update.icclksa.com Open in urlscan Pro
173.231.214.55  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

• https://c.live.com/c.gif?DI=15347&wlxid=cb3e27c3-40b2-4e75-8196-1c7ef43e727d&reqid=0010a8d81cf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D998D4A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1376%26IR%3D1%26EX%3D0%26L.h%3D757%26L.sjs%3D890%26L.ttg%3D757%26C.st%3D1655986498993%26N.domIn%3D776%26N.dns%3D161%26N.tcp%3D19%26N.req%3D442%26N.resp%3D4%26N.navType%3D0%26N.redirectCount%3D0&r=0.8997085883393701 HTTP 302
• https://c.bing.com/c.gif?DI=15347&wlxid=cb3e27c3-40b2-4e75-8196-1c7ef43e727d&reqid=0010a8d81cf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D998D4A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1376%26IR%3D1%26EX%3D0%26L.h%3D757%26L.sjs%3D890%26L.ttg%3D757%26C.st%3D1655986498993%26N.domIn%3D776%26N.dns%3D161%26N.tcp%3D19%26N.req%3D442%26N.resp%3D4%26N.navType%3D0%26N.redirectCount%3D0&r=0.8997085883393701&CtsSyncId=B66681B7F01349E185BD2728885A3D94&RedC=c.live.com&MXFR=210290E81C6E6E4906D38124186E6AF0 HTTP 302
• https://c.live.com/c.gif?DI=15347&wlxid=cb3e27c3-40b2-4e75-8196-1c7ef43e727d&reqid=0010a8d81cf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D998D4A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1376%26IR%3D1%26EX%3D0%26L.h%3D757%26L.sjs%3D890%26L.ttg%3D757%26C.st%3D1655986498993%26N.domIn%3D776%26N.dns%3D161%26N.tcp%3D19%26N.req%3D442%26N.resp%3D4%26N.navType%3D0%26N.redirectCount%3D0&r=0.8997085883393701&CtsSyncId=B66681B7F01349E185BD2728885A3D94&MUID=210290E81C6E6E4906D38124186E6AF0

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response update.icclksa.com/	14 KB 15 KB	586ms 188ms	Document text/html	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 4743cab88e761cc853f1bd07ce7dac6f307b65be25709f780e52c9e576b556d7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=utf-8 Date Thu, 23 Jun 2022 12:14:58 GMT Keep-Alive timeout=5, max=100 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	widgetkit-80d44718.css update.icclksa.com/cache/widgetkit/	53 KB 54 KB	93ms 92ms	Stylesheet text/css	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/cache/widgetkit/widgetkit-80d44718.css Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash eae9e8c9c3c0b4275983c2e5e188a20612a4411c201ed23848164f4947ba6473 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:58 GMT Last-Modified Thu, 23 Jun 2022 12:13:26 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 54541
GET H/1.1	200 OK	mootools-core.js Show response update.icclksa.com/media/system/js/	94 KB 94 KB	278ms 93ms	Script application/javascript	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/media/system/js/mootools-core.js Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 6be70110418f9738ca23c6d61d73ce3c0cb01087843c96de5ced119c5ab882c6 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:58 GMT Last-Modified Wed, 10 Dec 2014 12:40:07 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 96362
GET H/1.1	200 OK	core.js Show response update.icclksa.com/media/system/js/	5 KB 5 KB	280ms 92ms	Script application/javascript	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/media/system/js/core.js Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash ed8f120343683850762fc8fb5e8ee8dc3586a2ad7da5c12ca31ef125628cb15b Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:58 GMT Last-Modified Wed, 10 Dec 2014 12:40:07 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 4784
GET H/1.1	200 OK	caption.js Show response update.icclksa.com/media/system/js/	729 B 984 B	284ms 94ms	Script application/javascript	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/media/system/js/caption.js Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 5fe084328c9d2b7612b6e7c739946752c5326ece5a1566a41531f3efff175321 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:58 GMT Last-Modified Wed, 10 Dec 2014 12:40:07 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 729
GET H/1.1	200 OK	jquery.js Show response update.icclksa.com/media/widgetkit/js/	91 KB 91 KB	364ms 92ms	Script application/javascript	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/media/widgetkit/js/jquery.js Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 8ae014b3248171d12be03231b04b1b77abadf3efc8f407ac22b3b598ee66f172 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:58 GMT Last-Modified Tue, 22 Apr 2014 04:48:41 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 93420
GET H/1.1	200 OK	widgetkit-c395afda.js Show response update.icclksa.com/cache/widgetkit/	20 KB 21 KB	367ms 92ms	Script application/javascript	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/cache/widgetkit/widgetkit-c395afda.js Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 7607d26fcbeee7ad6727d93c34633ebb8c92614aacbe4209d5677e80a5ade73d Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:58 GMT Last-Modified Thu, 23 Jun 2022 12:13:26 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 20807
GET H/1.1	200 OK	theme.css update.icclksa.com/templates/yoo_nano3/css/styles/orange/	85 KB 85 KB	179ms 92ms	Stylesheet text/css	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/templates/yoo_nano3/css/styles/orange/theme.css Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 191a22326a7b80dc2f8c3fae69ec0ce46297875f6a174058c9cc241e87668bf2 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:58 GMT Last-Modified Wed, 24 Jun 2020 15:34:29 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 86830
GET H/1.1	200 OK	nc-custom.css update.icclksa.com/templates/yoo_nano3/css/styles/default/	13 KB 13 KB	277ms 92ms	Stylesheet text/css	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/templates/yoo_nano3/css/styles/default/nc-custom.css Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 0fde2a9af97ff732c0343e36497c164df7eadce4bd89e0eb337a419031f3d776 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:58 GMT Last-Modified Wed, 24 Jun 2020 15:31:40 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 13051
GET H/1.1	200 OK	uikit.js Show response update.icclksa.com/templates/yoo_nano3/warp/vendor/uikit/js/	32 KB 32 KB	371ms 92ms	Script application/javascript	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/templates/yoo_nano3/warp/vendor/uikit/js/uikit.js Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash a76c182c41589fad034180c31215f429c0453e7c35226ed2722b44d299a50fff Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:58 GMT Last-Modified Tue, 02 Jul 2013 12:32:32 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 32821
GET H/1.1	200 OK	grid.js Show response update.icclksa.com/templates/yoo_nano3/warp/js/	2 KB 2 KB	378ms 95ms	Script application/javascript	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/templates/yoo_nano3/warp/js/grid.js Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 57faf9f736cf6472cd23fb044c4c5076a0a8fa3a94811dbbaf8232994ab1228e Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:58 GMT Last-Modified Tue, 02 Jul 2013 12:32:32 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2045
GET H/1.1	200 OK	social.js Show response update.icclksa.com/templates/yoo_nano3/warp/js/	1 KB 2 KB	458ms 92ms	Script application/javascript	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/templates/yoo_nano3/warp/js/social.js Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 930c604bdcff83a65575398111ec1ef954208e0bdcc9f261fa7d46f8270bdff7 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:58 GMT Last-Modified Tue, 02 Jul 2013 12:32:32 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1295
GET H/1.1	200 OK	theme.js Show response update.icclksa.com/templates/yoo_nano3/js/	249 B 503 B	459ms 92ms	Script application/javascript	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/templates/yoo_nano3/js/theme.js Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 46ce4a7206dc4066cbd2eb1a3591003133038f6ed507d6457a0b5ba4f4e012ff Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:58 GMT Last-Modified Tue, 02 Jul 2013 12:32:32 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 249
GET H/1.1	200 OK	logo.png update.icclksa.com/images/logo/	11 KB 12 KB	93ms 93ms	Image image/png	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/images/logo/logo.png Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 35d1d575a4be3a2985ccc0aa14f85352216a74da37afec602a38a7c7e20497b4 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:58 GMT Last-Modified Mon, 06 Jun 2016 09:22:41 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 11698
GET H/1.1	200 OK	title.png update.icclksa.com/images/	8 KB 8 KB	93ms 92ms	Image image/png	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/images/title.png Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash f5e53d95d88756ec381ceea88e4738f5ec22f86b45b6959eca5f5d280b017985 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:58 GMT Last-Modified Mon, 06 Jun 2016 09:22:42 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 8109
GET H/1.1	200 OK	tuv_nord_logo.png update.icclksa.com/images/logo/	18 KB 19 KB	93ms 92ms	Image image/png	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/images/logo/tuv_nord_logo.png Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 150d43e8f55e544cace6fe202467b397af8be955bf36c48893389803277bdbf2 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Mon, 06 Jun 2016 09:22:41 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 18707
GET H/1.1	200 OK	logo-mini.png update.icclksa.com/images/logomini/	7 KB 8 KB	95ms 94ms	Image image/png	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/images/logomini/logo-mini.png Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash e73f25d7795478af879f1063f8d45417fdb272268c4b9f9fc79dfc3ad7e879d5 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Mon, 06 Jun 2016 09:22:41 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 7661
GET H/1.1	200 OK	Home-Banner-2.jpg update.icclksa.com/	127 KB 127 KB	165ms 93ms	Image image/jpeg	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/Home-Banner-2.jpg Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 258b53ddbd777396fa95bb5dd6e6581cfe4adfde810b262651b664e71688ea1c Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Sat, 20 Jun 2020 11:07:01 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 130216
GET H/1.1	200 OK	venders-logo.jpg update.icclksa.com/images/	40 KB 41 KB	166ms 93ms	Image image/jpeg	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/images/venders-logo.jpg Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 925f48a83c059709a2e8cc8d86ac59c3eb60c5611a46b33829fa4b1c987de16d Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Mon, 06 Jun 2016 09:22:42 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 41456
GET H/1.1	200 OK	tube-fittings.png update.icclksa.com/	30 KB 30 KB	307ms 93ms	Image image/png	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/tube-fittings.png Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash cd575efa3dda4b78ccbddc584f43231c018be557f1781d68a1bb88aba8b7d335 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Thu, 28 May 2020 09:05:26 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 30855
GET H/1.1	200 OK	pipe-fittings.png update.icclksa.com/	36 KB 36 KB	152ms 94ms	Image image/png	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/pipe-fittings.png Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 57ac30d7999203ef35cbcef50cd1479c96e1bd21550b4a02219cf28cae08f8eb Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Thu, 28 May 2020 09:05:20 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 36849
GET H/1.1	200 OK	13a.jpg update.icclksa.com/	36 KB 36 KB	235ms 92ms	Image image/jpeg	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/13a.jpg Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash cfc6a6c66d43391194bb16b172ffe6b506ba46be7f34c8abb5bd97d89c7d2b69 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Wed, 24 Jun 2020 14:23:26 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 36928
GET H/1.1	200 OK	needle-valves.png update.icclksa.com/	22 KB 22 KB	213ms 93ms	Image image/png	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/needle-valves.png Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 38ed75c605b0d9bf794c5b9e579739d5734aabda886f0081b10ab1e1f4f52555 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Thu, 28 May 2020 09:05:15 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 22035
GET H/1.1	200 OK	manifold-valves.png update.icclksa.com/	32 KB 32 KB	94ms 94ms	Image image/png	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/manifold-valves.png Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash ae85811bef3040f7a92dce86e75062faf2f0b6b18997a6b25883437546b1b5d8 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Thu, 28 May 2020 09:05:08 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 32596
GET H/1.1	200 OK	ball-Valves.png update.icclksa.com/	41 KB 42 KB	94ms 93ms	Image image/png	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/ball-Valves.png Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 7c791ed910cfa1694b9aae0fe97038cf7e76a55c2aa0edd49531fb4b8b42bb02 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Thu, 28 May 2020 09:04:58 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 42479
GET H/1.1	200 OK	mono-flange.png update.icclksa.com/	28 KB 28 KB	95ms 95ms	Image image/png	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/mono-flange.png Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 5e9aa5f95346f765c974bb20bbec8150af859822ec4578e91c4cf6c6d5db6474 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Thu, 28 May 2020 09:05:12 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 28545
GET H/1.1	200 OK	accessories.png update.icclksa.com/	50 KB 51 KB	93ms 93ms	Image image/png	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/accessories.png Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash b070d397e0d9f46d0632f9b8c47b9afc581e632e7021649a79ec1f871f2a11eb Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Thu, 28 May 2020 09:04:53 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 51531
GET H/1.1	200 OK	lightbox.js Show response update.icclksa.com/media/widgetkit/widgets/lightbox/js/	17 KB 17 KB	93ms 93ms	XHR application/javascript	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/media/widgetkit/widgets/lightbox/js/lightbox.js?_=1655986498963 Requested by Host: update.icclksa.com URL: https://update.icclksa.com/media/widgetkit/js/jquery.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 3a7fb877256cd381979edcdbc16f0de1f1f1620b096dae68a333f9dbacd80c85 Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://update.icclksa.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Tue, 22 Apr 2014 04:48:41 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 17068
GET H/1.1	200 OK	mediaelement-and-player.js Show response update.icclksa.com/media/widgetkit/widgets/mediaplayer/mediaelement/	62 KB 62 KB	94ms 94ms	XHR application/javascript	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/media/widgetkit/widgets/mediaplayer/mediaelement/mediaelement-and-player.js?_=1655986498964 Requested by Host: update.icclksa.com URL: https://update.icclksa.com/media/widgetkit/js/jquery.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 335bcfdce95b57f34709effb715c922545147d7f4f55e0314b67a53951708129 Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://update.icclksa.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Tue, 22 Apr 2014 04:48:41 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 63289
GET H/1.1	200 OK	spotlight.js Show response update.icclksa.com/media/widgetkit/widgets/spotlight/js/	2 KB 3 KB	93ms 93ms	XHR application/javascript	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/media/widgetkit/widgets/spotlight/js/spotlight.js?_=1655986498965 Requested by Host: update.icclksa.com URL: https://update.icclksa.com/media/widgetkit/js/jquery.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 30d8a31b6d81b7640a80b4e4e121fcea8dd71d25967be4fb4d8f6d5be574d44a Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://update.icclksa.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Tue, 22 Apr 2014 04:48:41 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 2462
GET DATA	200 OK	truncated /	49 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 93db6ff0af01c1416a4cf5643fa970e6facf75aa2c38a66404085039c2314e33 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	ICCL-_BG.jpg update.icclksa.com/images/background/	103 KB 103 KB	154ms 93ms	Image image/jpeg	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/images/background/ICCL-_BG.jpg Requested by Host: update.icclksa.com URL: https://update.icclksa.com/templates/yoo_nano3/css/styles/default/nc-custom.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash c01cca5618cab817d47668d446ae8cf577701c8e2f0250ddbaaf8c7edadbcd98 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/templates/yoo_nano3/css/styles/default/nc-custom.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Mon, 06 Jun 2016 09:22:29 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 105255
GET H/1.1	200 OK	fontawesome-webfont.woff update.icclksa.com/templates/yoo_nano3/warp/vendor/uikit/fonts/	43 KB 43 KB	151ms 92ms	Font font/woff	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/templates/yoo_nano3/warp/vendor/uikit/fonts/fontawesome-webfont.woff Requested by Host: update.icclksa.com URL: https://update.icclksa.com/templates/yoo_nano3/css/styles/orange/theme.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f Request headers Referer https://update.icclksa.com/templates/yoo_nano3/css/styles/orange/theme.css Origin https://update.icclksa.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Tue, 02 Jul 2013 12:32:30 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 43572
GET H2	200	embed Show response onedrive.live.com/ Frame 1AEA	61 KB 21 KB	618ms 438ms	Document text/html	13.107.42.13 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://onedrive.live.com/embed?cid=A845BE338C3154BF&resid=A845BE338C3154BF%21119&authkey=ABeHa_GAlQDYTVI&em=2&wdAr=1.3333333333333333 Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7a2bc7c37f66ee226471f6b87e54039863c7e3824166266f3b64c01017952568 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://update.icclksa.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store content-encoding gzip content-type text/html; charset=utf-8 date Thu, 23 Jun 2022 12:14:59 GMT expires -1 pragma no-cache strict-transport-security max-age=31536000 vary Accept-Encoding x-cache CONFIG_NOCACHE x-content-type-options nosniff x-msedge-ref Ref A: 426AD0ACCF8D48CFA9500392344640F7 Ref B: FRAEDGE1120 Ref C: 2022-06-23T12:14:59Z x-msnserver RD00155D998D4A x-odwebserver eastus0-odwebpl
GET H/1.1	200 OK	slideshow.js Show response update.icclksa.com/media/widgetkit/widgets/slideshow/js/	20 KB 20 KB	314ms 93ms	XHR application/javascript	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://update.icclksa.com/media/widgetkit/widgets/slideshow/js/slideshow.js?_=1655986498966 Requested by Host: update.icclksa.com URL: https://update.icclksa.com/media/widgetkit/js/jquery.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash f6bd3ef5a49e8e0da0c8f42501b9e40519368c77b6a3e4dc821797a68c767b80 Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://update.icclksa.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Tue, 22 Apr 2014 04:48:41 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 20089
GET H/1.1	200 OK	banner-4.jpg update.icclksa.com/images/banners/	135 KB 136 KB	99ms 98ms	Image image/jpeg	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/images/banners/banner-4.jpg Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 257b4837ca4acb7be1cf57f1f34e72c220d9a66d57af3d467b001f0f901d0186 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Mon, 06 Jun 2016 09:22:33 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 138587
GET H/1.1	200 OK	banner-1.jpg update.icclksa.com/images/banners/	106 KB 106 KB	97ms 95ms	Image image/jpeg	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/images/banners/banner-1.jpg Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 04799944e1b277b48bdabe36ebf5b0a42e74f7a87486b3fefc0120341c1e109c Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Mon, 06 Jun 2016 09:22:32 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 108180
GET H/1.1	200 OK	banner-2.jpg update.icclksa.com/images/banners/	80 KB 80 KB	94ms 93ms	Image image/jpeg	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/images/banners/banner-2.jpg Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash a2aab1c182be20fec3c470a4cbd78f1d3019ec83074234c452c869146a327af4 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Mon, 06 Jun 2016 09:22:29 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 82014
GET H/1.1	200 OK	banner-3.jpg update.icclksa.com/images/banners/	78 KB 78 KB	554ms 553ms	Image image/jpeg	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/images/banners/banner-3.jpg Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 01ccd22ffb86256bdc2005429dda21220bb3dc31f56290fd959ad70fa1f83b78 Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Mon, 06 Jun 2016 09:22:29 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 79946
GET H/1.1	200 OK	banner-5.jpg update.icclksa.com/images/banners/	115 KB 115 KB	94ms 93ms	Image image/jpeg	173.231.214.55 IMH-IAD
General Check archive.org Show headers Download Go to Show image Full URL https://update.icclksa.com/images/banners/banner-5.jpg Requested by Host: update.icclksa.com URL: https://update.icclksa.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.214.55 Elizabeth City, United States, ASN54641 (IMH-IAD, US), Reverse DNS vps72270.inmotionhosting.com Software Apache / Resource Hash 5d95a41b5edad63f5c737f9c64ce0396cc807b8eea5ec97688913c0d067d2daf Request headers accept-language de-DE,de;q=0.9 Referer https://update.icclksa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:14:59 GMT Last-Modified Mon, 06 Jun 2016 09:22:29 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 118018
GET H2	200	filescss1-11eb1969.css spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 1AEA	85 KB 16 KB	76ms 18ms	Stylesheet text/css	92.123.224.97 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css Requested by Host: onedrive.live.com URL: https://onedrive.live.com/embed?cid=A845BE338C3154BF&resid=A845BE338C3154BF%21119&authkey=ABeHa_GAlQDYTVI&em=2&wdAr=1.3333333333333333 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 92.123.224.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-224-97.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc Request headers accept-language de-DE,de;q=0.9 Referer https://onedrive.live.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Jun 2022 12:14:59 GMT content-encoding gzip content-md5 EesZadmsnx78d9ZWIKfswQ== alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 15784 x-ms-lease-status unlocked last-modified Mon, 14 May 2018 21:54:14 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D5B9E53BE6E430 vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 6f0a1371-501e-0080-4432-fbbe78000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=15985247 x-ms-version 2009-09-19 timing-allow-origin *
GET H2	200	filescss2-a303a402.css spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 1AEA	169 KB 30 KB	77ms 20ms	Stylesheet text/css	92.123.224.97 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css Requested by Host: onedrive.live.com URL: https://onedrive.live.com/embed?cid=A845BE338C3154BF&resid=A845BE338C3154BF%21119&authkey=ABeHa_GAlQDYTVI&em=2&wdAr=1.3333333333333333 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 92.123.224.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-224-97.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e Request headers accept-language de-DE,de;q=0.9 Referer https://onedrive.live.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Jun 2022 12:14:59 GMT content-encoding gzip content-md5 owOkAskXvYo3Ps40fhU7TQ== alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 30548 x-ms-lease-status unlocked last-modified Mon, 14 May 2018 21:54:15 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D5B9E53C3A1C6F vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id f5613635-d01e-011d-1258-d9826d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=12225503 x-ms-version 2009-09-19 timing-allow-origin *
POST H2	200	PowerPointFrame.aspx Show response powerpoint.officeapps.live.com/p/ Frame 1EFE	112 KB 114 KB	121ms 43ms	Document text/html	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem Requested by Host: onedrive.live.com URL: https://onedrive.live.com/embed?cid=A845BE338C3154BF&resid=A845BE338C3154BF%21119&authkey=ABeHa_GAlQDYTVI&em=2&wdAr=1.3333333333333333 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 74228cf4a9e7723fb3e82f59f5538faf59e7f227d0f47777d5e5294061db285f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Content-Type application/x-www-form-urlencoded Origin https://onedrive.live.com Referer https://onedrive.live.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store content-security-policy-report-only font-src data: c1-powerpoint-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com *.youtube.com s.ytimg.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com *.officeapps.live.com https:; object-src 'self' *.youtube.com s.ytimg.com https:; child-src blob: * https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /p/reportcsp.ashx content-type text/html; charset=utf-8 date Thu, 23 Jun 2022 12:14:59 GMT document-policy js-profiling expires -1 origin-trial Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ== p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" pragma no-cache strict-transport-security max-age=31536000 timing-allow-origin * x-cache CONFIG_NOCACHE x-content-type-options nosniff x-correlationid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 x-msedge-features typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3 x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3 x-msedge-ref Ref A: CBDD0D9ECE53489B952F60772F5BA154 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:14:59Z x-officecluster PNL1 x-officefd AM4PEPF00010824 x-officefe AM4PEPF00010824 x-officeversion 16.0.15407.40518 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7
GET H2	200	jquery-1.7.2-39eeb07e.js Show response spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 1AEA	92 KB 33 KB	43ms 19ms	Script application/javascript	92.123.224.97 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js Requested by Host: onedrive.live.com URL: https://onedrive.live.com/embed?cid=A845BE338C3154BF&resid=A845BE338C3154BF%21119&authkey=ABeHa_GAlQDYTVI&em=2&wdAr=1.3333333333333333 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 92.123.224.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-224-97.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f Request headers Referer https://onedrive.live.com/ Origin https://onedrive.live.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Jun 2022 12:14:59 GMT content-encoding gzip content-md5 Oe6wfmgC4rV/XhCprZvKJA== alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 33335 x-ms-lease-status unlocked last-modified Mon, 14 May 2018 21:54:17 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D5B9E53DB4CCFD vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 29c81963-d01e-00de-63ce-3d4d7b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=23271064 x-ms-version 2009-09-19 timing-allow-origin *
GET H2	200	embed_s_embed-212fe29f.js Show response spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 1AEA	483 KB 133 KB	46ms 22ms	Script application/javascript	92.123.224.97 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js Requested by Host: onedrive.live.com URL: https://onedrive.live.com/embed?cid=A845BE338C3154BF&resid=A845BE338C3154BF%21119&authkey=ABeHa_GAlQDYTVI&em=2&wdAr=1.3333333333333333 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 92.123.224.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-224-97.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb Request headers Referer https://onedrive.live.com/ Origin https://onedrive.live.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Jun 2022 12:14:59 GMT content-encoding gzip content-md5 IS/in/g30QB+g7MVI79lXQ== alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 135707 x-ms-lease-status unlocked last-modified Mon, 14 May 2018 21:54:01 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D5B9E533D8DD7F vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 4acc2b98-201e-0043-0a8f-3e373b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=23373672 x-ms-version 2009-09-19 timing-allow-origin *
GET H3-Q050	200	embed1-0986a9b4.js Show response spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 1AEA	47 KB 14 KB	11ms 11ms	Script application/javascript	92.123.224.97 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js Requested by Host: onedrive.live.com URL: https://onedrive.live.com/embed?cid=A845BE338C3154BF&resid=A845BE338C3154BF%21119&authkey=ABeHa_GAlQDYTVI&em=2&wdAr=1.3333333333333333 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 92.123.224.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-224-97.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547 Request headers Referer https://onedrive.live.com/ Origin https://onedrive.live.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Jun 2022 12:14:59 GMT content-encoding gzip content-md5 CYaptDz18cVXSIKt0vWKWA== alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 14119 x-ms-lease-status unlocked last-modified Mon, 14 May 2018 21:54:00 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D5B9E5332E9B80 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id ea603572-001e-0054-47e3-d5f758000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=11845131 x-ms-version 2009-09-19 timing-allow-origin * quic-version Q050
GET H3-Q050	200	embed2-8c600200.js Show response spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 1AEA	203 KB 68 KB	17ms 16ms	Script application/javascript	92.123.224.97 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js Requested by Host: onedrive.live.com URL: https://onedrive.live.com/embed?cid=A845BE338C3154BF&resid=A845BE338C3154BF%21119&authkey=ABeHa_GAlQDYTVI&em=2&wdAr=1.3333333333333333 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 92.123.224.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-224-97.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553 Request headers Referer https://onedrive.live.com/ Origin https://onedrive.live.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Jun 2022 12:14:59 GMT content-encoding gzip content-md5 jGACACXYYkvx7qKc5FskXg== alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 69276 x-ms-lease-status unlocked last-modified Mon, 14 May 2018 21:54:00 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D5B9E5337DDB83 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 449c47a3-c01e-000d-37a6-eaf2de000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14128106 x-ms-version 2009-09-19 timing-allow-origin * quic-version Q050
GET H3-Q050	200	embed0-54f3ec81.js Show response spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 1AEA	15 KB 6 KB	18ms 18ms	Script application/javascript	92.123.224.97 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js Requested by Host: onedrive.live.com URL: https://onedrive.live.com/embed?cid=A845BE338C3154BF&resid=A845BE338C3154BF%21119&authkey=ABeHa_GAlQDYTVI&em=2&wdAr=1.3333333333333333 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 92.123.224.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a92-123-224-97.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54 Request headers Referer https://onedrive.live.com/ Origin https://onedrive.live.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 23 Jun 2022 12:14:59 GMT content-encoding gzip content-md5 VPPsgWGZk5RDzVgXZtU7Yg== alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 6057 x-ms-lease-status unlocked last-modified Mon, 14 May 2018 21:53:59 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D5B9E532CDCC12 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id dda5c441-801e-0105-09a7-37aff8000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=22637819 x-ms-version 2009-09-19 timing-allow-origin * quic-version Q050
GET H/1.1	200 OK	styleschromeless.css c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptResources/1031/ Frame 1EFE	283 KB 35 KB	75ms 10ms	Stylesheet text/css	2a02:26f0:3500:584::4b36 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptResources/1031/styleschromeless.css Requested by Host: powerpoint.officeapps.live.com URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:584::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 7db3862b19b1f30b2d08fbb0d3712097b8c37f436dcf2e6fd62c028dc2be2814 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Encoding br ETag "e9ae911e881d81:0" X-OfficeCluster PNL1 X-OfficeVersion 16.0.15407.40518 X-OfficeFE AM4PEPF00010824 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Cross-Origin-Resource-Policy cross-origin Connection keep-alive X-MSEdge-Flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 Content-Length 34553 Cache-Control public,max-age=31536000 X-MSEdge-Features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 Last-Modified Fri, 17 Jun 2022 01:17:54 GMT X-OFFICEFD AM4PEPF00010824 X-MSEdge-Ref Ref A: C2FE5A800EDC4E32A70539188CFD7725 Ref B: AM3EDGE0620 Ref C: 2022-06-21T19:52:06Z X-UserSessionId aaf11d0d-aa1b-4ed4-801b-c47134cfb2a0 Date Thu, 23 Jun 2022 12:15:00 GMT Content-Type text/css Access-Control-Allow-Origin * X-CorrelationId aaf11d0d-aa1b-4ed4-801b-c47134cfb2a0 Accept-Ranges bytes Timing-Allow-Origin *
GET H/1.1	200 OK	MicrosoftAjax.js Show response c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/ Frame 1EFE	106 KB 24 KB	72ms 7ms	Script application/javascript	2a02:26f0:3500:584::4b36 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Requested by Host: powerpoint.officeapps.live.com URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:584::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://powerpoint.officeapps.live.com/ Origin https://powerpoint.officeapps.live.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Encoding br ETag "fbe771adf780d81:0" X-OfficeCluster PNL1 X-OfficeVersion 16.0.15407.40518 X-OfficeFE AM4PEPF00006023 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Cross-Origin-Resource-Policy cross-origin Connection keep-alive X-MSEdge-Flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3 Content-Length 23714 Cache-Control public,max-age=31536000 X-MSEdge-Features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3 Last-Modified Wed, 15 Jun 2022 20:37:06 GMT X-OFFICEFD AM4PEPF00006023 X-MSEdge-Ref Ref A: B60779E55334456690980035EE7AFC2B Ref B: AM3EDGE0415 Ref C: 2022-06-21T16:26:53Z X-UserSessionId 45fe4821-744d-4a00-b29a-ff677e6a832e Date Thu, 23 Jun 2022 12:15:00 GMT Content-Type application/javascript Access-Control-Allow-Origin * X-CorrelationId 45fe4821-744d-4a00-b29a-ff677e6a832e Accept-Ranges bytes Timing-Allow-Origin *
GET H/1.1	200 OK	powerpointintl.js Show response c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/1031/ Frame 1EFE	291 KB 73 KB	73ms 8ms	Script application/javascript	2a02:26f0:3500:584::4b36 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/1031/powerpointintl.js Requested by Host: powerpoint.officeapps.live.com URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:584::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 97c62688e78cb4e2728d2e2fabbecb2c78899ec9bfad47fa8a9740f232a44e5f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://powerpoint.officeapps.live.com/ Origin https://powerpoint.officeapps.live.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Encoding gzip ETag "0922f172b81d81:0" X-OfficeCluster PNL1 X-OfficeVersion 16.0.15407.40518 X-OfficeFE AM4PEPF00006965 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Cross-Origin-Resource-Policy cross-origin Connection keep-alive X-MSEdge-Flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 Content-Length 73328 Cache-Control public,max-age=31536000 X-MSEdge-Features typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5 Last-Modified Thu, 16 Jun 2022 02:45:08 GMT X-OFFICEFD AM4PEPF00006965 X-MSEdge-Ref Ref A: 8C38A3FD1225465AA8AEF2E86876EBAF Ref B: AMS04EDGE2808 Ref C: 2022-06-19T20:11:12Z X-UserSessionId d9e0a66a-2941-4e75-affc-5755e329187c Date Thu, 23 Jun 2022 12:15:00 GMT Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * X-CorrelationId d9e0a66a-2941-4e75-affc-5755e329187c Accept-Ranges bytes Timing-Allow-Origin *
GET H/1.1	200 OK	BootView.js Show response c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/ Frame 1EFE	2 MB 383 KB	67ms 8ms	Script application/javascript	2a02:26f0:3500:584::4b36 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/BootView.js Requested by Host: powerpoint.officeapps.live.com URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:584::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 0c2800ac1c4628aa0b98c545c5fb9bc0c7924169f33ac31d2904a1c7042dd681 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://powerpoint.officeapps.live.com/ Origin https://powerpoint.officeapps.live.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Encoding br ETag "2751d45b481d81:0" X-OfficeCluster PNL1 X-OfficeVersion 16.0.15407.40518 X-OfficeFE AM4PEPF00010820 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Cross-Origin-Resource-Policy cross-origin Connection keep-alive X-MSEdge-Flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 Content-Length 390924 Cache-Control public,max-age=31536000 X-MSEdge-Features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 Last-Modified Thu, 16 Jun 2022 19:05:19 GMT X-OFFICEFD AM4PEPF00010820 X-MSEdge-Ref Ref A: 85AD223C7D4C4F4994A6DFDEEEF59CE3 Ref B: AM3EDGE0915 Ref C: 2022-06-21T20:50:10Z X-UserSessionId 56e903f1-393d-49bd-908a-af2031432786 Date Thu, 23 Jun 2022 12:15:00 GMT Content-Type application/javascript Access-Control-Allow-Origin * X-CorrelationId 56e903f1-393d-49bd-908a-af2031432786 Accept-Ranges bytes Timing-Allow-Origin *
GET H/1.1	200 OK	progress.gif c1-officeapps-15.cdn.office.net/p/s/161540740518_resources/1031/ Frame 1EFE	695 B 2 KB	53ms 7ms	Image image/gif	2a02:26f0:3500:584::4b36 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://c1-officeapps-15.cdn.office.net/p/s/161540740518_resources/1031/progress.gif Requested by Host: powerpoint.officeapps.live.com URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:584::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / ARR/3.0 Resource Hash a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db Security Headers Name Value Strict-Transport-Security max-age=31536000, max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000, max-age=31536000 ETag "f953b2ae182d81:0" X-OfficeCluster PIE1 X-OfficeVersion 16.0.15407.40518 X-OfficeFE DB5PEPF0000C87B P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Cross-Origin-Resource-Policy cross-origin Connection keep-alive X-MSEdge-Flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 Content-Length 695 Cache-Control public,max-age=31536000 X-MSEdge-Features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 Last-Modified Sat, 18 Jun 2022 07:00:59 GMT X-OFFICEFD DB5PEPF000083D4 X-MSEdge-Ref Ref A: D3B85E357B424D3F991CF4B8C2C6C015 Ref B: AMS04EDGE1712 Ref C: 2022-06-21T06:08:57Z X-UserSessionId c793c267-b0a4-45ee-9d4c-3b0f8640098e, c793c267-b0a4-45ee-9d4c-3b0f8640098e X-Powered-By ARR/3.0 Date Thu, 23 Jun 2022 12:15:00 GMT Content-Type image/gif Access-Control-Allow-Origin * X-CorrelationId c793c267-b0a4-45ee-9d4c-3b0f8640098e, c793c267-b0a4-45ee-9d4c-3b0f8640098e Accept-Ranges bytes Timing-Allow-Origin *
GET H/1.1	200 OK	prt.png c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptResources/1031/ Frame 1EFE	13 KB 14 KB	69ms 10ms	Image image/png	2a02:26f0:3500:584::4b36 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptResources/1031/prt.png Requested by Host: powerpoint.officeapps.live.com URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:584::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 ETag "ef87ba71eb81d81:0" X-OfficeCluster PNL1 X-OfficeVersion 16.0.15407.40518 X-OfficeFE AM4PEPF00010825 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Cross-Origin-Resource-Policy cross-origin Connection keep-alive X-MSEdge-Flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 Content-Length 13611 Cache-Control public,max-age=31536000 X-MSEdge-Features typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5 Last-Modified Fri, 17 Jun 2022 01:42:03 GMT X-OFFICEFD AM4PEPF00010825 X-MSEdge-Ref Ref A: 4318150FBB834262A5467314F3EAECB4 Ref B: AMS04EDGE2010 Ref C: 2022-06-19T18:16:55Z X-UserSessionId 89db26d6-def5-4670-afc8-2df78eefd3b0 Date Thu, 23 Jun 2022 12:15:00 GMT Content-Type image/png Access-Control-Allow-Origin * X-CorrelationId 89db26d6-def5-4670-afc8-2df78eefd3b0 Accept-Ranges bytes Timing-Allow-Origin *
POST H2	200	RemoteUls.ashx Show response powerpoint.officeapps.live.com/p/ Frame 1EFE	0 660 B	99ms 98ms	XHR text/plain	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15407.40518&waccluster=PNL1 Requested by Host: powerpoint.officeapps.live.com URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 X-BrowserUlsBeacon [{"Index":0,"MsSinceStart":1,"Value":"SessionStarted","Type":"SessionBoundary"}] Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PGTUS4 x-officeversion 16.0.15407.40518 x-officefe BL6PEPF0000BACA p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" cross-origin-resource-policy cross-origin content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 0 x-cache CONFIG_NOCACHE x-ms-server-duration 0.6515 x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 09367abf-97e3-494c-b26e-6ba9cea33bb4 x-officefd BL6PEPF0000BACA x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:14:59 GMT x-download-options noopen content-type text/plain access-control-allow-origin https://powerpoint.officeapps.live.com x-ms-request-id ed4bc340-7ad9-43ba-9acb-a4fcde8a50b1 access-control-expose-headers si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags cache-control private x-msedge-ref Ref A: 0D50CED8BA024A63988CFDF02785AE1C Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:00Z
POST H2	200	RemoteUls.ashx Show response powerpoint.officeapps.live.com/p/ Frame 1EFE	0 457 B	98ms 98ms	XHR text/plain	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15407.40518&waccluster=PNL1 Requested by Host: powerpoint.officeapps.live.com URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 X-BrowserUlsBeacon [{"Index":1,"MsSinceStart":84,"Value":"https://c1-powerpoint-15.cdn.office.net:443/p/s/161540740518_PptResources/1031/styleschromeless.css","Type":"ResourceDownloadSuccess"}] Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PGTUS6 x-officeversion 16.0.15407.40518 x-officefe BL6PEPF0000BB62 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" cross-origin-resource-policy cross-origin content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3 content-length 0 x-cache CONFIG_NOCACHE x-ms-server-duration 1.1409 x-msedge-features typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3 x-correlationid 2251783e-dcc6-46a2-aaac-4d9b785978df x-officefd BL6PEPF0000BB62 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:14:59 GMT x-download-options noopen content-type text/plain access-control-allow-origin https://powerpoint.officeapps.live.com x-ms-request-id 585fadd3-4204-4930-8b55-e375ba7dc790 access-control-expose-headers si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags cache-control private x-msedge-ref Ref A: 79FD848CD8F94B74A4F8B17A71C7FAB1 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:00Z
GET H/1.1	404 Not Found	segoeui.woff c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptResources/1031/ Frame 1EFE	0 0	185ms 185ms	Font text/html	2a02:26f0:3500:584::4b36 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptResources/1031/segoeui.woff Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptResources/1031/styleschromeless.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:584::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptResources/1031/styleschromeless.css Origin https://powerpoint.officeapps.live.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 X-OFFICEFD AM4PEPF00010819 X-OfficeVersion 16.0.15407.40518 X-OfficeFE AM4PEPF00010819 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Cross-Origin-Resource-Policy cross-origin Connection keep-alive X-MSEdge-Flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 Content-Length 1245 X-MSEdge-Features typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5 X-CorrelationId 5806345f-3080-4197-b9c0-cf87b395ac27 X-OfficeCluster PNL1 X-UserSessionId 5806345f-3080-4197-b9c0-cf87b395ac27 Date Thu, 23 Jun 2022 12:15:00 GMT Content-Type text/html Access-Control-Allow-Origin * X-MSEdge-Ref Ref A: A84E894681BC47C887FC4BFB5A21BA59 Ref B: AMS04EDGE2718 Ref C: 2022-06-23T12:15:00Z Timing-Allow-Origin *
POST H2	200	GetPresentationWithSlideById Show response powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 1EFE	4 KB 2 KB	204ms 203ms	XHR application/json	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetPresentationWithSlideById Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 3d68ca6788985fb1def13671eb0318bfce2133109cce4909c2fe5fe4e49f38f7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers haep 1 X-AccessToken 4wWR6NUdBvWUk2ymq0GvcKzQaNHN-WeKtsk_x1ldd17oebVR8ONRMFR6rVfhp_3M3ZsmQQO6dIzCmvCJehzM_aFtBMxtkg3l7_SmTPci0Nl8KTGLhA6h0n5vm_Ulsh4Mq0jCXUVhXz0ywUsGCFLlH96g X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 X-OfficeVersion 16.0.15407.40518 X-Key 5VQRH+hH/4BHA3sZblrwipuqAHIGXDgmnr3erj58sNs=,637915832998711123 Content-Type application/json; charset=UTF-8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-Requested-With XMLHttpRequest X-UserType WOPI X-xhr 1 X-AccessTokenTtl 1657800899535 X-WacCluster PNL1 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF0001081D p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control content-length 1466 x-cache CONFIG_NOCACHE pragma no-cache x-msedge-features typeheadertest,afd_waccluster,afd_visioslice,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control x-correlationid fc622bd7-3298-4959-895e-ff715b544b24 x-officefd AM4PEPF0001081D x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:14:59 GMT x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store x-msedge-ref Ref A: 114B8D23BA9B451CB0A1E64C834499F0 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:00Z timing-allow-origin * expires -1
GET H/1.1	200 OK	wapsw.png c1-powerpoint-15.cdn.office.net/p/s/161540740518_resources/1031/ Frame 1EFE	6 KB 7 KB	7ms 7ms	Image image/png	2a02:26f0:3500:584::4b36 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_resources/1031/wapsw.png?b=1601540415002 Requested by Host: onedrive.live.com URL: https://onedrive.live.com/embed?cid=A845BE338C3154BF&resid=A845BE338C3154BF%21119&authkey=ABeHa_GAlQDYTVI&em=2&wdAr=1.3333333333333333 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:584::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 ETag "c2588d5b9b81d81:0" X-OfficeCluster PNL1 X-OfficeVersion 16.0.15407.40518 X-OfficeFE AM4PEPF0001081F P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Cross-Origin-Resource-Policy cross-origin Connection keep-alive X-MSEdge-Flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 Content-Length 5884 Cache-Control public,max-age=31536000 X-MSEdge-Features typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5 Last-Modified Thu, 16 Jun 2022 16:08:46 GMT X-OFFICEFD AM4PEPF0001081F X-MSEdge-Ref Ref A: 81A1206A3091496BB0A13D621E7BEFC9 Ref B: AMS04EDGE3112 Ref C: 2022-06-19T14:29:52Z X-UserSessionId efad7c3a-af8e-4776-b31e-f732c1ea1e3c Date Thu, 23 Jun 2022 12:15:00 GMT Content-Type image/png Access-Control-Allow-Origin * X-CorrelationId efad7c3a-af8e-4776-b31e-f732c1ea1e3c Accept-Ranges bytes Timing-Allow-Origin *
POST H2	200	RemoteUls.ashx Show response powerpoint.officeapps.live.com/p/ Frame 1EFE	0 276 B	101ms 101ms	XHR text/plain	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15407.40518&waccluster=PNL1 Requested by Host: powerpoint.officeapps.live.com URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 X-BrowserUlsBeacon [{"Index":2,"MsSinceStart":264,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}] Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PGTUS6 x-officeversion 16.0.15407.40518 x-officefe BL6PEPF0000B744 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" cross-origin-resource-policy cross-origin content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 0 x-cache CONFIG_NOCACHE x-ms-server-duration 0.5514 x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 55a5ed1f-b67a-4034-93c8-afaed83160f4 x-officefd BL6PEPF0000B744 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:14:59 GMT x-download-options noopen content-type text/plain access-control-allow-origin https://powerpoint.officeapps.live.com x-ms-request-id 2d5f9cdc-c9d2-4986-86f4-573caf707628 access-control-expose-headers si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags cache-control private x-msedge-ref Ref A: 23A39E6AB8EF42A0B5334C88D70F8D1A Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:00Z
GET BLOB	200 OK	e1cec8e3-3084-4b33-a407-e34e8c3ac375 https://powerpoint.officeapps.live.com/ Frame 1EFE	183 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://powerpoint.officeapps.live.com/e1cec8e3-3084-4b33-a407-e34e8c3ac375 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 43c055aad8ba5bf2d8b720cb78de620863530fceb8bbeee6619bdedc9b5eb8d3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Length 183 Content-Type application/javascript
GET H2	200	c.gif c.live.com/ Frame 1AEA Redirect Chain https://c.live.com/c.gif?DI=15347&wlxid=cb3e27c3-40b2-4e75-8196-1c7ef43e727d&reqid=0010a8d81cf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D998D4A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A... https://c.bing.com/c.gif?DI=15347&wlxid=cb3e27c3-40b2-4e75-8196-1c7ef43e727d&reqid=0010a8d81cf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D998D4A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A... https://c.live.com/c.gif?DI=15347&wlxid=cb3e27c3-40b2-4e75-8196-1c7ef43e727d&reqid=0010a8d81cf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D998D4A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...	42 B 254 B	64ms 28ms	Image image/gif	20.234.93.27 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.live.com/c.gif?DI=15347&wlxid=cb3e27c3-40b2-4e75-8196-1c7ef43e727d&reqid=0010a8d81cf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D998D4A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1376%26IR%3D1%26EX%3D0%26L.h%3D757%26L.sjs%3D890%26L.ttg%3D757%26C.st%3D1655986498993%26N.domIn%3D776%26N.dns%3D161%26N.tcp%3D19%26N.req%3D442%26N.resp%3D4%26N.navType%3D0%26N.redirectCount%3D0&r=0.8997085883393701&CtsSyncId=B66681B7F01349E185BD2728885A3D94&MUID=210290E81C6E6E4906D38124186E6AF0 Protocol H2 Server 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers accept-language de-DE,de;q=0.9 Referer https://onedrive.live.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Thu, 23 Jun 2022 12:14:59 GMT last-modified Fri, 20 May 2022 21:53:17 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "17a28a3946cd81:0" p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-type image/gif content-length 42 Redirect headers pragma no-cache date Thu, 23 Jun 2022 12:15:00 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 91501976F6164F36BA0A053AF537B940 Ref B: FRAEDGE1218 Ref C: 2022-06-23T12:15:00Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.live.com/c.gif?DI=15347&wlxid=cb3e27c3-40b2-4e75-8196-1c7ef43e727d&reqid=0010a8d81cf&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD00155D998D4A%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1376%26IR%3D1%26EX%3D0%26L.h%3D757%26L.sjs%3D890%26L.ttg%3D757%26C.st%3D1655986498993%26N.domIn%3D776%26N.dns%3D161%26N.tcp%3D19%26N.req%3D442%26N.resp%3D4%26N.navType%3D0%26N.redirectCount%3D0&r=0.8997085883393701&CtsSyncId=B66681B7F01349E185BD2728885A3D94&MUID=210290E81C6E6E4906D38124186E6AF0 cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H/1.1	200 OK	wl.ms.js Show response js.live.net/v5.0/ Frame 1EFE	42 KB 16 KB	50ms 8ms	Script application/javascript	104.92.80.28 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js.live.net/v5.0/wl.ms.js Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/BootView.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_CBC Server 104.92.80.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-80-28.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / Resource Hash d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a Request headers Referer https://powerpoint.officeapps.live.com/ Origin https://powerpoint.officeapps.live.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Thu, 23 Jun 2022 12:15:00 GMT X-MSNServer RD0003FF1DA9E7 Last-Modified Fri, 10 Jul 2020 18:30:22 GMT Server Microsoft-IIS/10.0 ETag "0b3b92be856d61:0" Vary Accept-Encoding Connection keep-alive Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control public, max-age=74211, public X-ODWebServer westeurope0-odwebp Accept-Ranges bytes Content-Encoding gzip Content-Length 16199
GET H/1.1	404 Not Found	segoeui.ttf c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptResources/1031/ Frame 1EFE	0 0	160ms 160ms	Font text/html	2a02:26f0:3500:584::4b36 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptResources/1031/segoeui.ttf Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptResources/1031/styleschromeless.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:584::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptResources/1031/styleschromeless.css Origin https://powerpoint.officeapps.live.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 X-OFFICEFD AM4PEPF000103ED X-OfficeVersion 16.0.15407.40518 X-OfficeFE AM4PEPF000103ED P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Cross-Origin-Resource-Policy cross-origin Connection keep-alive X-MSEdge-Flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 Content-Length 1245 X-MSEdge-Features typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5 X-CorrelationId 7da7e3af-d8da-4edb-bba0-ea1e8958dafc X-OfficeCluster PNL1 X-UserSessionId 7da7e3af-d8da-4edb-bba0-ea1e8958dafc Date Thu, 23 Jun 2022 12:15:00 GMT Content-Type text/html Access-Control-Allow-Origin * X-MSEdge-Ref Ref A: 40A450BD7FF441D0BBC732181DFE416F Ref B: AM3EDGE0711 Ref C: 2022-06-23T12:15:00Z Timing-Allow-Origin *
GET H2	200	imagehandler.ashx powerpoint.officeapps.live.com/p/ Frame 1EFE	106 KB 106 KB	447ms 447ms	Image image/png	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOA&usid=00fadd1c%2D2106%2D40ea%2Daa4d%2D57ad97bf5fa7&Rid=SB0%5F1%5F348x261%2Epng&waccluster=PNL1&try=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c9398539e9212ad7b0672d747f871fb22cc405bebac0b51478eb0a6d671edaa0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00006024 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 108270 etag WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOASB0_1_348x261.png x-cache CONFIG_NOCACHE x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid fc5476c0-6f22-4514-b3f1-9366089202a5 x-officefd AM4PEPF00006024 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:00 GMT x-download-options noopen content-type image/png cache-control private x-msedge-ref Ref A: 1F95DC511103462C83598C3C5A3D89C6 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:00Z timing-allow-origin * expires Fri, 23 Jun 2023 12:15:01 GMT
GET H2	200	imagehandler.ashx powerpoint.officeapps.live.com/p/ Frame 1EFE	106 KB 106 KB	259ms 250ms	Image image/png	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOA&usid=00fadd1c%2D2106%2D40ea%2Daa4d%2D57ad97bf5fa7&Rid=SB0%5F1%5F348x261%2Epng&waccluster=PNL1&try=0 Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/BootView.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c9398539e9212ad7b0672d747f871fb22cc405bebac0b51478eb0a6d671edaa0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00006025 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 108270 etag WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOASB0_1_348x261.png x-cache CONFIG_NOCACHE x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 393a225c-57c2-43cf-ab47-0a1b65fb0e71 x-officefd AM4PEPF00006025 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:00 GMT x-download-options noopen content-type image/png cache-control private x-msedge-ref Ref A: 48F9FC9A7D7B4B019F125594D6DE85D4 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:01Z timing-allow-origin * expires Fri, 23 Jun 2023 12:15:01 GMT
GET H/1.1	200 OK	reader.calypso.js Show response c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/ Frame 1EFE	312 KB 64 KB	14ms 7ms	Script application/javascript	2a02:26f0:3500:584::4b36 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/reader.calypso.js Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/BootView.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:584::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash a1559edf9a2bb85d5e182a28c718eef8d0db93a760497231422bb5e69c58b1f3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://powerpoint.officeapps.live.com/ Origin https://powerpoint.officeapps.live.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Encoding br ETag "e75c14508282d81:0" X-OfficeCluster SUS1 X-OfficeVersion 16.0.15407.40518 X-OfficeFE BL6PEPF0000700D P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Cross-Origin-Resource-Policy cross-origin Connection keep-alive X-MSEdge-Flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 Content-Length 64256 Cache-Control public,max-age=31536000 X-MSEdge-Features typeheadertest,afd_waccluster,afd_powerpointslice,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5 Last-Modified Fri, 17 Jun 2022 19:42:00 GMT X-OFFICEFD BL6PEPF0000700D X-MSEdge-Ref Ref A: 0C5C4E9D8A9C4C07B72D9C9C505FD91E Ref B: AMS04EDGE2806 Ref C: 2022-06-21T16:25:10Z X-UserSessionId f83503df-1e5d-43e4-ad51-ed099935dfcb Date Thu, 23 Jun 2022 12:15:01 GMT Content-Type application/javascript Access-Control-Allow-Origin * X-CorrelationId f83503df-1e5d-43e4-ad51-ed099935dfcb Accept-Ranges bytes Timing-Allow-Origin *
GET H/1.1	200 OK	wacairspaceanimationlibrary.js Show response c1-officeapps-15.cdn.office.net/p/s/161540740518_App_Scripts/ Frame 1EFE	40 KB 8 KB	46ms 13ms	Script application/javascript	2a02:26f0:3500:584::4b36 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c1-officeapps-15.cdn.office.net/p/s/161540740518_App_Scripts/wacairspaceanimationlibrary.js Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/BootView.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:584::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://powerpoint.officeapps.live.com/ Origin https://powerpoint.officeapps.live.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Encoding gzip ETag "80905799281d81:0" X-OfficeCluster GEU2C X-OfficeVersion 16.0.15407.40518 X-OfficeFE AM4PEPF0000CAC6 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Cross-Origin-Resource-Policy cross-origin Connection keep-alive X-MSEdge-Flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3 Content-Length 6762 Cache-Control public,max-age=31536000 X-MSEdge-Features typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3 Last-Modified Wed, 15 Jun 2022 21:55:17 GMT X-OFFICEFD AM4PEPF0000D7D2 X-MSEdge-Ref Ref A: E28FDC20358D46C081E35FF67513EB5A Ref B: AMS04EDGE3617 Ref C: 2022-06-21T20:50:03Z X-UserSessionId b700bd92-0332-4418-a5f3-8d8f8994a353 Date Thu, 23 Jun 2022 12:15:01 GMT Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * X-CorrelationId b700bd92-0332-4418-a5f3-8d8f8994a353 Accept-Ranges bytes Timing-Allow-Origin *
POST H2	200	RemoteUls.ashx Show response powerpoint.officeapps.live.com/p/ Frame 1EFE	0 675 B	115ms 113ms	XHR text/plain	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15407.40518&waccluster=PNL1 Requested by Host: powerpoint.officeapps.live.com URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 X-BrowserUlsBeacon [{"Index":3,"MsSinceStart":1083,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}] Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PGTUS6 x-officeversion 16.0.15407.40518 x-officefe BL6PEPF0000B746 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" cross-origin-resource-policy cross-origin content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 0 x-cache CONFIG_NOCACHE x-ms-server-duration 0.4387 x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 87b5c731-e597-4bc0-931c-c6f3d305f947 x-officefd BL6PEPF0000B746 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:00 GMT x-download-options noopen content-type text/plain access-control-allow-origin https://powerpoint.officeapps.live.com x-ms-request-id d0d0bd5c-e42a-4f60-969b-709e6f4fce50 access-control-expose-headers si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags cache-control private x-msedge-ref Ref A: 3B02B66F27C54958B3B41291C17D50B8 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:01Z
POST H2	200	GetSlide Show response powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 1EFE	3 KB 2 KB	288ms 282ms	XHR application/json	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash d16f6165554a8a3c6bf8ca9771eb390c43c13961827d0ca9522e20b3d0d095eb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers haep 1 X-AccessToken 4wWR6NUdBvWUk2ymq0GvcKzQaNHN-WeKtsk_x1ldd17oebVR8ONRMFR6rVfhp_3M3ZsmQQO6dIzCmvCJehzM_aFtBMxtkg3l7_SmTPci0Nl8KTGLhA6h0n5vm_Ulsh4Mq0jCXUVhXz0ywUsGCFLlH96g X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 X-OfficeVersion 16.0.15407.40518 X-Key 5VQRH+hH/4BHA3sZblrwipuqAHIGXDgmnr3erj58sNs=,637915832998711123 Content-Type application/json; charset=UTF-8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-Requested-With XMLHttpRequest X-UserType WOPI X-xhr 1 X-AccessTokenTtl 1657800899535 X-WacCluster PNL1 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00006964 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 1277 x-cache CONFIG_NOCACHE pragma no-cache x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 41d02c67-ca3c-459a-8d67-a5a8d578831b x-officefd AM4PEPF00006964 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:00 GMT x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store x-msedge-ref Ref A: 759E9D3286864101A9262B2F808B91F2 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:01Z timing-allow-origin * expires -1
POST H2	200	RemoteUls.ashx Show response powerpoint.officeapps.live.com/p/ Frame 1EFE	0 326 B	106ms 100ms	XHR text/plain	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15407.40518&waccluster=PNL1 Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers haep 1 X-AccessToken 4wWR6NUdBvWUk2ymq0GvcKzQaNHN-WeKtsk_x1ldd17oebVR8ONRMFR6rVfhp_3M3ZsmQQO6dIzCmvCJehzM_aFtBMxtkg3l7_SmTPci0Nl8KTGLhA6h0n5vm_Ulsh4Mq0jCXUVhXz0ywUsGCFLlH96g X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 X-OfficeVersion 16.0.15407.40518 X-Key 5VQRH+hH/4BHA3sZblrwipuqAHIGXDgmnr3erj58sNs=,637915832998711123 X-bULS-SuppressionETag D364F302477177B1869F1E6153FB2A84B42A10D2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-Requested-With XMLHttpRequest X-UserType WOPI Content-Type application/x-www-form-urlencoded; charset=UTF-8 X-xhr 1 X-AccessTokenTtl 1657800899535 X-WacCluster PNL1 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PGTUS6 x-officeversion 16.0.15407.40518 x-officefe BL6PEPF0000B72B p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" x-buls-suppressionetag D364F302477177B1869F1E6153FB2A84B42A10D2 cross-origin-resource-policy cross-origin content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 0 x-cache CONFIG_NOCACHE x-ms-server-duration 2.5318 x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid ebbeca53-8553-42a4-bc39-610ddeeab308 x-officefd BL6PEPF0000B72B x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:00 GMT x-download-options noopen content-type text/plain access-control-allow-origin https://powerpoint.officeapps.live.com x-ms-request-id ded08f63-ea59-4495-8ca6-0b26acd419a6 access-control-expose-headers si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags cache-control private x-msedge-ref Ref A: BC7A5FE820BA4DFBBE5075FEF1B4DACD Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:01Z
GET H/1.1	200 OK	otelFull.min.js Show response c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/ Frame 1EFE	99 KB 29 KB	12ms 8ms	Script application/javascript	2a02:26f0:3500:584::4b36 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/otelFull.min.js Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/BootView.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:584::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://powerpoint.officeapps.live.com/ Origin https://powerpoint.officeapps.live.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Encoding br ETag "125afe1d781d81:0" X-OfficeCluster PNL1 X-OfficeVersion 16.0.15407.40518 X-OfficeFE AM4PEPF00010823 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Cross-Origin-Resource-Policy cross-origin Connection keep-alive X-MSEdge-Flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control Content-Length 28874 Cache-Control public,max-age=31536000 X-MSEdge-Features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control Last-Modified Thu, 16 Jun 2022 23:22:00 GMT X-OFFICEFD AM4PEPF00010823 X-MSEdge-Ref Ref A: 2898A6CD277F4114BAD491EC05D1981D Ref B: AMS04EDGE2008 Ref C: 2022-06-21T16:26:28Z X-UserSessionId 7fe4e775-1c6f-4d13-a3b4-c4ceb1655e81 Date Thu, 23 Jun 2022 12:15:01 GMT Content-Type application/javascript Access-Control-Allow-Origin * X-CorrelationId 7fe4e775-1c6f-4d13-a3b4-c4ceb1655e81 Accept-Ranges bytes Timing-Allow-Origin *
GET H/1.1	200 OK	prt.png c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptResources/1031/ Frame 1EFE	13 KB 14 KB	57ms 51ms	Image image/png	2a02:26f0:3500:584::4b36 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptResources/1031/prt.png Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/reader.calypso.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:584::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 ETag "ef87ba71eb81d81:0" X-OfficeCluster PNL1 X-OfficeVersion 16.0.15407.40518 X-OfficeFE AM4PEPF00010825 P3P CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" Cross-Origin-Resource-Policy cross-origin Connection keep-alive X-MSEdge-Flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 Content-Length 13611 Cache-Control public,max-age=31536000 X-MSEdge-Features typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5 Last-Modified Fri, 17 Jun 2022 01:42:03 GMT X-OFFICEFD AM4PEPF00010825 X-MSEdge-Ref Ref A: 4318150FBB834262A5467314F3EAECB4 Ref B: AMS04EDGE2010 Ref C: 2022-06-19T18:16:55Z X-UserSessionId 89db26d6-def5-4670-afc8-2df78eefd3b0 Date Thu, 23 Jun 2022 12:15:01 GMT Content-Type image/png Access-Control-Allow-Origin * X-CorrelationId 89db26d6-def5-4670-afc8-2df78eefd3b0 Accept-Ranges bytes Timing-Allow-Origin *
POST H2	200	RemoteUls.ashx Show response powerpoint.officeapps.live.com/p/ Frame 1EFE	0 228 B	120ms 103ms	XHR text/plain	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15407.40518&waccluster=PNL1 Requested by Host: powerpoint.officeapps.live.com URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 X-BrowserUlsBeacon [{"Index":4,"MsSinceStart":1083,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}] Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PGTUS6 x-officeversion 16.0.15407.40518 x-officefe BL6PEPF0000BB6A p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" cross-origin-resource-policy cross-origin content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 0 x-cache CONFIG_NOCACHE x-ms-server-duration 0.4918 x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 0d879fd9-71c0-4568-b5d3-7f214cb6c204 x-officefd BL6PEPF0000BB6A x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:00 GMT x-download-options noopen content-type text/plain access-control-allow-origin https://powerpoint.officeapps.live.com x-ms-request-id 670bc183-b9ab-4d8e-9c47-33aea37bb171 access-control-expose-headers si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags cache-control private x-msedge-ref Ref A: 881BE59AE2BB4416B7CA1C8676EAE333 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:01Z
GET H/1.1	200 OK	ping Show response browser.events.data.microsoft.com/ Frame 1EFE	4 B 379 B	1150ms 289ms	XHR application/json	104.46.162.224 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/ping Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/otelFull.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.46.162.224 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Server Microsoft-HTTPAPI/2.0 Date Thu, 23 Jun 2022 12:15:02 GMT Access-Control-Allow-Methods GET Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://powerpoint.officeapps.live.com Access-Control-Allow-Credentials true Access-Control-Allow-Headers * Content-Length 4
GET H2	200	imagehandler.ashx powerpoint.officeapps.live.com/p/ Frame 1EFE	187 KB 188 KB	530ms 530ms	Image image/png	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOA&usid=00fadd1c%2D2106%2D40ea%2Daa4d%2D57ad97bf5fa7&Rid=SB1%5F1%5F348x261%2Epng&waccluster=PNL1&try=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 009eb9e9add129594e01d4a217e30a64caed8c58dedbb8d01fc27fcc94a6ca58 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00007277 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 191611 etag WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOASB1_1_348x261.png x-cache CONFIG_NOCACHE x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 6c15d003-7ae1-41d9-b1b8-2e63e55a5430 x-officefd AM4PEPF00007277 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:01 GMT x-download-options noopen content-type image/png cache-control private x-msedge-ref Ref A: B8C4A5949F7E43319836031601A30E32 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:01Z timing-allow-origin * expires Fri, 23 Jun 2023 12:15:01 GMT
POST H2	200	GetSlide Show response powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 1EFE	3 KB 1 KB	214ms 214ms	XHR application/json	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823a27152767b01401009dee820cff282e2cf93b3748e6c5db167cf4b593a8b4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers haep 1 X-AccessToken 4wWR6NUdBvWUk2ymq0GvcKzQaNHN-WeKtsk_x1ldd17oebVR8ONRMFR6rVfhp_3M3ZsmQQO6dIzCmvCJehzM_aFtBMxtkg3l7_SmTPci0Nl8KTGLhA6h0n5vm_Ulsh4Mq0jCXUVhXz0ywUsGCFLlH96g X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 X-OfficeVersion 16.0.15407.40518 X-Key 5VQRH+hH/4BHA3sZblrwipuqAHIGXDgmnr3erj58sNs=,637915832998711123 Content-Type application/json; charset=UTF-8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-Requested-With XMLHttpRequest X-UserType WOPI X-xhr 1 X-AccessTokenTtl 1657800899535 X-WacCluster PNL1 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00006967 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 1213 x-cache CONFIG_NOCACHE pragma no-cache x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 3db3421e-4637-48d9-b941-a254edafe237 x-officefd AM4PEPF00006967 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:01 GMT x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store x-msedge-ref Ref A: D6D2CDE5A2E14B44B1261CA8F71F7383 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:02Z timing-allow-origin * expires -1
GET H2	200	imagehandler.ashx powerpoint.officeapps.live.com/p/ Frame 1EFE	113 KB 114 KB	37ms 36ms	Image image/png	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOA&usid=00fadd1c%2D2106%2D40ea%2Daa4d%2D57ad97bf5fa7&Rid=SB2%5F1%5F348x261%2Epng&waccluster=PNL1&try=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 9d44efaea6e3299600313e3cc696e0d28535fbcb67f6f321bef1708ce80e7637 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00010824 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 115592 etag WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOASB2_1_348x261.png x-cache CONFIG_NOCACHE x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 020c29fd-e504-4b92-bc41-ccd3c957d74c x-officefd AM4PEPF00010824 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:01 GMT x-download-options noopen content-type image/png cache-control private x-msedge-ref Ref A: E94EA9DC120D46B29B2E859B44E2C692 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:02Z timing-allow-origin * expires Fri, 23 Jun 2023 12:15:02 GMT
POST H2	200	GetSlide Show response powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 1EFE	3 KB 1 KB	47ms 40ms	XHR application/json	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 157d4cd04ee4f6a5bb91aa4091fbf7ba234a128ad9a8707228f75b67f895f230 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers haep 1 X-AccessToken 4wWR6NUdBvWUk2ymq0GvcKzQaNHN-WeKtsk_x1ldd17oebVR8ONRMFR6rVfhp_3M3ZsmQQO6dIzCmvCJehzM_aFtBMxtkg3l7_SmTPci0Nl8KTGLhA6h0n5vm_Ulsh4Mq0jCXUVhXz0ywUsGCFLlH96g X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 X-OfficeVersion 16.0.15407.40518 X-Key 5VQRH+hH/4BHA3sZblrwipuqAHIGXDgmnr3erj58sNs=,637915832998711123 Content-Type application/json; charset=UTF-8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-Requested-With XMLHttpRequest X-UserType WOPI X-xhr 1 X-AccessTokenTtl 1657800899535 X-WacCluster PNL1 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF0001081D p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 1236 x-cache CONFIG_NOCACHE pragma no-cache x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 304c1b32-2246-488a-a120-6a7ffe9df97a x-officefd AM4PEPF0001081D x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:01 GMT x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store x-msedge-ref Ref A: 4AEF78C25A6843679D66A63DAB04BBEF Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:02Z timing-allow-origin * expires -1
GET H2	200	imagehandler.ashx powerpoint.officeapps.live.com/p/ Frame 1EFE	124 KB 125 KB	35ms 30ms	Image image/png	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOA&usid=00fadd1c%2D2106%2D40ea%2Daa4d%2D57ad97bf5fa7&Rid=SB3%5F1%5F348x261%2Epng&waccluster=PNL1&try=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8e611f62d2eeb5fc20767f9dd935ba57fcf4cdae2647f2c7e5ad090f132fcdf8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00006024 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 127009 etag WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOASB3_1_348x261.png x-cache CONFIG_NOCACHE x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 2971c405-a082-4c6d-94bb-a75ec5a60cac x-officefd AM4PEPF00006024 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:01 GMT x-download-options noopen content-type image/png cache-control private x-msedge-ref Ref A: 211326FB49D04D8190BCA6985D411864 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:02Z timing-allow-origin * expires Fri, 23 Jun 2023 12:15:02 GMT
POST H2	200	GetSlide Show response powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 1EFE	3 KB 2 KB	23ms 23ms	XHR application/json	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 88a7377b50a4fe932158936cfd1a9b918bcc7155e33f4c26ee1babf8985bbabe Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers haep 1 X-AccessToken 4wWR6NUdBvWUk2ymq0GvcKzQaNHN-WeKtsk_x1ldd17oebVR8ONRMFR6rVfhp_3M3ZsmQQO6dIzCmvCJehzM_aFtBMxtkg3l7_SmTPci0Nl8KTGLhA6h0n5vm_Ulsh4Mq0jCXUVhXz0ywUsGCFLlH96g X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 X-OfficeVersion 16.0.15407.40518 X-Key 5VQRH+hH/4BHA3sZblrwipuqAHIGXDgmnr3erj58sNs=,637915832998711123 Content-Type application/json; charset=UTF-8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-Requested-With XMLHttpRequest X-UserType WOPI X-xhr 1 X-AccessTokenTtl 1657800899535 X-WacCluster PNL1 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00006964 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 1263 x-cache CONFIG_NOCACHE pragma no-cache x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 3473a4e6-a60a-4df8-b9cf-d2b9ea08a2cf x-officefd AM4PEPF00006964 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:02 GMT x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store x-msedge-ref Ref A: C5C6AFF94204435CAEFBEC37B1D0F427 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:02Z timing-allow-origin * expires -1
GET H2	200	imagehandler.ashx powerpoint.officeapps.live.com/p/ Frame 1EFE	144 KB 145 KB	35ms 34ms	Image image/png	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOA&usid=00fadd1c%2D2106%2D40ea%2Daa4d%2D57ad97bf5fa7&Rid=SB5%5F1%5F348x261%2Epng&waccluster=PNL1&try=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 3d8104091eeacc1407e45d212f11f72a43ceb4939f5954e6251ccbf4cc8e67be Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00007277 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 147909 etag WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOASB5_1_348x261.png x-cache CONFIG_NOCACHE x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid e14b5527-b8b6-4587-94bc-49921979d2e6 x-officefd AM4PEPF00007277 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:02 GMT x-download-options noopen content-type image/png cache-control private x-msedge-ref Ref A: DD11D1B5B61B41E9A5ACBA9FF737635B Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:02Z timing-allow-origin * expires Fri, 23 Jun 2023 12:15:02 GMT
POST H2	200	GetSlide Show response powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 1EFE	2 KB 2 KB	48ms 47ms	XHR application/json	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a529294f6c1fe593ae0a172148c8663cab30d8eba2964c0eb25e7a587ec86695 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers haep 1 X-AccessToken 4wWR6NUdBvWUk2ymq0GvcKzQaNHN-WeKtsk_x1ldd17oebVR8ONRMFR6rVfhp_3M3ZsmQQO6dIzCmvCJehzM_aFtBMxtkg3l7_SmTPci0Nl8KTGLhA6h0n5vm_Ulsh4Mq0jCXUVhXz0ywUsGCFLlH96g X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 X-OfficeVersion 16.0.15407.40518 X-Key 5VQRH+hH/4BHA3sZblrwipuqAHIGXDgmnr3erj58sNs=,637915832998711123 Content-Type application/json; charset=UTF-8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-Requested-With XMLHttpRequest X-UserType WOPI X-xhr 1 X-AccessTokenTtl 1657800899535 X-WacCluster PNL1 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00006967 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 1213 x-cache CONFIG_NOCACHE pragma no-cache x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 222bed9d-25f6-488d-9fd6-c1070c876ad1 x-officefd AM4PEPF00006967 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:02 GMT x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store x-msedge-ref Ref A: 762E7A4252334E6483F846EDCD10B7F2 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:03Z timing-allow-origin * expires -1
GET H2	200	imagehandler.ashx powerpoint.officeapps.live.com/p/ Frame 1EFE	112 KB 112 KB	34ms 34ms	Image image/png	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOA&usid=00fadd1c%2D2106%2D40ea%2Daa4d%2D57ad97bf5fa7&Rid=SB6%5F1%5F348x261%2Epng&waccluster=PNL1&try=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash d905ea678b35a6cd8aecb4478c73c19dcf6af6368606bb431384438749df17dc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00010824 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 114391 etag WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOASB6_1_348x261.png x-cache CONFIG_NOCACHE x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid b8b05fa3-bea1-44e4-80e5-65e52ba6ffdb x-officefd AM4PEPF00010824 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:02 GMT x-download-options noopen content-type image/png cache-control private x-msedge-ref Ref A: E9E5D5689163457A8D6FE0442439D65F Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:03Z timing-allow-origin * expires Fri, 23 Jun 2023 12:15:03 GMT
POST H2	200	GetSlide Show response powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 1EFE	3 KB 2 KB	22ms 21ms	XHR application/json	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash b1e409a93e6c471a7721e201d17b5d87f4b9d856a3b061f209943bf3120f24a9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers haep 1 X-AccessToken 4wWR6NUdBvWUk2ymq0GvcKzQaNHN-WeKtsk_x1ldd17oebVR8ONRMFR6rVfhp_3M3ZsmQQO6dIzCmvCJehzM_aFtBMxtkg3l7_SmTPci0Nl8KTGLhA6h0n5vm_Ulsh4Mq0jCXUVhXz0ywUsGCFLlH96g X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 X-OfficeVersion 16.0.15407.40518 X-Key 5VQRH+hH/4BHA3sZblrwipuqAHIGXDgmnr3erj58sNs=,637915832998711123 Content-Type application/json; charset=UTF-8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-Requested-With XMLHttpRequest X-UserType WOPI X-xhr 1 X-AccessTokenTtl 1657800899535 X-WacCluster PNL1 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF0001081D p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 1363 x-cache CONFIG_NOCACHE pragma no-cache x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid f0c497c8-d9c5-44c1-be69-1884c384aa25 x-officefd AM4PEPF0001081D x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:02 GMT x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store x-msedge-ref Ref A: C8E70B5C9041449F9DBFFDCF2513F285 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:03Z timing-allow-origin * expires -1
GET H2	200	imagehandler.ashx powerpoint.officeapps.live.com/p/ Frame 1EFE	45 KB 46 KB	25ms 24ms	Image image/png	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOA&usid=00fadd1c%2D2106%2D40ea%2Daa4d%2D57ad97bf5fa7&Rid=S61%5F1%5F348x261%2Epng&waccluster=PNL1&try=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 53252b45ee4c1686d89303d8e816f0b652b5fd8e7a6f19f1898b7678a81ed3bf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00006024 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 45925 etag WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOAS61_1_348x261.png x-cache CONFIG_NOCACHE x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid cdb1a800-eadd-48ad-8230-8f42017c8e43 x-officefd AM4PEPF00006024 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:02 GMT x-download-options noopen content-type image/png cache-control private x-msedge-ref Ref A: 177BF5F10D0840BE8B119FA1769285A3 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:03Z timing-allow-origin * expires Fri, 23 Jun 2023 12:15:03 GMT
POST H2	200	GetSlide Show response powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 1EFE	5 KB 2 KB	22ms 22ms	XHR application/json	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 0b2e436822621ea1db405449520824ca9ed82143ae1a5f7ee7008b1134ed32e5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers haep 1 X-AccessToken 4wWR6NUdBvWUk2ymq0GvcKzQaNHN-WeKtsk_x1ldd17oebVR8ONRMFR6rVfhp_3M3ZsmQQO6dIzCmvCJehzM_aFtBMxtkg3l7_SmTPci0Nl8KTGLhA6h0n5vm_Ulsh4Mq0jCXUVhXz0ywUsGCFLlH96g X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 X-OfficeVersion 16.0.15407.40518 X-Key 5VQRH+hH/4BHA3sZblrwipuqAHIGXDgmnr3erj58sNs=,637915832998711123 Content-Type application/json; charset=UTF-8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-Requested-With XMLHttpRequest X-UserType WOPI X-xhr 1 X-AccessTokenTtl 1657800899535 X-WacCluster PNL1 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00006964 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 1555 x-cache CONFIG_NOCACHE pragma no-cache x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 8d70933d-a4d6-4f53-8130-a2c4e16635e3 x-officefd AM4PEPF00006964 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:02 GMT x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store x-msedge-ref Ref A: 5EFCA42EEA3343D2B122149EBEED5E14 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:03Z timing-allow-origin * expires -1
GET H2	200	imagehandler.ashx powerpoint.officeapps.live.com/p/ Frame 1EFE	121 KB 122 KB	23ms 23ms	Image image/png	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOA&usid=00fadd1c%2D2106%2D40ea%2Daa4d%2D57ad97bf5fa7&Rid=S6A%5F1%5F348x261%2Epng&waccluster=PNL1&try=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 55d1c455ddf167cc7720725d605eac271371d9319c111a113ca85946c2286ad4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00006025 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 124039 etag WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOAS6A_1_348x261.png x-cache CONFIG_NOCACHE x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid ca31216f-a596-47c0-a5a0-2a8c5c5c939c x-officefd AM4PEPF00006025 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:02 GMT x-download-options noopen content-type image/png cache-control private x-msedge-ref Ref A: C335B34302994240AEFCD7FA0D1FA37C Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:03Z timing-allow-origin * expires Fri, 23 Jun 2023 12:15:03 GMT
POST H/1.1	200 OK	/ Show response browser.events.data.microsoft.com/OneCollector/1.0/ Frame 1EFE	24 B 476 B	1101ms 275ms	XHR application/json	104.46.162.224 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,b664cab4b3f24a739be75b93b026749e-65c206a3-a985-48b4-8b50-36c56c3ce309-7201&upload-time=1655986503299&time-delta-to-apply-millis=use-collector-delta&w=2 Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_PptScripts/otelFull.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.46.162.224 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash 51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://powerpoint.officeapps.live.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Strict-Transport-Security max-age=31536000 Server Microsoft-HTTPAPI/2.0 Date Thu, 23 Jun 2022 12:15:04 GMT time-delta-millis 943 Access-Control-Allow-Methods POST Content-Type application/json Access-Control-Allow-Origin https://powerpoint.officeapps.live.com Access-Control-Expose-Headers time-delta-millis Access-Control-Allow-Credentials true Access-Control-Allow-Headers time-delta-millis Content-Length 24
POST H2	200	GetSlide Show response powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 1EFE	8 KB 2 KB	217ms 215ms	XHR application/json	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 6767fe79387c18abf58ef46712132982402bf33d588a57ec37d43edd7e9cee51 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers haep 1 X-AccessToken 4wWR6NUdBvWUk2ymq0GvcKzQaNHN-WeKtsk_x1ldd17oebVR8ONRMFR6rVfhp_3M3ZsmQQO6dIzCmvCJehzM_aFtBMxtkg3l7_SmTPci0Nl8KTGLhA6h0n5vm_Ulsh4Mq0jCXUVhXz0ywUsGCFLlH96g X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 X-OfficeVersion 16.0.15407.40518 X-Key 5VQRH+hH/4BHA3sZblrwipuqAHIGXDgmnr3erj58sNs=,637915832998711123 Content-Type application/json; charset=UTF-8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-Requested-With XMLHttpRequest X-UserType WOPI X-xhr 1 X-AccessTokenTtl 1657800899535 X-WacCluster PNL1 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00010820 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 1741 x-cache CONFIG_NOCACHE pragma no-cache x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 3bb69336-af0d-4284-a42f-1c0a17292ea4 x-officefd AM4PEPF00010820 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:02 GMT x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store x-msedge-ref Ref A: 40263497DF554265A48109089B3B657A Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:03Z timing-allow-origin * expires -1
GET H2	200	imagehandler.ashx powerpoint.officeapps.live.com/p/ Frame 1EFE	102 KB 103 KB	25ms 25ms	Image image/png	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOA&usid=00fadd1c%2D2106%2D40ea%2Daa4d%2D57ad97bf5fa7&Rid=S6C%5F1%5F348x261%2Epng&waccluster=PNL1&try=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 200d35f81f01365d2d19943d4a38370b5706f5dc117fa91a3a22908655595e91 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00007277 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 104232 etag WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOAS6C_1_348x261.png x-cache CONFIG_NOCACHE x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid adc72dd8-ad86-438a-aab3-271e1e1acabc x-officefd AM4PEPF00007277 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:02 GMT x-download-options noopen content-type image/png cache-control private x-msedge-ref Ref A: 362F349B0BFD4514BA29196A30445441 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:03Z timing-allow-origin * expires Fri, 23 Jun 2023 12:15:03 GMT
POST H2	200	GetSlide Show response powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 1EFE	6 KB 2 KB	24ms 24ms	XHR application/json	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 239e6119976d1e3208095ac74852e2d49d0f2d19f21d3f3445c6e327f2afc45c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers haep 1 X-AccessToken 4wWR6NUdBvWUk2ymq0GvcKzQaNHN-WeKtsk_x1ldd17oebVR8ONRMFR6rVfhp_3M3ZsmQQO6dIzCmvCJehzM_aFtBMxtkg3l7_SmTPci0Nl8KTGLhA6h0n5vm_Ulsh4Mq0jCXUVhXz0ywUsGCFLlH96g X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 X-OfficeVersion 16.0.15407.40518 X-Key 5VQRH+hH/4BHA3sZblrwipuqAHIGXDgmnr3erj58sNs=,637915832998711123 Content-Type application/json; charset=UTF-8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-Requested-With XMLHttpRequest X-UserType WOPI X-xhr 1 X-AccessTokenTtl 1657800899535 X-WacCluster PNL1 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00006967 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 1614 x-cache CONFIG_NOCACHE pragma no-cache x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 31b55781-4174-4305-8fbe-83a63a17ce9e x-officefd AM4PEPF00006967 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:02 GMT x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store x-msedge-ref Ref A: 5D7189202FB4479289EE7CA093A395F4 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:03Z timing-allow-origin * expires -1
GET H2	200	imagehandler.ashx powerpoint.officeapps.live.com/p/ Frame 1EFE	105 KB 106 KB	220ms 219ms	Image image/png	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOA&usid=00fadd1c%2D2106%2D40ea%2Daa4d%2D57ad97bf5fa7&Rid=S6E%5F1%5F348x261%2Epng&waccluster=PNL1&try=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 96fa8d18bd2fe4ce2ab70541f78d08c4c121b59f92660a23d8cfe4421820da0c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00010823 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 107987 etag WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOAS6E_1_348x261.png x-cache CONFIG_NOCACHE x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid e346a296-c425-4923-89a1-c0295501ae1e x-officefd AM4PEPF00010823 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:03 GMT x-download-options noopen content-type image/png cache-control private x-msedge-ref Ref A: 7D8BEE355DE749BDB3012C4A05C50D91 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:03Z timing-allow-origin * expires Fri, 23 Jun 2023 12:15:03 GMT
POST H2	200	GetSlide Show response powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 1EFE	5 KB 2 KB	42ms 42ms	XHR application/json	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ef48afa073abd7fc90be367e1d32907035645a99c285182ad23a1e6e91c83244 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers haep 1 X-AccessToken 4wWR6NUdBvWUk2ymq0GvcKzQaNHN-WeKtsk_x1ldd17oebVR8ONRMFR6rVfhp_3M3ZsmQQO6dIzCmvCJehzM_aFtBMxtkg3l7_SmTPci0Nl8KTGLhA6h0n5vm_Ulsh4Mq0jCXUVhXz0ywUsGCFLlH96g X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 X-OfficeVersion 16.0.15407.40518 X-Key 5VQRH+hH/4BHA3sZblrwipuqAHIGXDgmnr3erj58sNs=,637915832998711123 Content-Type application/json; charset=UTF-8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-Requested-With XMLHttpRequest X-UserType WOPI X-xhr 1 X-AccessTokenTtl 1657800899535 X-WacCluster PNL1 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00010824 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 1487 x-cache CONFIG_NOCACHE pragma no-cache x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 46430601-1673-41f4-bfa4-2d6a069d206e x-officefd AM4PEPF00010824 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:03 GMT x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store x-msedge-ref Ref A: 04507FCB73484A658DB8FC0B00B25126 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:04Z timing-allow-origin * expires -1
GET H2	200	imagehandler.ashx powerpoint.officeapps.live.com/p/ Frame 1EFE	100 KB 101 KB	135ms 134ms	Image image/png	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOA&usid=00fadd1c%2D2106%2D40ea%2Daa4d%2D57ad97bf5fa7&Rid=SBC%5F1%5F348x261%2Epng&waccluster=PNL1&try=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash f664ff7ade356417a02a036e78590126694a3086718668ce5e0afa5a514d1085 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF0001081D p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 102711 etag WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOASBC_1_348x261.png x-cache CONFIG_NOCACHE x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid f93e4737-054f-4be6-938d-93a691f2162c x-officefd AM4PEPF0001081D x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:03 GMT x-download-options noopen content-type image/png cache-control private x-msedge-ref Ref A: A384846280CC428195865D9C5D4CD270 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:04Z timing-allow-origin * expires Fri, 23 Jun 2023 12:15:04 GMT
POST H2	200	GetSlide Show response powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 1EFE	5 KB 2 KB	47ms 46ms	XHR application/json	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 9897d4f4c1a34ca85a74f9cf0221b919e9477a6ca61be5d0d9e14dc9801bdd05 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers haep 1 X-AccessToken 4wWR6NUdBvWUk2ymq0GvcKzQaNHN-WeKtsk_x1ldd17oebVR8ONRMFR6rVfhp_3M3ZsmQQO6dIzCmvCJehzM_aFtBMxtkg3l7_SmTPci0Nl8KTGLhA6h0n5vm_Ulsh4Mq0jCXUVhXz0ywUsGCFLlH96g X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 X-OfficeVersion 16.0.15407.40518 X-Key 5VQRH+hH/4BHA3sZblrwipuqAHIGXDgmnr3erj58sNs=,637915832998711123 Content-Type application/json; charset=UTF-8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-Requested-With XMLHttpRequest X-UserType WOPI X-xhr 1 X-AccessTokenTtl 1657800899535 X-WacCluster PNL1 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00006024 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 1501 x-cache CONFIG_NOCACHE pragma no-cache x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid adee65c0-5dd7-40b2-8f45-78196dc096ba x-officefd AM4PEPF00006024 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:03 GMT x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store x-msedge-ref Ref A: DD0D583B680B49AAA2249EE0AB54BDF8 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:04Z timing-allow-origin * expires -1
GET H2	200	imagehandler.ashx powerpoint.officeapps.live.com/p/ Frame 1EFE	102 KB 103 KB	43ms 43ms	Image image/png	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOA&usid=00fadd1c%2D2106%2D40ea%2Daa4d%2D57ad97bf5fa7&Rid=SBB%5F1%5F348x261%2Epng&waccluster=PNL1&try=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 969fa34464bd9e41a52cf1232c0a67e69d3e72856bc2637d2c641e1aa2c0f9f3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00006964 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 104358 etag WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOASBB_1_348x261.png x-cache CONFIG_NOCACHE x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 2827ed1c-ff25-4dbd-873f-fcb43f680b7e x-officefd AM4PEPF00006964 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:03 GMT x-download-options noopen content-type image/png cache-control private x-msedge-ref Ref A: 116AB8BAD3D3430EA99AB0E8CF0B5961 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:04Z timing-allow-origin * expires Fri, 23 Jun 2023 12:15:04 GMT
POST H2	200	GetSlide Show response powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 1EFE	4 KB 2 KB	46ms 46ms	XHR application/json	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 3b288d96294ea676e5793d703e54583e2f454cc4547c47bd64a24770898f366d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers haep 1 X-AccessToken 4wWR6NUdBvWUk2ymq0GvcKzQaNHN-WeKtsk_x1ldd17oebVR8ONRMFR6rVfhp_3M3ZsmQQO6dIzCmvCJehzM_aFtBMxtkg3l7_SmTPci0Nl8KTGLhA6h0n5vm_Ulsh4Mq0jCXUVhXz0ywUsGCFLlH96g X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 X-OfficeVersion 16.0.15407.40518 X-Key 5VQRH+hH/4BHA3sZblrwipuqAHIGXDgmnr3erj58sNs=,637915832998711123 Content-Type application/json; charset=UTF-8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-Requested-With XMLHttpRequest X-UserType WOPI X-xhr 1 X-AccessTokenTtl 1657800899535 X-WacCluster PNL1 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00006025 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 1393 x-cache CONFIG_NOCACHE pragma no-cache x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 30c37305-acda-47dd-9479-f7b4f1e845ae x-officefd AM4PEPF00006025 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:03 GMT x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store x-msedge-ref Ref A: CA4454644F0444E4AC6F478D545D8409 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:04Z timing-allow-origin * expires -1
GET H2	200	imagehandler.ashx powerpoint.officeapps.live.com/p/ Frame 1EFE	100 KB 101 KB	35ms 35ms	Image image/png	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOA&usid=00fadd1c%2D2106%2D40ea%2Daa4d%2D57ad97bf5fa7&Rid=SBA%5F1%5F348x261%2Epng&waccluster=PNL1&try=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash d4d9bae101a8e85c34adee19fdbf8dbe7934c2e2b2f6002c1eafee470d80653b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00010820 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 102834 etag WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOASBA_1_348x261.png x-cache CONFIG_NOCACHE x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 4abc5174-61b4-4e8f-9efc-37b0f449e5df x-officefd AM4PEPF00010820 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:03 GMT x-download-options noopen content-type image/png cache-control private x-msedge-ref Ref A: E544299ED90441CA8ACE8D853733475C Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:04Z timing-allow-origin * expires Fri, 23 Jun 2023 12:15:04 GMT
POST H2	200	GetSlide Show response powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 1EFE	4 KB 2 KB	26ms 26ms	XHR application/json	2620:1ec:a92::171 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide Requested by Host: c1-powerpoint-15.cdn.office.net URL: https://c1-powerpoint-15.cdn.office.net/p/s/161540740518_App_Scripts/MicrosoftAjax.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8e8822dc1329a37833eae87dbb4ec1c203ea872f7626fe30d2b909bb25f644c0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers haep 1 X-AccessToken 4wWR6NUdBvWUk2ymq0GvcKzQaNHN-WeKtsk_x1ldd17oebVR8ONRMFR6rVfhp_3M3ZsmQQO6dIzCmvCJehzM_aFtBMxtkg3l7_SmTPci0Nl8KTGLhA6h0n5vm_Ulsh4Mq0jCXUVhXz0ywUsGCFLlH96g X-UserSessionId 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 accept-language de-DE,de;q=0.9 X-OfficeVersion 16.0.15407.40518 X-Key 5VQRH+hH/4BHA3sZblrwipuqAHIGXDgmnr3erj58sNs=,637915832998711123 Content-Type application/json; charset=UTF-8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Referer https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=1FJrVab3LE6Lf6yuRxAdsw.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&wdAr=1.3333333333333333&sc=host%3D%26qt%3DDefault%26pt%3Dem X-Requested-With XMLHttpRequest X-UserType WOPI X-xhr 1 X-AccessTokenTtl 1657800899535 X-WacCluster PNL1 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff x-officecluster PNL1 x-officeversion 16.0.15407.40518 x-officefe AM4PEPF00007277 p3p CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" content-disposition attachment x-msedge-flight 2i49=afd_wacinfra4,2i4a=afd_wacinfra5 content-length 1423 x-cache CONFIG_NOCACHE pragma no-cache x-msedge-features typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5 x-correlationid 73d0fb43-7240-4ec6-a85a-94a439bada73 x-officefd AM4PEPF00007277 x-usersessionid 00fadd1c-2106-40ea-aa4d-57ad97bf5fa7 date Thu, 23 Jun 2022 12:15:03 GMT x-download-options noopen vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store x-msedge-ref Ref A: 8897DC6B9BE741AEAE9BAA44C53511F8 Ref B: AM3EDGE0608 Ref C: 2022-06-23T12:15:04Z timing-allow-origin * expires -1
GET		imagehandler.ashx powerpoint.officeapps.live.com/p/ Frame 1EFE	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

powerpoint.officeapps.live.com

URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FA845BE338C3154BF%21119&access_token=4wWR6NUdBvWUk2ymq0GvcKzQaNHN%2DWeKtsk%5Fx1ldd17oebVR8ONRMFR6rVfhp%5F3M3ZsmQQO6dIzCmvCJehzM%5FaFtBMxtkg3l7%5FSmTPci0Nl8KTGLhA6h0n5vm%5FUlsh4Mq0jCXUVhXz0ywUsGCFLlH96g&access_token_ttl=1657800899535&z=aQTg0NUJFMzM4QzMxNTRCRiExMTkuOA&usid=00fadd1c%2D2106%2D40ea%2Daa4d%2D57ad97bf5fa7&Rid=SB9%5F1%5F348x261%2Epng&waccluster=PNL1&try=0