2021-09-10T06:14:36Z
X-UserSessionId
6b9629b9-2979-4a1a-ad7d-394c732b504e
Date
Fri, 10 Sep 2021 07:02:41 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
6b9629b9-2979-4a1a-ad7d-394c732b504e
Accept-Ranges
bytes
Timing-Allow-Origin
*
powerpointintl.js
c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/1031/ Frame B245 		259 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/1031/powerpointintl.js
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:289::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7a3e860a1e6b181c2f36d76e0023221f89264c33cc266b6261bd28d8572197d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
W/"e5338f8939ed71:0"
X-OfficeCluster
PUS4
X-OfficeVersion
16.0.14419.40504
X-OfficeFE
BL6PEPF00007429
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
56576
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified
Tue, 31 Aug 2021 18:13:58 GMT
X-OFFICEFD
BL6PEPF00007429
X-MSEdge-Ref
Ref A: 2A4806775FE84E6A8B1F8549CF44B828 Ref B: LON21EDGE0811 Ref C: 2021-08-31T18:13:58Z
X-UserSessionId
ff0889d4-88fa-4296-a3c5-269d4111def0
Date
Fri, 10 Sep 2021 07:02:41 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
ff0889d4-88fa-4296-a3c5-269d4111def0
Accept-Ranges
bytes
Timing-Allow-Origin
*
BootView.js
c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/ Frame B245 		2 MB
456 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:289::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bfa951c118160b44e0b1b84a2f7ce669f3b008d8472d93c140e6aa7460e68a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"8062b281769ed71:0"
X-OfficeCluster
PIE1
X-OfficeVersion
16.0.14419.40504
X-OfficeFE
DB5PEPF0000832D
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
465966
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified
Tue, 31 Aug 2021 14:43:05 GMT
X-OFFICEFD
DB5PEPF0000832D
X-MSEdge-Ref
Ref A: 462F7CF73E474C5FB9EB0221940D7024 Ref B: LON21EDGE1120 Ref C: 2021-08-31T14:43:05Z
X-UserSessionId
6e0a252c-6b63-43f2-88a2-d40d260afe31
Date
Fri, 10 Sep 2021 07:02:41 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
6e0a252c-6b63-43f2-88a2-d40d260afe31
Accept-Ranges
bytes
Timing-Allow-Origin
*
progress.gif
c1-officeapps-15.cdn.office.net/p/s/161442440504_resources/1031/ Frame B245 		695 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1-officeapps-15.cdn.office.net/p/s/161442440504_resources/1031/progress.gif
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:2bb::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"7b29db2ca99ed71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
AM4PEPF00006963
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
695
Cache-Control
public,max-age=31536000
X-MSEdge-Features
tasmigration015,typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified
Tue, 31 Aug 2021 20:45:46 GMT
X-OFFICEFD
AM4PEPF000068A6
X-MSEdge-Ref
Ref A: 3F2DDA183A1342699AF332CF0382DAE7 Ref B: LON21EDGE0613 Ref C: 2021-08-31T20:48:29Z
X-UserSessionId
76505686-622a-45d3-a1ec-4ca5f474d7b4
Date
Fri, 10 Sep 2021 07:02:41 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-CorrelationId
76505686-622a-45d3-a1ec-4ca5f474d7b4
Accept-Ranges
bytes
Timing-Allow-Origin
*
prt.png
c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptResources/1031/ Frame B245 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptResources/1031/prt.png
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:289::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"5641bf8939ed71:0"
X-OfficeCluster
PIE1
X-OfficeVersion
16.0.14419.40504
X-OfficeFE
DB5PEPF0000832B
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
Content-Length
13611
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
Last-Modified
Tue, 31 Aug 2021 18:13:58 GMT
X-OFFICEFD
DB5PEPF0000832B
X-MSEdge-Ref
Ref A: 1313BAA20CFA4DE999795E25F7503590 Ref B: LON21EDGE0807 Ref C: 2021-08-31T18:13:58Z
X-UserSessionId
cc7be94e-756a-40ba-a69a-39f3da258cf8
Date
Fri, 10 Sep 2021 07:02:41 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
cc7be94e-756a-40ba-a69a-39f3da258cf8
Accept-Ranges
bytes
Timing-Allow-Origin
*
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		0
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14424.40504&waccluster=PNL1
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
X-UserSessionId
b8afdbb8-178c-417c-8345-d2fe30603116
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-BrowserUlsBeacon
[{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006965
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
eb382c3b-3efa-4349-8347-d54f11c483df
x-officefd
AM4PEPF00006965
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:39 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 3C07948F89614C1F84DDE7B95DC3BDF2 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:40Z
timing-allow-origin
*
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A146 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:819::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://speedyshare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Wed, 08 Sep 2021 04:26:06 GMT
expires
Thu, 08 Sep 2022 04:26:06 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
182194
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3170 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0e8b592575574b1223c485ef4a4b2f0caf9e3c67a69f8ff3c250fb672f0a0a5a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7ccOvKDFUjMW69v6ELCi0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://speedyshare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 10 Sep 2021 07:02:41 GMT
date
Fri, 10 Sep 2021 07:02:41 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-7ccOvKDFUjMW69v6ELCi0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
pagead2.googlesyndication.com/bg/ Frame A146 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 19:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
300542
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13264
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 12:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 19:33:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3170 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210831&jk=4146189975073038&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14424.40504&waccluster=PNL1
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
X-UserSessionId
b8afdbb8-178c-417c-8345-d2fe30603116
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-BrowserUlsBeacon
[{"Index":1,"MsSinceStart":239,"Value":"https://c1-officeapps-15.cdn.office.net:443/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006023
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
c9da9d77-33a3-4e02-b0cc-d145a72cdf34
x-officefd
AM4PEPF00006023
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:40 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 70F6154E71B84706A560799C293747F3 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:41Z
timing-allow-origin
*
gen_204
pagead2.googlesyndication.com/pagead/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210831&jk=4146189975073038&bg=!ZWalZiLNAAYJpm41CaY7ACkAdvg8Wg-4481ZbL4Y3diV3KTkcz4vSquSbzNu6fxGwe5bA-AzqV8xUgIAAAC8UgAAAA1oAQcKAKnjQE9VeBDgFwdiDxuq6KUEK1W98l7dt36L1jjPVyYZzvC6MpBoKzqaLHTMnwkKlbXyC8XmPOC0DsRDZsW535BYij0-j-HpP5CvzfLLR4_hsSEVwEOxKuHuTHdYDpip77glG1dbZUshrWfdcIyJolTLub168SJbwhgpTClICYNs7UT9vbCjVfsQYZHyBlov0s0ikvpV-rlGlKdYESc5PzvwBEkGfiOxGJIamQKCRUcrnkwyDLmfqrtc54CO771k75MsLva07MCAExHedf1slyf_LY5VITWVfqDvI_21hJujPcVByS3Y4fDE0L21DmsoCW8GgSF2BQbt_dMsf15sKA3EJdff0iij29zXXLAa2ODXscAD3bflIG_zQdv5wCqYHBCEOutT39cbBD8Bxjm8YU3k_4gvPRdcwuHCbmXgcY6x3MvMuXTFZlbPO_NK2MEnlfbDO7PLAi8LRJ4h2ZwHsFiS9tcjorOZt5y0Q-Kg_LD4L4VnJonms8ZeT_wpisgrC-rZ554zh69h_BsQpEzyEfWyWk-SvtyBuB1yiZfr7-ncGI7v-Z4GWEOri9ikqGOSeJWLJUc1KFkxuiQ2KaIyRd-54wgezaTIRuJTPmD4Vx63znZoALlNvbHxPnE0dhlUYKIvu09bzF4TbJTUk8mXFg8qAK54LSjYdwZtM0-dAZWkzsCoOBHXfXUzP3FqcD5D_1Ssoak7zcBZVJPvGedHcjI92yD_cQ8udcS_281F5bsLZTGfl3XstAJtVeYkNzpsIwqaRbKTNuVD10wUojzBCCbZIEERx6-bItfCsUjx36xCWsY7hJzbMTE110TtCXaijgiYQtbyE7q2wFo7mN9KaHfr6XzA205XuYqAijV8O2blGFu35T_mZU7h7fuSfZUCBL-GfH9CpMDukdk7SBFTy_OomchMxTyQGQ8hJm54PHW9qSYvnoT15FWPi-JyR2M4BUz3DBsIKko5Xzcy9BXpM90v8l5l9wb4NZYlb6Uc46YvUgFdSrHQnA4u-ASCFwVh17FbJL8XKNuwIvjNipSqlN5QFhRP_IbhtIeWkBhGwgFpwx6jpVpP9CnB24lf3vfu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 07:02:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		0
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14424.40504&waccluster=PNL1
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
X-UserSessionId
b8afdbb8-178c-417c-8345-d2fe30603116
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-BrowserUlsBeacon
[{"Index":2,"MsSinceStart":511,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F87
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
e505912f-00dc-4df2-bb74-ebbde82bbd64
x-officefd
AM4PEPF00006F87
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:40 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 67706D8661244E81AE09FB946532399D Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:41Z
timing-allow-origin
*
RemoteTelemetry.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteTelemetry.ashx
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
AM4PEPF00006F87
x-officeversion
16.0.14424.40504
x-cache
CONFIG_NOCACHE
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
7a760564-becc-4c5e-938a-405e01db5619
x-officecluster
PNL1
x-usersessionid
7a760564-becc-4c5e-938a-405e01db5619
date
Fri, 10 Sep 2021 07:02:40 GMT
x-download-options
noopen
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
cache-control
private
x-msedge-ref
Ref A: 179BB7D56B6F4C789C36DE9A940F5CBF Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:41Z
timing-allow-origin
*
x-officefe
AM4PEPF00006F87
segoeui.woff
c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/ Frame B245 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/segoeui.woff
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/styleschromeless.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:289::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/styleschromeless.css
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-OFFICEFD
DB5PEPF0000832D
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
DB5PEPF0000832D
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
1245
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
X-CorrelationId
010c7772-214d-4c97-bfb1-855957bb60e8
X-OfficeCluster
PIE1
X-UserSessionId
010c7772-214d-4c97-bfb1-855957bb60e8
Date
Fri, 10 Sep 2021 07:02:41 GMT
Content-Type
text/html
Access-Control-Allow-Origin
*
X-MSEdge-Ref
Ref A: E6AFB2FEBD1442D0BD6B4F5689D3E03E Ref B: LON21EDGE0506 Ref C: 2021-09-10T07:02:41Z
Timing-Allow-Origin
*
GetPresentationWithSlideById
pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame B245 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetPresentationWithSlideById
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89216ab2affad9e9d0cab89b70420aea4e7e8f6ff5a7daab708d5b6167d05cb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-AccessToken
1
X-UserSessionId
b8afdbb8-178c-417c-8345-d2fe30603116
Accept-Language
de-DE,de;q=0.9
X-OfficeVersion
16.0.14424.40504
X-Key
CmaPOJtuCem7FUhYj/Q+dzUAS10wwpjFi8qSgbX1QHI=,637668541600472308
Content-Type
application/json; charset=UTF-8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-AccessTokenTtl
0
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF0000726A
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4
content-length
1814
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wordslice_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4
x-correlationid
616be9bd-59f4-41c6-b1a9-5c099fe6c8cc
x-officefd
AM4PEPF0000726A
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:40 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store
x-msedge-ref
Ref A: 12A478EFE24D439EAC5B6B39856D2D3B Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:41Z
timing-allow-origin
*
expires
-1
73c62e61-4a51-4cdf-8b39-9ebb60912483
https://pnl1-powerpoint.officeapps.live.com/ Frame B245 		224 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://pnl1-powerpoint.officeapps.live.com/73c62e61-4a51-4cdf-8b39-9ebb60912483
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8839a0b7ed21aeb6fe4d005e25b889f06864058b2359076672e2b825dba0d349

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
224
Content-Type
application/javascript
wl.ms.js
js.live.net/v5.0/ Frame B245 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.live.net/v5.0/wl.ms.js
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
23.72.19.83 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-19-83.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 07:02:41 GMT
X-MSNServer
RD0003FF1D5DC4
Last-Modified
Fri, 10 Jul 2020 18:30:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0b3b92be856d61:0"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86154, public
X-ODWebServer
westeurope0-odwebp
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
16199
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=M18D%5FBG%5F1132x849%2Ejpg&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-officefd
AM4PEPF00006965
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006965
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4
x-correlationid
ca7ba4db-a837-43f0-b108-2ab0fd0499d0
x-officecluster
PNL1
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:40 GMT
cache-control
private
x-msedge-ref
Ref A: EB51A7C7C4C54310A0CA96CADA0BB41B Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:41Z
timing-allow-origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=M18D%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-officefd
AM4PEPF00006965
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006965
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
8c5342f9-d3f9-47f1-b164-787c5b14c618
x-officecluster
PNL1
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:40 GMT
cache-control
private
x-msedge-ref
Ref A: 2F04C4041D654407941F84551A4D0221 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:41Z
timing-allow-origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=M18D%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1c44f0da3c55a5d34168a7feb0bfbfe0b4fc4fc89a250ead9bc4509e844f7cd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F87
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4_control
content-length
23097
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cM18D_2_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4_control
x-correlationid
d288bb10-1889-4c55-929a-49356d230c3a
x-officefd
AM4PEPF00006F87
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:40 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 0A4363EA7B974CBBB1D6312CFD36F798 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:41Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:41 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=S0%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-officefd
AM4PEPF00006023
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006023
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
be215fab-ef75-416a-82be-eb91c435d874
x-officecluster
PNL1
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:40 GMT
cache-control
private
x-msedge-ref
Ref A: 5A33BB65DE9C42B6A0006EB9628CFBC0 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:41Z
timing-allow-origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		0
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=S0%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-officefd
AM4PEPF00006F87
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F87
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
037a33de-b171-41d3-b927-fd89e8178776
x-officecluster
PNL1
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:40 GMT
cache-control
private
x-msedge-ref
Ref A: ECB4476510C0479CA97DB8C41B5F445B Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:41Z
timing-allow-origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=M18D%5F1%5F1132x849%2Epng&waccluster=PNL1&try=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
85a51339f21664c2535afd7c55c91fff1495b4f03e289b10a5bb68f2f287f7ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF0000726A
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
3554
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cM18D_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid
06618f37-398a-4302-b1d2-67b263057c72
x-officefd
AM4PEPF0000726A
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:40 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: F620D13D29D049C7B9C599A5B246C959 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:41Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:41 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=M18D%5FBG%5F1132x849%2Ejpg&waccluster=PNL1&try=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
29d50b182a7b1b5d9ab9e3c119bc139eeacfc4583bce8192085bbaaae87e757c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F87
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
17931
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cM18D_BG_1132x849.jpg
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
2e8db451-153e-43bd-ba1f-32debbb1e2a5
x-officefd
AM4PEPF00006F87
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:40 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: EA5DE7A71B6E4CD3B7FD75C8EEAD8FC6 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:41Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:41 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=S0%5F2%5F1132x849%2Epng&waccluster=PNL1&try=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c66ae949601f26e0fed94befcee09970af43ca1b2840d0c802feecfe14a5457e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006965
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
42898
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cS0_2_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_powerpointslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
b9a98f3e-b531-4630-a22d-1712d42ed0c6
x-officefd
AM4PEPF00006965
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:40 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: D1B9DE07F43147F88BB7175EF1976258 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:41Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:41 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=S0%5F1%5F1132x849%2Epng&waccluster=PNL1&try=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b2976359cdbdc79e525ae77dd7044221668144e196ea3ad5b0dcdb47372df62a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006965
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
33489
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cS0_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
acf19d68-d836-45c6-9a6b-5590761a6619
x-officefd
AM4PEPF00006965
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:40 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 08BF8D4BF72E496DA636924E79B73D6A Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:41Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:41 GMT
segoeui.ttf
c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/ Frame B245 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/segoeui.ttf
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/styleschromeless.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:289::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/styleschromeless.css
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-OFFICEFD
DB5PEPF0000832A
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
DB5PEPF0000832A
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
Content-Length
1245
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
X-CorrelationId
df1dafc3-3105-44cd-8eca-583e1138d51a
X-OfficeCluster
PIE1
X-UserSessionId
df1dafc3-3105-44cd-8eca-583e1138d51a
Date
Fri, 10 Sep 2021 07:02:42 GMT
Content-Type
text/html
Access-Control-Allow-Origin
*
X-MSEdge-Ref
Ref A: FC66AD3F2BCE488F8C7A4F3F9811CD0B Ref B: LON21EDGE0413 Ref C: 2021-09-10T07:02:41Z
Timing-Allow-Origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=M18D%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1c44f0da3c55a5d34168a7feb0bfbfe0b4fc4fc89a250ead9bc4509e844f7cd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F87
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
23097
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cM18D_2_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
3aa0be83-6add-4d12-8c09-51b4e1e94ad2
x-officefd
AM4PEPF00006F87
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: CE350121D0A0415AB6CB4BE3BC32DCE9 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:42 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=M18D%5F1%5F1132x849%2Epng&waccluster=PNL1&try=1
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
85a51339f21664c2535afd7c55c91fff1495b4f03e289b10a5bb68f2f287f7ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006023
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
3554
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cM18D_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid
91e8868c-c72e-4ab9-80ad-96ceec9e401a
x-officefd
AM4PEPF00006023
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: A49DE858BB38495FBA3B254318A6AB07 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:42 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=S0%5F1%5F1132x849%2Epng&waccluster=PNL1&try=1
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b2976359cdbdc79e525ae77dd7044221668144e196ea3ad5b0dcdb47372df62a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F87
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
33489
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cS0_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
3e4c2045-171c-4d41-b34c-3f242d0d5e56
x-officefd
AM4PEPF00006F87
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 59CC92ED0A6043FA9B9C0B4AAEB4A3C6 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:42 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=S0%5F2%5F1132x849%2Epng&waccluster=PNL1&try=1
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c66ae949601f26e0fed94befcee09970af43ca1b2840d0c802feecfe14a5457e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF0000726A
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length
42898
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cS0_2_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice_control,afd_pptcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid
fc4f5cfc-f818-43ba-bcb2-754a4e01c7b6
x-officefd
AM4PEPF0000726A
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: E52A799F83854439ABACF7EFA6B4FCFA Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:42 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=M18D%5FBG%5F1132x849%2Ejpg&waccluster=PNL1&try=1
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
29d50b182a7b1b5d9ab9e3c119bc139eeacfc4583bce8192085bbaaae87e757c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006965
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
17931
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cM18D_BG_1132x849.jpg
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
b3b3c568-f57b-4aa0-8307-93fb084efa1b
x-officefd
AM4PEPF00006965
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: 5BC7876991024ED1A308573F916E9BBF Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:42 GMT
reader.calypso.js
c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/ Frame B245 		331 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/reader.calypso.js
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:289::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c50293e2ebb87c4e3da5f1230118a18ab9dd4eabfac4a103369d52f73dfc63df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
W/"60ef59b7779ed71:0"
X-OfficeCluster
PIE1
X-OfficeVersion
16.0.14419.40504
X-OfficeFE
DB5PEPF0000649D
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
Content-Length
68749
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
Last-Modified
Tue, 31 Aug 2021 14:51:44 GMT
X-OFFICEFD
DB5PEPF0000649D
X-MSEdge-Ref
Ref A: D9F986F341AD427898E37EC18765D0B2 Ref B: LON21EDGE0807 Ref C: 2021-08-31T14:51:44Z
X-UserSessionId
934981f0-de02-44a7-845f-b2915db68f55
Date
Fri, 10 Sep 2021 07:02:42 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
934981f0-de02-44a7-845f-b2915db68f55
Accept-Ranges
bytes
Timing-Allow-Origin
*
wacairspaceanimationlibrary.js
c1-officeapps-15.cdn.office.net/p/s/h234CAE682920AB63_App_Scripts/ Frame B245 		40 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-officeapps-15.cdn.office.net/p/s/h234CAE682920AB63_App_Scripts/wacairspaceanimationlibrary.js
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:2bb::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
"1459aa9919ed71:0"
X-OfficeCluster
GEU4C
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
DU2PEPF000082FE
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4
Content-Length
5997
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4
Last-Modified
Tue, 31 Aug 2021 17:57:28 GMT
X-OFFICEFD
DU2PEPF00009244
X-MSEdge-Ref
Ref A: CCBAED3026FE41078F69292EAB6D80BE Ref B: LON21EDGE0417 Ref C: 2021-09-08T17:37:33Z
X-UserSessionId
a709f135-19cb-4083-b434-5bf92802a2d6
Date
Fri, 10 Sep 2021 07:02:42 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
a709f135-19cb-4083-b434-5bf92802a2d6
Accept-Ranges
bytes
Timing-Allow-Origin
*
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		0
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14424.40504&waccluster=PNL1
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
X-UserSessionId
b8afdbb8-178c-417c-8345-d2fe30603116
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-BrowserUlsBeacon
[{"Index":3,"MsSinceStart":1215,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F87
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid
051e6318-6f62-406d-9379-4f29a9702544
x-officefd
AM4PEPF00006F87
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: FF9C2A0F82124FF6A58C02135F0B462C Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
GetSlide
pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame B245 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d2e12857aa688c68974a2734c5b95bfa7e5445c49b7f97500e7da8b5b07b293b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-AccessToken
1
X-UserSessionId
b8afdbb8-178c-417c-8345-d2fe30603116
Accept-Language
de-DE,de;q=0.9
X-OfficeVersion
16.0.14424.40504
X-Key
CmaPOJtuCem7FUhYj/Q+dzUAS10wwpjFi8qSgbX1QHI=,637668541600472308
Content-Type
application/json; charset=UTF-8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-AccessTokenTtl
0
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006965
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4
content-length
1876
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4
x-correlationid
1245e40d-2d65-464e-b6c7-c89c7ffc7819
x-officefd
AM4PEPF00006965
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store
x-msedge-ref
Ref A: E09BFDA0FB3C4284A698576AE71095EF Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
-1
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		0
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14424.40504&waccluster=PNL1
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-AccessToken
1
X-UserSessionId
b8afdbb8-178c-417c-8345-d2fe30603116
Accept-Language
de-DE,de;q=0.9
X-OfficeVersion
16.0.14424.40504
X-Key
CmaPOJtuCem7FUhYj/Q+dzUAS10wwpjFi8qSgbX1QHI=,637668541600472308
X-bULS-SuppressionETag
5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
X-xhr
1
X-AccessTokenTtl
0
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F87
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid
de7dc0f3-a5aa-4c06-acc3-76937e12cb85
x-officefd
AM4PEPF00006F87
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: B0DAF59CDC3F4D288C4F6635C17A9F3B Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
otelFull.min.js
c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/ Frame B245 		103 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/otelFull.min.js
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:289::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0
Resource Hash
36da7c3931e03ae21506b0e7a9a26573e414d4ca7bb659c7c6c8a421a79efb6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
W/"4dd665b7779ed71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14419.40504
X-OfficeFE
AM4PEPF00007277
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
28386
Cache-Control
public,max-age=31536000
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 31 Aug 2021 14:51:44 GMT
X-OFFICEFD
AM4PEPF0000696B
X-UserSessionId
fa7bf4b1-a86d-4b60-a63d-a8ab69797937
X-Powered-By
ARR/3.0
Date
Fri, 10 Sep 2021 07:02:42 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
fa7bf4b1-a86d-4b60-a63d-a8ab69797937
Accept-Ranges
bytes
Timing-Allow-Origin
*
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		0
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14424.40504&waccluster=PNL1
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
X-UserSessionId
b8afdbb8-178c-417c-8345-d2fe30603116
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-BrowserUlsBeacon
[{"Index":4,"MsSinceStart":1216,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006965
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
5ebeeb9c-2507-48c6-a722-7aac5df3d038
x-officefd
AM4PEPF00006965
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: C030AD44036A471E9C468513B2AA0F04 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
prt.png
c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptResources/1031/ Frame B245 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptResources/1031/prt.png
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/reader.calypso.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:289::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"5641bf8939ed71:0"
X-OfficeCluster
PIE1
X-OfficeVersion
16.0.14419.40504
X-OfficeFE
DB5PEPF0000832B
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
Content-Length
13611
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
Last-Modified
Tue, 31 Aug 2021 18:13:58 GMT
X-OFFICEFD
DB5PEPF0000832B
X-MSEdge-Ref
Ref A: 1313BAA20CFA4DE999795E25F7503590 Ref B: LON21EDGE0807 Ref C: 2021-08-31T18:13:58Z
X-UserSessionId
cc7be94e-756a-40ba-a69a-39f3da258cf8
Date
Fri, 10 Sep 2021 07:02:42 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
cc7be94e-756a-40ba-a69a-39f3da258cf8
Accept-Ranges
bytes
Timing-Allow-Origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=M18C%5FBG%5F1132x849%2Ejpg&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b085127a669adedc8b76dd1861ea6f7e1a98a72cfdd9a29ac3551a4adeb06689
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F87
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
57252
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cM18C_BG_1132x849.jpg
x-cache
CONFIG_NOCACHE
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
439dc448-4ab8-41ba-977d-f0b9193499e1
x-officefd
AM4PEPF00006F87
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: 7F5493310222480B915DD00EBDEAF379 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:42 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=M190%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
85a51339f21664c2535afd7c55c91fff1495b4f03e289b10a5bb68f2f287f7ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006023
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
3554
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cM190_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
fe007528-3535-435f-afc6-297c4ef969be
x-officefd
AM4PEPF00006023
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: E98D0C107E064724844F6354742157B2 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:42 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=M190%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
096d6273322ae2980d1bd01942d3926e68e4ac5aa651e407bd84f4b4a17bbd32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F87
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
22853
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cM190_2_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
f794b09b-b551-4d63-a52e-5057cdf3589e
x-officefd
AM4PEPF00006F87
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 6D80B104E8974084A350945985420A1B Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:42 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=S2%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7fa9cb9f5f52ef6b8b5d69fa80b26f1a49acd636d36bdc073136a808486a7088
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF0000726A
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4
content-length
36879
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cS2_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4
x-correlationid
46723655-bb5e-497c-ad88-442a0565e044
x-officefd
AM4PEPF0000726A
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 35C2C07ED4924593A4F63EDBEF325704 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:42 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		176 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=S2%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c67779d3ae4d0880637322eba37de2e33a805a6c5f5edb7bd825292b88860756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F87
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length
179952
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cS2_2_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid
0d942b45-2443-4c07-be2b-b155532762a8
x-officefd
AM4PEPF00006F87
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 4593EC7A97324062B58C746507F3D32B Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:42 GMT
ping
browser.events.data.microsoft.com/ Frame B245 		4 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/ping
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/otelFull.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.11 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 07:02:43 GMT
Server
Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://pnl1-powerpoint.officeapps.live.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Content-Length
4
GetSlide
pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame B245 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73ea7d3475244987870fef90e7607587fb97d1d310189356bd8c3568b932cea2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-AccessToken
1
X-UserSessionId
b8afdbb8-178c-417c-8345-d2fe30603116
Accept-Language
de-DE,de;q=0.9
X-OfficeVersion
16.0.14424.40504
X-Key
CmaPOJtuCem7FUhYj/Q+dzUAS10wwpjFi8qSgbX1QHI=,637668541600472308
Content-Type
application/json; charset=UTF-8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-AccessTokenTtl
0
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006965
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
1766
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid
91c4cb31-194a-40f8-b5d0-bf1562460aab
x-officefd
AM4PEPF00006965
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store
x-msedge-ref
Ref A: 50CFEF5DFF144BE8AAA8890E39F01233 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
-1
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=M18E%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
85a51339f21664c2535afd7c55c91fff1495b4f03e289b10a5bb68f2f287f7ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006023
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
3554
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cM18E_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
5e915839-b333-4e13-9fa4-23abd2c46b07
x-officefd
AM4PEPF00006023
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 7AC36D18887D47AEA90E43600560D17E Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:42 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=M18E%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
096d6273322ae2980d1bd01942d3926e68e4ac5aa651e407bd84f4b4a17bbd32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006965
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length
22853
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cM18E_2_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid
6ec54939-b913-4814-8454-e94304e21b18
x-officefd
AM4PEPF00006965
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: F9204A499EEF4777B1FBC0EB473AB187 Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:42 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=S1%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1c27395f70dbd19665e3c111e52d839ee86a4d4eff6ce868f750c235bac7a768
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF0000726A
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
3957
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cS1_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid
5bc1cc4e-5899-42c7-b14f-21758ef22f76
x-officefd
AM4PEPF0000726A
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: FC41CF512E6341798FEFCA718272467E Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:42 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame B245 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9c&usid=b8afdbb8%2D178c%2D417c%2D8345%2Dd2fe30603116&Rid=S1%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e89bf1a20bf9f7cbcaefcf66b36ec997c19f2e27405f3445f5884b6c88005b1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token_ttl=0&hid=82e1ad16-d623-472c-999b-e80960819e57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F87
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
50014
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50474%253Fshareable%255Flink%253D33388&access_token=1&access_token_ttl=0&z=ccb0e9aa600e8ad00f1183e755146ec309ec43a51ad1a62b4617761795a1cd9cS1_2_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
de402d06-f428-4876-bcd1-aeee71bc427b
x-officefd
AM4PEPF00006F87
x-usersessionid
b8afdbb8-178c-417c-8345-d2fe30603116
date
Fri, 10 Sep 2021 07:02:41 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 0947B4CDECDC4A32A40FBE760C0ED7CA Ref B: AM3EDGE0312 Ref C: 2021-09-10T07:02:42Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 07:02:42 GMT

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect boolean| originAgentCluster string| bootstrapData string| GoogleAnalyticsObject function| ga object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched function| Hammer object| Prism object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__orientationchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| google_js_reporting_queue number| google_srt object| __zone_symbol__loadfalse object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| __zone_symbol__messagefalse boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| __zone_symbol__focusfalse object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure object| __zone_symbol__unloadfalse function| google_osd_amcb object| GoogleGcLKhOms function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

11 Cookies

Domain/Path Name / Value
speedyshare.com/ Name: theme
Value: dark
.speedyshare.com/ Name: _ga
Value: GA1.2.2121236439.1631257359
.speedyshare.com/ Name: _gid
Value: GA1.2.1738454305.1631257359
.speedyshare.com/ Name: _gat
Value: 1
speedyshare.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImJPaEEvRTJ2VmljWFlhdjhyQXpNNmc9PSIsInZhbHVlIjoiUkhMV3puc1liRm9iZE96V2NOdVZNaE83YTZrd2hyWU9oWFhUclRXa1NsY25YYkFnbG1PRCtkMjlqcEdYczZMaXBIbmxXUkNLRjBGSi82RCtBRzJYY3FONmhVSnNmNUttOGZZVk51Y0VUNlNMRnFkWjZtd2cyVXAvWUtXelpqK1QiLCJtYWMiOiIwOGNhNDI0ZTYzNGQwMjVmMDUwZThkYTE2ZjU5NjkwMzFiMDQ2Y2I2NGQ0ZjFkNzMyYzU4YjViZjYwMmM0MTQ0In0%3D
speedyshare.com/ Name: speedyshare_session
Value: eyJpdiI6IlB6ZnVIMHJxTFRkS1NYMzR6UWZlQ3c9PSIsInZhbHVlIjoiZ2NDaVZxRlN6TnR1OUZ1RGJwZldjc1JGVFNNaXR3TzZQQlE0QkVKdmYrRFl6aVM1MWlXcldvZ3EvNWwxcVVJWjVJQkFkR1J5Zkh1Q2hGeElSZUJWeUNhZEppajlIQloxN0N0cXVUS0l1YVp1ZzEvU1B2T0FSZExVSUg2ZCtLU3YiLCJtYWMiOiI4MzJmMjMzYTM4OTAwNzYyNWYxOTA1MjQ0YjNmYWM3ZDhlOTI5ODYyODU1NWI2NmQ1MDNlNGUxMWQ0YjgzNmM5In0%3D
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.speedyshare.com/ Name: __gads
Value: ID=5c798faaadc584aa-226995dcecca009b:T=1631257358:RT=1631257358:S=ALNI_MavdD0DpzaiBvU89MqRtpYezcZVuA
.view.officeapps.live.com/ Name: PNL1-ARRAffinity
Value: 609ced3a904481487f5cc6fa5dd14a1277133a8c1cfe1dc9745754ff56300767
pnl1-powerpoint.officeapps.live.com/ Name: DcLcid
Value: ui=1031&data=1031
pnl1-powerpoint.officeapps.live.com/ Name: BIGipCookie
Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

2 Console Messages

Source Level URL
Text
network error URL: https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/segoeui.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/segoeui.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
browser.events.data.microsoft.com
c1-officeapps-15.cdn.office.net
c1-powerpoint-15.cdn.office.net
fonts.googleapis.com
fonts.gstatic.com
freegeoip.app
googleads.g.doubleclick.net
js.live.net
pagead2.googlesyndication.com
partner.googleadservices.com
pnl1-powerpoint.officeapps.live.com
speedyshare.com
tpc.googlesyndication.com
view.officeapps.live.com
www.google-analytics.com
www.google.com
www.googletagservices.com
20.189.173.11
216.58.214.162
23.72.19.83
2606:4700:3036::6815:13c8
2606:4700:3036::ac43:b7df
2620:1ec:a92::171
2a00:1450:4007:806::2004
2a00:1450:4007:808::2002
2a00:1450:4007:80b::2002
2a00:1450:4007:810::2002
2a00:1450:4007:812::2003
2a00:1450:4007:813::2002
2a00:1450:4007:817::200a
2a00:1450:4007:818::2002
2a00:1450:4007:819::2001
2a00:1450:4007:819::200e
2a02:26f0:ec:289::4b36
2a02:26f0:ec:2bb::4b36
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01fbbb934342964bf4725afbfcb9c9be37fedb54237432a45717d41a1f1d9475
06b0c7dc582005d1f7507490da3c57d873a7b0c706b4e8fdb0ee07484f8971c7
08445f804412fee43ebe376da920a0b3a5c5f195cb5ac65e6ea08f5aaafdc548
096d6273322ae2980d1bd01942d3926e68e4ac5aa651e407bd84f4b4a17bbd32
0e8b592575574b1223c485ef4a4b2f0caf9e3c67a69f8ff3c250fb672f0a0a5a
12379a580c88828ce4ba4ae86452a750b5f0be6f25ccaeb486d29a0d3f39df46
1c27395f70dbd19665e3c111e52d839ee86a4d4eff6ce868f750c235bac7a768
1c44f0da3c55a5d34168a7feb0bfbfe0b4fc4fc89a250ead9bc4509e844f7cd9
1ed321a25a5100de9b889259a32f457ac6e6987bcb3c0a1921f4295ac9858e53
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
2865547d7ebee7044283d469b95f447f5cde6fb7455a4ea665d12ca10c7adb3c
29d50b182a7b1b5d9ab9e3c119bc139eeacfc4583bce8192085bbaaae87e757c
33b6505c289d57802a0ac8ef3be7193985853a2f34813011fb68f0d341281e72
36da7c3931e03ae21506b0e7a9a26573e414d4ca7bb659c7c6c8a421a79efb6c
4b70365b09badf5fceb9effc21b9cca9d19e08b0045fc0ebcaf5765293b2518d
4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
712b9ed53864ed16b5e81f7d6d90569a6e1d5c58fdeb88a4756f70bc0e79b0fe
73ea7d3475244987870fef90e7607587fb97d1d310189356bd8c3568b932cea2
7a3e860a1e6b181c2f36d76e0023221f89264c33cc266b6261bd28d8572197d0
7fa9cb9f5f52ef6b8b5d69fa80b26f1a49acd636d36bdc073136a808486a7088
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a51339f21664c2535afd7c55c91fff1495b4f03e289b10a5bb68f2f287f7ad
8839a0b7ed21aeb6fe4d005e25b889f06864058b2359076672e2b825dba0d349
89216ab2affad9e9d0cab89b70420aea4e7e8f6ff5a7daab708d5b6167d05cb2
974a05a2c6331bff6ee67a441283ad0dcd9cdf25b84ac700fb351abfa1ddc49f
989567004f6e207c2fa550e55b4bca1c7d0b5be92b92f6d7bc67a8579e154244
9d97afe5111d65582151593e4ee9f5d926b4797475f45b16efecca7d2c27cd2a
9fd307b5982d3254d9f60f7ce04d8fe154cf6195c3ceb519d558801df29ac31f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b085127a669adedc8b76dd1861ea6f7e1a98a72cfdd9a29ac3551a4adeb06689
b2976359cdbdc79e525ae77dd7044221668144e196ea3ad5b0dcdb47372df62a
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
bfa951c118160b44e0b1b84a2f7ce669f3b008d8472d93c140e6aa7460e68a36
c3a8de2e7d7f5cbf7b45ead02f4171abd27e613433767791f50175ed7f0579f9
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c50293e2ebb87c4e3da5f1230118a18ab9dd4eabfac4a103369d52f73dfc63df
c66ae949601f26e0fed94befcee09970af43ca1b2840d0c802feecfe14a5457e
c67779d3ae4d0880637322eba37de2e33a805a6c5f5edb7bd825292b88860756
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cedfbfa784fad02997626a083882aa3a2765c5f5909fba298d9e08b01b375de3
d2e12857aa688c68974a2734c5b95bfa7e5445c49b7f97500e7da8b5b07b293b
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
dee875b498ab5a091abe0451bcc9cb2b96435205a31f7aa650b2d837cae427da
e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182
e16ed299b472d3f09c1fecfb67a63c435bfabd6e582f5b4d6703cd7030fc6701
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c
e89bf1a20bf9f7cbcaefcf66b36ec997c19f2e27405f3445f5884b6c88005b1d
eb9384f7a4fbdb141e673788b2b80d39e36b5ba956b176207ff315dfc40a8df0
f123e9ef3f393e0de6b24f9ccab82d4e8ab276319ddee6a1e9349e1eba309287
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62