urlscan.io logo urlscan.io
SecurityTrails logo

speedyshare.com Open in urlscan Pro
2606:4700:3036::ac43:b7df  Public Scan

Go To Rescan Add Verdict Report
URL: http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Submission: On September 10 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 5 countries across 15 domains to perform 83 HTTP transactions. The main IP is 2606:4700:3036::ac43:b7df, located in United States and belongs to CLOUDFLARENET, US. The main domain is speedyshare.com.
This is the only time speedyshare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2606:4700:3036::ac43:b7df (United States)

ASN13335 (CLOUDFLARENET, US)
speedyshare.com
1    2a00:1450:4007:81a::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4007:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4007:817::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4007:810::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3036::6815:13c8 (United States)

ASN13335 (CLOUDFLARENET, US)
freegeoip.app
2    2a00:1450:4007:815::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    216.58.214.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: mad01s26-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4007:816::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4007:818::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4007:817::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
35    2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
view.officeapps.live.com
pnl1-powerpoint.officeapps.live.com
2    2a00:1450:4007:813::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4007:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
9    2a02:26f0:ec:2b5::4b36 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
c1-powerpoint-15.cdn.office.net
3    2a02:26f0:ec:2b2::4b36 (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
c1-officeapps-15.cdn.office.net
1    23.72.19.83 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-19-83.deploy.static.akamaitechnologies.com
js.live.net
2    52.178.17.2 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Domain Requested by
34 pnl1-powerpoint.officeapps.live.com pnl1-powerpoint.officeapps.live.com
c1-powerpoint-15.cdn.office.net
c1-officeapps-15.cdn.office.net
9 c1-powerpoint-15.cdn.office.net pnl1-powerpoint.officeapps.live.com
c1-powerpoint-15.cdn.office.net
9 speedyshare.com speedyshare.com
7 pagead2.googlesyndication.com speedyshare.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 c1-officeapps-15.cdn.office.net pnl1-powerpoint.officeapps.live.com
c1-powerpoint-15.cdn.office.net
3 www.google-analytics.com speedyshare.com
2 browser.events.data.microsoft.com c1-powerpoint-15.cdn.office.net
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
1 js.live.net c1-powerpoint-15.cdn.office.net
1 www.google.com tpc.googlesyndication.com
1 view.officeapps.live.com speedyshare.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 freegeoip.app speedyshare.com
1 fonts.googleapis.com speedyshare.com
83 19

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
officeapps.live.com
DigiCert Cloud Services CA-1		 2021-04-30 -
2022-04-29		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.cdn.office.net
Microsoft RSA TLS CA 01		 2021-01-26 -
2022-01-26		 a year crt.sh
p.sfx.ms
Microsoft RSA TLS CA 02		 2020-09-28 -
2021-09-28		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2021-08-12 -
2022-08-07		 a year crt.sh

This page contains 7 frames:

Primary Page: http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Frame ID: 454ECC80865142AAEE300B5B89FAF476
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Frame ID: 9BE2F5A8B87A2C6A5E9DEAC4BB473AB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7360086138245943&output=html&adk=1812271804&adf=3025194257&lmt=1631274073&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSiX3ZegJz&ea=0&flash=0&pra=5&wgl=1&dt=1631274073768&bpp=2&bdt=733&idt=107&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3236364324816&frm=20&pv=2&ga_vid=1699771244.1631274074&ga_sid=1631274074&ga_hid=102980841&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C21066434%2C31062297%2C31062093&oid=3&pvsid=3432297345673744&pem=518&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=132
Frame ID: 7D083ABE0F9AC3F77139B9DEA55C25A3
Requests: 1 HTTP requests in this frame

Frame: https://view.officeapps.live.com/op/embed.aspx?src=http%3A%2F%2Fspeedyshare.com%2Fsecure%2Fuploads%2F50550%3Fshareable_link%3D33443
Frame ID: 5DB45E6E0595834B8B3BE960C7F5B3F2
Requests: 2 HTTP requests in this frame

Frame: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
Frame ID: 9F416B3CB83C340B6DA1F2E567B393A6
Requests: 50 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D905C7C5A0C604DFB34FB1F7C9479AF3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 999D57778D8CF2E6D13B70595B690757
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SpeedyShare

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

83
Requests

87 %
HTTPS

83 %
IPv6

15
Domains

19
Subdomains

19
IPs

5
Countries

2210 kB
Transfer

6115 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 21
  • http://www.google-analytics.com/collect?v=1&_v=j93&a=102980841&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSiX3ZegJz&dp=%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSiX3ZegJz&ul=en-us&de=UTF-8&dt=SpeedyShare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=&gjid=&cid=1699771244.1631274074&tid=UA-62006872-1&_gid=1052126530.1631274074&z=397793482 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j93&a=102980841&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSiX3ZegJz&dp=%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSiX3ZegJz&ul=en-us&de=UTF-8&dt=SpeedyShare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=&gjid=&cid=1699771244.1631274074&tid=UA-62006872-1&_gid=1052126530.1631274074&z=397793482

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
speedyshare.com/drive/s/ 		97 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81a5e2d4752306a9b02d3b126b26e232c9449197b3fdbe458baf2555d35bf950

Request headers

Host
speedyshare.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 10 Sep 2021 11:41:13 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6InNOZnE5UnhtR3R2ZzExZ0pha3dFZHc9PSIsInZhbHVlIjoiMEFaRzhNdC90V1JXNGw5SW9lY1BQSUhWSXJqTmVUT1B1K1ZWK1JLN0YzYjFhNnh4dVU3NGtvNWFVTVlDSmU1N0xJWGd2b09Rd25TR3JyblBiY0N6NEtxckdpcit6Kyt6aTAyY2xsY3QvbEFzTXV0NzhlMHJ4M0IwLzBDbUdYVkkiLCJtYWMiOiI1NGEzNjMwMzkwZjNmYjhiNWIzMWIzOTI3OWY5M2VhNzY4ODhjOWQzNDg5MGU0ZWNjOWYzOTY5YTRlZmExZTE3In0%3D; expires=Fri, 10-Sep-2021 13:41:12 GMT; Max-Age=7200; path=/ speedyshare_session=eyJpdiI6Im9UM1V6cFpvOWZPaW11ZEJMUTBDZ0E9PSIsInZhbHVlIjoiSmZMRllPWEt4L3dlZDFLTHN4RnJDKzhZQVgrK09XZEtYcnp6RHlLa0tIRHA1VUZuOFhyOTZ0VXR0VTVnd2JrN3JPK2ptQlFyKzZuR0hCL1JnL2pNeHl3ZzhyUHpVSWYwZTRBVDhsVzl4bEZQZU1JYjdQY01IRER1KzlnUktMUEciLCJtYWMiOiI4MTc0ZDQ2MTM3YzJjZGU2YzJjZTc4YTk5YjdlM2M5MTEzMDg1M2ZlYjA5NTQzNTBjZDNhNjg5YWIzNDE2OGUyIn0%3D; expires=Fri, 10-Sep-2021 13:41:12 GMT; Max-Age=7200; path=/; httponly
vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reFZn3%2F0zLsjJD527qi%2FDMUfwhHCQ7ep%2FSra32bB8eFHx0REadWGCvpeGMoLc84CF5qY1m8qfj80dgHhnj984rU7TTMeIQZxnmaJ3QiC2qoqlyDficAiOpxVqNrBCP%2BNbhhja1WRchYy3YqLcg8%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
68c862cb98a85c5c-FRA
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:81a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb9384f7a4fbdb141e673788b2b80d39e36b5ba956b176207ff315dfc40a8df0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 11:09:17 GMT
server
ESF
date
Fri, 10 Sep 2021 11:41:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Sep 2021 11:41:13 GMT
styles.ad79e8d05c75455030dd.css
speedyshare.com/client/ 		105 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/styles.ad79e8d05c75455030dd.css
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed321a25a5100de9b889259a32f457ac6e6987bcb3c0a1921f4295ac9858e53

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Cookie
XSRF-TOKEN=eyJpdiI6InNOZnE5UnhtR3R2ZzExZ0pha3dFZHc9PSIsInZhbHVlIjoiMEFaRzhNdC90V1JXNGw5SW9lY1BQSUhWSXJqTmVUT1B1K1ZWK1JLN0YzYjFhNnh4dVU3NGtvNWFVTVlDSmU1N0xJWGd2b09Rd25TR3JyblBiY0N6NEtxckdpcit6Kyt6aTAyY2xsY3QvbEFzTXV0NzhlMHJ4M0IwLzBDbUdYVkkiLCJtYWMiOiI1NGEzNjMwMzkwZjNmYjhiNWIzMWIzOTI3OWY5M2VhNzY4ODhjOWQzNDg5MGU0ZWNjOWYzOTY5YTRlZmExZTE3In0%3D; speedyshare_session=eyJpdiI6Im9UM1V6cFpvOWZPaW11ZEJMUTBDZ0E9PSIsInZhbHVlIjoiSmZMRllPWEt4L3dlZDFLTHN4RnJDKzhZQVgrK09XZEtYcnp6RHlLa0tIRHA1VUZuOFhyOTZ0VXR0VTVnd2JrN3JPK2ptQlFyKzZuR0hCL1JnL2pNeHl3ZzhyUHpVSWYwZTRBVDhsVzl4bEZQZU1JYjdQY01IRER1KzlnUktMUEciLCJtYWMiOiI4MTc0ZDQ2MTM3YzJjZGU2YzJjZTc4YTk5YjdlM2M5MTEzMDg1M2ZlYjA5NTQzNTBjZDNhNjg5YWIzNDE2OGUyIn0%3D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 11:41:13 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1359
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
15442
Last-Modified
Thu, 12 Nov 2020 14:21:55 GMT
Server
cloudflare
ETag
"1a2fd-5b3e9a24906c0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FdwOeIHkj8eSR3tz2Q7qwj7V7Sj%2FXadk5qoQEUg471gkI%2FTfj4Z5EoGESrAwCJUw9z7hdR0mVsDVrsXCvgunbP44FqL%2BM9%2Br1MvtvLXmtL0QB1xr832rTCrf4hZq2iOh5Q7dib3%2FRINd9t1kco%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
68c862ccab305c5c-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cedfbfa784fad02997626a083882aa3a2765c5f5909fba298d9e08b01b375de3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 11:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49407
x-xss-protection
0
server
cafe
etag
15848656404417496526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Sep 2021 11:41:13 GMT
runtime-es2015.079d2104455a7fd227c6.js
speedyshare.com/client/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/runtime-es2015.079d2104455a7fd227c6.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f123e9ef3f393e0de6b24f9ccab82d4e8ab276319ddee6a1e9349e1eba309287

Request headers

Pragma
no-cache
Origin
http://speedyshare.com
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Cookie
XSRF-TOKEN=eyJpdiI6InNOZnE5UnhtR3R2ZzExZ0pha3dFZHc9PSIsInZhbHVlIjoiMEFaRzhNdC90V1JXNGw5SW9lY1BQSUhWSXJqTmVUT1B1K1ZWK1JLN0YzYjFhNnh4dVU3NGtvNWFVTVlDSmU1N0xJWGd2b09Rd25TR3JyblBiY0N6NEtxckdpcit6Kyt6aTAyY2xsY3QvbEFzTXV0NzhlMHJ4M0IwLzBDbUdYVkkiLCJtYWMiOiI1NGEzNjMwMzkwZjNmYjhiNWIzMWIzOTI3OWY5M2VhNzY4ODhjOWQzNDg5MGU0ZWNjOWYzOTY5YTRlZmExZTE3In0%3D; speedyshare_session=eyJpdiI6Im9UM1V6cFpvOWZPaW11ZEJMUTBDZ0E9PSIsInZhbHVlIjoiSmZMRllPWEt4L3dlZDFLTHN4RnJDKzhZQVgrK09XZEtYcnp6RHlLa0tIRHA1VUZuOFhyOTZ0VXR0VTVnd2JrN3JPK2ptQlFyKzZuR0hCL1JnL2pNeHl3ZzhyUHpVSWYwZTRBVDhsVzl4bEZQZU1JYjdQY01IRER1KzlnUktMUEciLCJtYWMiOiI4MTc0ZDQ2MTM3YzJjZGU2YzJjZTc4YTk5YjdlM2M5MTEzMDg1M2ZlYjA5NTQzNTBjZDNhNjg5YWIzNDE2OGUyIn0%3D
Connection
keep-alive
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Origin
http://speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 11:41:13 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1084
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
1359
last-modified
Thu, 12 Nov 2020 14:21:55 GMT
Server
cloudflare
etag
"a04-5b3e9a24906c0-gzip"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MpCyTjDSbSa7wvgyjYgX23YdhCEEt3pSGBu0mkIBhUqQ45zD7xUu5VBAwl0XwT%2BI1TiM9NlATGIoQvPoOqEI%2FfqzKGpwdHTC7yvMSCMkw71pCzg3Mnqmc88rPvkqiVlzrYKbJEedNH2TOxeE8I%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
68c862ccbd5c2c26-FRA
polyfills-es2015.cf8a40a25e05e5019c0d.js
speedyshare.com/client/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01fbbb934342964bf4725afbfcb9c9be37fedb54237432a45717d41a1f1d9475

Request headers

Pragma
no-cache
Origin
http://speedyshare.com
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Cookie
XSRF-TOKEN=eyJpdiI6InNOZnE5UnhtR3R2ZzExZ0pha3dFZHc9PSIsInZhbHVlIjoiMEFaRzhNdC90V1JXNGw5SW9lY1BQSUhWSXJqTmVUT1B1K1ZWK1JLN0YzYjFhNnh4dVU3NGtvNWFVTVlDSmU1N0xJWGd2b09Rd25TR3JyblBiY0N6NEtxckdpcit6Kyt6aTAyY2xsY3QvbEFzTXV0NzhlMHJ4M0IwLzBDbUdYVkkiLCJtYWMiOiI1NGEzNjMwMzkwZjNmYjhiNWIzMWIzOTI3OWY5M2VhNzY4ODhjOWQzNDg5MGU0ZWNjOWYzOTY5YTRlZmExZTE3In0%3D; speedyshare_session=eyJpdiI6Im9UM1V6cFpvOWZPaW11ZEJMUTBDZ0E9PSIsInZhbHVlIjoiSmZMRllPWEt4L3dlZDFLTHN4RnJDKzhZQVgrK09XZEtYcnp6RHlLa0tIRHA1VUZuOFhyOTZ0VXR0VTVnd2JrN3JPK2ptQlFyKzZuR0hCL1JnL2pNeHl3ZzhyUHpVSWYwZTRBVDhsVzl4bEZQZU1JYjdQY01IRER1KzlnUktMUEciLCJtYWMiOiI4MTc0ZDQ2MTM3YzJjZGU2YzJjZTc4YTk5YjdlM2M5MTEzMDg1M2ZlYjA5NTQzNTBjZDNhNjg5YWIzNDE2OGUyIn0%3D
Connection
keep-alive
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Origin
http://speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 11:41:13 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
5755
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
18380
Last-Modified
Thu, 12 Nov 2020 14:21:55 GMT
Server
cloudflare
ETag
"d6ee-5b3e9a24906c0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eV7PeU9xVZn%2BPLlH1gTcbaTIZHJ0JJ3%2BJY4u5369Y0O427F4RmO4aM8iNa5A%2B1xFPB8OdSl%2B32M29ZUIAnmDbV59ZNHZVlM5ux65R%2FeHK7dKjU4JONna0H9ThPXv3apfMTxFErNl7bVoLbAg0CE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
68c862ccb8f0dfbb-FRA
main-es2015.ad03a1dd0f3781611ef9.js
speedyshare.com/client/ 		1 MB
285 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/main-es2015.ad03a1dd0f3781611ef9.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33b6505c289d57802a0ac8ef3be7193985853a2f34813011fb68f0d341281e72

Request headers

Pragma
no-cache
Origin
http://speedyshare.com
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Cookie
XSRF-TOKEN=eyJpdiI6InNOZnE5UnhtR3R2ZzExZ0pha3dFZHc9PSIsInZhbHVlIjoiMEFaRzhNdC90V1JXNGw5SW9lY1BQSUhWSXJqTmVUT1B1K1ZWK1JLN0YzYjFhNnh4dVU3NGtvNWFVTVlDSmU1N0xJWGd2b09Rd25TR3JyblBiY0N6NEtxckdpcit6Kyt6aTAyY2xsY3QvbEFzTXV0NzhlMHJ4M0IwLzBDbUdYVkkiLCJtYWMiOiI1NGEzNjMwMzkwZjNmYjhiNWIzMWIzOTI3OWY5M2VhNzY4ODhjOWQzNDg5MGU0ZWNjOWYzOTY5YTRlZmExZTE3In0%3D; speedyshare_session=eyJpdiI6Im9UM1V6cFpvOWZPaW11ZEJMUTBDZ0E9PSIsInZhbHVlIjoiSmZMRllPWEt4L3dlZDFLTHN4RnJDKzhZQVgrK09XZEtYcnp6RHlLa0tIRHA1VUZuOFhyOTZ0VXR0VTVnd2JrN3JPK2ptQlFyKzZuR0hCL1JnL2pNeHl3ZzhyUHpVSWYwZTRBVDhsVzl4bEZQZU1JYjdQY01IRER1KzlnUktMUEciLCJtYWMiOiI4MTc0ZDQ2MTM3YzJjZGU2YzJjZTc4YTk5YjdlM2M5MTEzMDg1M2ZlYjA5NTQzNTBjZDNhNjg5YWIzNDE2OGUyIn0%3D
Connection
keep-alive
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Origin
http://speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 11:41:13 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1084
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Last-Modified
Thu, 12 Nov 2020 14:21:55 GMT
Server
cloudflare
ETag
"101c50-5b3e9a24906c0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Igo%2FcfabhSQKMgFb0iTzvGZsUmC7I1G7AQuA%2BE0pZZTOtDMalzkdph5FY%2Bw7Q976Yeb0%2FrWUc4j3cCrwDqlUBkYKjqdGzrcPRx8p498L4OGueSFWmQs52g8Y3yf63hvsoR%2BmY1lBU89ZfiKydvw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
68c862ccb8bf5c8c-FRA
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:817::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5020
date
Fri, 10 Sep 2021 10:17:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 12:17:33 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 17:57:59 GMT
x-content-type-options
nosniff
age
322994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 17:57:59 GMT
/
freegeoip.app/json/ 		249 B
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freegeoip.app/json/
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:13c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fd307b5982d3254d9f60f7ce04d8fe154cf6195c3ceb519d558801df29ac31f

Request headers

Accept
application/json, text/plain, */*
Referer
http://speedyshare.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 11:41:13 GMT
content-encoding
br
vary
Origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-database-date
Wed, 25 Aug 2021 10:15:20 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
14999
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aE78Ta%2BTzAHaqgHYHKXR43f4XzMOhkvZH6KvNlOSGGmvoM4G5BQJCgQHk37C%2BDxgPGrq0HhLqKu3ntuY%2B4laOlrYmgqCRd3mewo4f3jjebBJc2%2FeTfuHrg1FB52PU18RoACTgYzhfo13tGNm"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
http://speedyshare.com
access-control-allow-credentials
true
x-ratelimit-reset
3600
x-ratelimit-limit
15000
cf-ray
68c862d13d0e5c74-FRA
7-es2015.e9e23d5f8ea9fb14cae6.js
speedyshare.com/client/ 		431 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/7-es2015.e9e23d5f8ea9fb14cae6.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/runtime-es2015.079d2104455a7fd227c6.js
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
712b9ed53864ed16b5e81f7d6d90569a6e1d5c58fdeb88a4756f70bc0e79b0fe

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Cookie
XSRF-TOKEN=eyJpdiI6InNOZnE5UnhtR3R2ZzExZ0pha3dFZHc9PSIsInZhbHVlIjoiMEFaRzhNdC90V1JXNGw5SW9lY1BQSUhWSXJqTmVUT1B1K1ZWK1JLN0YzYjFhNnh4dVU3NGtvNWFVTVlDSmU1N0xJWGd2b09Rd25TR3JyblBiY0N6NEtxckdpcit6Kyt6aTAyY2xsY3QvbEFzTXV0NzhlMHJ4M0IwLzBDbUdYVkkiLCJtYWMiOiI1NGEzNjMwMzkwZjNmYjhiNWIzMWIzOTI3OWY5M2VhNzY4ODhjOWQzNDg5MGU0ZWNjOWYzOTY5YTRlZmExZTE3In0%3D; speedyshare_session=eyJpdiI6Im9UM1V6cFpvOWZPaW11ZEJMUTBDZ0E9PSIsInZhbHVlIjoiSmZMRllPWEt4L3dlZDFLTHN4RnJDKzhZQVgrK09XZEtYcnp6RHlLa0tIRHA1VUZuOFhyOTZ0VXR0VTVnd2JrN3JPK2ptQlFyKzZuR0hCL1JnL2pNeHl3ZzhyUHpVSWYwZTRBVDhsVzl4bEZQZU1JYjdQY01IRER1KzlnUktMUEciLCJtYWMiOiI4MTc0ZDQ2MTM3YzJjZGU2YzJjZTc4YTk5YjdlM2M5MTEzMDg1M2ZlYjA5NTQzNTBjZDNhNjg5YWIzNDE2OGUyIn0%3D; theme=dark
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 11:41:13 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1084
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Last-Modified
Thu, 12 Nov 2020 14:21:49 GMT
Server
cloudflare
ETag
"6bc01-5b3e9a1ed7940-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmhZUmsFZU87g3hsF0VUsgvOJb59VYuo%2B%2BZDnOoS3BlFeO1gjlByCABn9bRvqrpEnN9GihIcGpQ5CY%2FcLC%2BYYE6hlTXTDLqELh4KwtiWGwKF7mQhoJ3Qo8fzT95YhlXh2Xep7MP3pyd3Vi9O8aM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
68c862d0eb2c5c8c-FRA
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ 		251 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b70365b09badf5fceb9effc21b9cca9d19e08b0045fc0ebcaf5765293b2518d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 11:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95420
x-xss-protection
0
server
cafe
etag
5659919450890713277
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Sep 2021 11:41:13 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/ Frame 9BE2 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:815::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210831/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://speedyshare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 09 Sep 2021 18:52:00 GMT
expires
Thu, 23 Sep 2021 18:52:00 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
60553
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
speedyshare.com/secure/drive/shareable-links/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/secure/drive/shareable-links/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz?withEntries=true
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce347b5811b83ad5b59f0953ee12ee5196ad4cdbb14cbd0b585fea39d3d29828

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
application/json, text/plain, */*
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Cookie
XSRF-TOKEN=eyJpdiI6InNOZnE5UnhtR3R2ZzExZ0pha3dFZHc9PSIsInZhbHVlIjoiMEFaRzhNdC90V1JXNGw5SW9lY1BQSUhWSXJqTmVUT1B1K1ZWK1JLN0YzYjFhNnh4dVU3NGtvNWFVTVlDSmU1N0xJWGd2b09Rd25TR3JyblBiY0N6NEtxckdpcit6Kyt6aTAyY2xsY3QvbEFzTXV0NzhlMHJ4M0IwLzBDbUdYVkkiLCJtYWMiOiI1NGEzNjMwMzkwZjNmYjhiNWIzMWIzOTI3OWY5M2VhNzY4ODhjOWQzNDg5MGU0ZWNjOWYzOTY5YTRlZmExZTE3In0%3D; speedyshare_session=eyJpdiI6Im9UM1V6cFpvOWZPaW11ZEJMUTBDZ0E9PSIsInZhbHVlIjoiSmZMRllPWEt4L3dlZDFLTHN4RnJDKzhZQVgrK09XZEtYcnp6RHlLa0tIRHA1VUZuOFhyOTZ0VXR0VTVnd2JrN3JPK2ptQlFyKzZuR0hCL1JnL2pNeHl3ZzhyUHpVSWYwZTRBVDhsVzl4bEZQZU1JYjdQY01IRER1KzlnUktMUEciLCJtYWMiOiI4MTc0ZDQ2MTM3YzJjZGU2YzJjZTc4YTk5YjdlM2M5MTEzMDg1M2ZlYjA5NTQzNTBjZDNhNjg5YWIzNDE2OGUyIn0%3D; theme=dark
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 11:41:13 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCQrtl%2FHG%2BDmBWq%2FYb%2BTGZWCmRVwgXL4AHjtwT7opOFrbCNO7SYE8jWuEvDQjHmsR3aOfrY%2BNl9gHR9xR4NgqzZpEmpKHuvsmCNj2Cl%2FRuoF703ct%2B8GnFzXTIoA%2BugZDpAXLD6Jb4M%2BZ%2BtZxKg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/json
set-cookie
XSRF-TOKEN=eyJpdiI6IlRhcEhvUklVRnJIYXkyZzhQOTlBc3c9PSIsInZhbHVlIjoiZ1pXMnp5dm1NODZMMU80emZGNy85WWxscGFNNkhnR1FWSFkvbUVCUCtPdDVXOWtTVExtcHdmUmcyeTErSWFmT0lVTUtWNUwrbGJkMFpBV2JpdUFsZ2NtcC81Wm91QXF3WVFXY3BSSTJyNVFocDQvczh1aXdrcEtaeUY0UDZjanAiLCJtYWMiOiI4YWQ2M2VjYmUyMTg1MTZmYzJjMTA5Y2ExMDViN2RiMmY1MTZmZTJmMjJmZDdlYWQwYTMyY2JlZDhiNjk2NTZjIn0%3D; expires=Fri, 10-Sep-2021 13:41:13 GMT; Max-Age=7200; path=/ speedyshare_session=eyJpdiI6IlZHR0NBYkU4cUJ6TjZyREN1NUNRUWc9PSIsInZhbHVlIjoib0wzc3F0NEh3ODNqM25NTDZSckVEakQ5cjZ0S3lEMnpTY1NGZjVxYUZtVjhVUS9td3FLeHJ5Z2lnclRkeUdJWFlnNEIwSmdjK1lNNWtoTzI5eW5qUmJxNExhYTdVclRXWVd1T1J0eFVVKzZ0QTBZNjJkeXJFNUtBWnNEV3BXYjYiLCJtYWMiOiIyMTUyZTE1ZGQyMjA5ZmNmMzkzOWU5ODgwYjM2NTMyYjUwMDI3NWYyMGE1NzIzNGRhZWVkZGUyMTc2YTY5ZmY0In0%3D; expires=Fri, 10-Sep-2021 13:41:13 GMT; Max-Age=7200; path=/; httponly
cache-control
no-cache, private
Connection
keep-alive
CF-RAY
68c862d17c935c8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:10:55 GMT
x-content-type-options
nosniff
age
577818
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Sep 2022 19:10:55 GMT
cookie.js
partner.googleadservices.com/gampad/ 		205 B
849 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=speedyshare.com&callback=_gfp_s_&client=ca-pub-7360086138245943
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.214.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mad01s26-in-f2.1e100.net
Software
cafe /
Resource Hash
2290577e68e4424c963cf210056e808e6e8cf0ae0026c9d617a53d18893a0fe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 11:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSiX3ZegJz&tn=DIV&cls=cdk-overlay-container&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Protocol
HTTP/1.1
Server
2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Sep 2021 11:41:13 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=speedyshare.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:816::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 11:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=speedyshare.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:818::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 11:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7D08 		603 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7360086138245943&output=html&adk=1812271804&adf=3025194257&lmt=1631274073&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSiX3ZegJz&ea=0&flash=0&pra=5&wgl=1&dt=1631274073768&bpp=2&bdt=733&idt=107&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3236364324816&frm=20&pv=2&ga_vid=1699771244.1631274074&ga_sid=1631274074&ga_hid=102980841&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C21066434%2C31062297%2C31062093&oid=3&pvsid=3432297345673744&pem=518&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=132
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:815::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7360086138245943&output=html&adk=1812271804&adf=3025194257&lmt=1631274073&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSiX3ZegJz&ea=0&flash=0&pra=5&wgl=1&dt=1631274073768&bpp=2&bdt=733&idt=107&shv=r20210831&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3236364324816&frm=20&pv=2&ga_vid=1699771244.1631274074&ga_sid=1631274074&ga_hid=102980841&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C21066434%2C31062297%2C31062093&oid=3&pvsid=3432297345673744&pem=518&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=132
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://speedyshare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 10 Sep 2021 11:41:13 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 10-Sep-2021 11:56:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 10 Sep 2021 11:41:13 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:817::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16ed299b472d3f09c1fecfb67a63c435bfabd6e582f5b4d6703cd7030fc6701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 11:41:13 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631100470313954"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27651
x-xss-protection
0
expires
Fri, 10 Sep 2021 11:41:13 GMT
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=102980841&t=pageview&_s=1&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSiX3ZegJz&ul=en-us&de=UTF-8&dt=SpeedyShare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1977343743&gjid=1051392410&cid=1699771244.1631274074&tid=UA-62006872-1&_gid=1052126530.1631274074&_r=1&_slc=1&z=209230472
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:817::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://speedyshare.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 11:41:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://speedyshare.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j93&a=102980841&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSiX3ZegJz&dp=%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSi...
  • https://www.google-analytics.com/collect?v=1&_v=j93&a=102980841&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSiX3ZegJz&dp=%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafS...
35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=102980841&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSiX3ZegJz&dp=%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSiX3ZegJz&ul=en-us&de=UTF-8&dt=SpeedyShare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=&gjid=&cid=1699771244.1631274074&tid=UA-62006872-1&_gid=1052126530.1631274074&z=397793482
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:817::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 22:59:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45689
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j93&a=102980841&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSiX3ZegJz&dp=%2Fdrive%2Fs%2FU0ig6ZFrQooPnZP7w1HafSiX3ZegJz&ul=en-us&de=UTF-8&dt=SpeedyShare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=&gjid=&cid=1699771244.1631274074&tid=UA-62006872-1&_gid=1052126530.1631274074&z=397793482
Non-Authoritative-Reason
HSTS
merged.svg
speedyshare.com/client/assets/icons/ 		57 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/assets/icons/merged.svg?v3
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
989567004f6e207c2fa550e55b4bca1c7d0b5be92b92f6d7bc67a8579e154244

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
application/json, text/plain, */*
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Cookie
theme=dark; _ga=GA1.2.1699771244.1631274074; _gid=GA1.2.1052126530.1631274074; _gat=1; XSRF-TOKEN=eyJpdiI6IlRhcEhvUklVRnJIYXkyZzhQOTlBc3c9PSIsInZhbHVlIjoiZ1pXMnp5dm1NODZMMU80emZGNy85WWxscGFNNkhnR1FWSFkvbUVCUCtPdDVXOWtTVExtcHdmUmcyeTErSWFmT0lVTUtWNUwrbGJkMFpBV2JpdUFsZ2NtcC81Wm91QXF3WVFXY3BSSTJyNVFocDQvczh1aXdrcEtaeUY0UDZjanAiLCJtYWMiOiI4YWQ2M2VjYmUyMTg1MTZmYzJjMTA5Y2ExMDViN2RiMmY1MTZmZTJmMjJmZDdlYWQwYTMyY2JlZDhiNjk2NTZjIn0%3D; speedyshare_session=eyJpdiI6IlZHR0NBYkU4cUJ6TjZyREN1NUNRUWc9PSIsInZhbHVlIjoib0wzc3F0NEh3ODNqM25NTDZSckVEakQ5cjZ0S3lEMnpTY1NGZjVxYUZtVjhVUS9td3FLeHJ5Z2lnclRkeUdJWFlnNEIwSmdjK1lNNWtoTzI5eW5qUmJxNExhYTdVclRXWVd1T1J0eFVVKzZ0QTBZNjJkeXJFNUtBWnNEV3BXYjYiLCJtYWMiOiIyMTUyZTE1ZGQyMjA5ZmNmMzkzOWU5ODgwYjM2NTMyYjUwMDI3NWYyMGE1NzIzNGRhZWVkZGUyMTc2YTY5ZmY0In0%3D
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 11:41:14 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1084
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Last-Modified
Thu, 12 Nov 2020 14:21:50 GMT
Server
cloudflare
ETag
W/"e33a-5b3e9a1fcbb80"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYfEquHPny1LL5wZIqloWrrbSA6Eck7GIdldN4ya4Ng4vgfqhINVLWFH99GxylNepoEXcrHcCGclfFT4HLwrKeSYLcgIs3kYa290xKriQymqcV%2BE%2B7euowqQV3hrIBimvVi339bsdGPBcFaMg%2Fo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
Cache-Control
max-age=14400
CF-RAY
68c862d27ee65c8c-FRA
embed.aspx
view.officeapps.live.com/op/ Frame 5DB4 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://view.officeapps.live.com/op/embed.aspx?src=http%3A%2F%2Fspeedyshare.com%2Fsecure%2Fuploads%2F50550%3Fshareable_link%3D33443
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/7-es2015.e9e23d5f8ea9fb14cae6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7eb4c5aa81c3b4b9ff3d8f2af37245bdb5a2d2d9e2b53e3a7c0c975372f95c2b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
view.officeapps.live.com
:scheme
https
:path
/op/embed.aspx?src=http%3A%2F%2Fspeedyshare.com%2Fsecure%2Fuploads%2F50550%3Fshareable_link%3D33443
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://speedyshare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/

Response headers

cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
set-cookie
PNL1-ARRAffinity=989bf998426bfc735c6cb1291a1601ab4f278c342673b11b1a02f5c79e772ce3;Path=/;Domain=view.officeapps.live.com; samesite=none; secure
x-correlationid
11a64402-cf3c-4ed9-a768-eb3fc5a7950c
x-officefe
AM4PEPF000069DD
x-officeversion
16.0.14423.41001
x-officecluster
PNL1
x-content-type-options
nosniff
x-officefd
AM4PEPF0000601B
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_excelslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-msedge-ref
Ref A: BA953DF44E354A4FAF55B7C1CC845CC5 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:14Z
date
Fri, 10 Sep 2021 11:41:14 GMT
logo-light.png
speedyshare.com/client/assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://speedyshare.com/client/assets/images/logo-light.png
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974a05a2c6331bff6ee67a441283ad0dcd9cdf25b84ac700fb351abfa1ddc49f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
Cookie
theme=dark; _ga=GA1.2.1699771244.1631274074; _gid=GA1.2.1052126530.1631274074; _gat=1; XSRF-TOKEN=eyJpdiI6IlRhcEhvUklVRnJIYXkyZzhQOTlBc3c9PSIsInZhbHVlIjoiZ1pXMnp5dm1NODZMMU80emZGNy85WWxscGFNNkhnR1FWSFkvbUVCUCtPdDVXOWtTVExtcHdmUmcyeTErSWFmT0lVTUtWNUwrbGJkMFpBV2JpdUFsZ2NtcC81Wm91QXF3WVFXY3BSSTJyNVFocDQvczh1aXdrcEtaeUY0UDZjanAiLCJtYWMiOiI4YWQ2M2VjYmUyMTg1MTZmYzJjMTA5Y2ExMDViN2RiMmY1MTZmZTJmMjJmZDdlYWQwYTMyY2JlZDhiNjk2NTZjIn0%3D; speedyshare_session=eyJpdiI6IlZHR0NBYkU4cUJ6TjZyREN1NUNRUWc9PSIsInZhbHVlIjoib0wzc3F0NEh3ODNqM25NTDZSckVEakQ5cjZ0S3lEMnpTY1NGZjVxYUZtVjhVUS9td3FLeHJ5Z2lnclRkeUdJWFlnNEIwSmdjK1lNNWtoTzI5eW5qUmJxNExhYTdVclRXWVd1T1J0eFVVKzZ0QTBZNjJkeXJFNUtBWnNEV3BXYjYiLCJtYWMiOiIyMTUyZTE1ZGQyMjA5ZmNmMzkzOWU5ODgwYjM2NTMyYjUwMDI3NWYyMGE1NzIzNGRhZWVkZGUyMTc2YTY5ZmY0In0%3D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/drive/s/U0ig6ZFrQooPnZP7w1HafSiX3ZegJz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 11:41:14 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
5755
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
3443
Last-Modified
Thu, 12 Nov 2020 14:21:50 GMT
Server
cloudflare
ETag
"d73-5b3e9a1fcbb80"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLBC3ua2%2BBPq29bWS1JzZUEW%2FPRBCqC6nxiGfBPFMDuno%2B0WK5wwYe9kkGRoxxk2CXXcR4mV9ghobRUKRwxiERNOksmivOf%2FSKZFJQ7lPpoNbg48j72yLdw3Dlq2xznVg4%2FFfdz5Zn6c%2F9f1FGs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
68c862d2a87fdfbb-FRA
truncated
/ Frame 5DB4 		695 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210831&st=env
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f3f352d2dabed88ad74787aad8d372b42a14fe77d3b47e5c4ce7f52fc97ea19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 11:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8549
x-xss-protection
0
PowerPointFrame.aspx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		83 KB
85 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3a50a92670c9425a60b90b45f61b762e892053438c7690d7d7cdd704260d5617
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
POST
:authority
pnl1-powerpoint.officeapps.live.com
:scheme
https
:path
/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
content-length
14
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://view.officeapps.live.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://view.officeapps.live.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://view.officeapps.live.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://view.officeapps.live.com/

Response headers

cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
expires
-1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1031&data=1031; expires=Fri, 10-Dec-2021 12:41:15 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure
x-correlationid
49ac1445-da77-4d5a-b352-269bf15f4377
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-officefe
AM4PEPF00006963
x-officeversion
16.0.14424.40504
x-officecluster
PNL1
x-content-type-options
nosniff
content-security-policy-report-only
font-src data: c1-powerpoint-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com content.lifecycle.office.net www.microsoft.com *.youtube.com s.ytimg.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com *.officeapps.live.com https:; object-src 'self' *.youtube.com s.ytimg.com https:; child-src blob: * https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /p/reportcsp.ashx
document-policy
js-profiling
x-officefd
AM4PEPF00006963
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control,2pfz=afd_wordcapacity_4_control
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control,afd_wordcapacity_4_control
x-msedge-ref
Ref A: 6409C04A19284E71A018620955F6BA0D Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:15Z
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:813::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 11:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 10 Sep 2021 11:41:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D905 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:813::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://speedyshare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Wed, 08 Sep 2021 04:26:06 GMT
expires
Thu, 08 Sep 2022 04:26:06 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198909
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 999D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7fcb1587aad6caf3a5d6bb0446b09cfe2dd0221d1e0893b95b86e50f116978cc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+9groF5Ytuf/qUuByOEdYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://speedyshare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/

Response headers

expires
Fri, 10 Sep 2021 11:41:15 GMT
date
Fri, 10 Sep 2021 11:41:15 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-+9groF5Ytuf/qUuByOEdYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
pagead2.googlesyndication.com/bg/ Frame D905 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 13:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
338964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13264
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 12:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 13:31:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 999D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210831&jk=3432297345673744&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210831&jk=3432297345673744&bg=!Tk2lTQnNAAYJpm41CaY7ACkAdvg8WnF3VIY0KWwzeS1WDRg_Za003s-tnB8Qi3N7hrmlebmlpyKB4gIAAACMUgAAAAtoAQcKAQdJn3ScdYwGhp0zes8Uv_t_i6mkWPpnoafioOxwypFa-zzpvfsjVOO1EauRBINTriegYSpwDDr2pwFzbZRdU4MjqdgFHihzhsVeEmsiLmHEarjjy99u064bTXh95Rkp8bkai7kTgsOQV7_JyJ6ha501s4NOd03AdTBzP8wter3HdKLdioa17IHEN0REt97Up1_MIp_DcY09Sy2n00XZTlkeq_QxZZWPC7Ajwdyrcb1Bk784C9eVbmAApwj7fLA6XP3JJ6bT1zOgtfAyhoTxl-h7FUX8yG7z9YpqHJZ62hBCwmE06NvcXh2NFYCj1IfTRG3kgZ2W5_mhiwcAuL-Fy3VilD4JL0mN2pkCcaUTVHhoUBKog_I1HwGqvV72gRhV6XghKw6H6Sz63nYAPVLrvfLqI0sZ2HoGNgqdTuFBBbqIB3MgJSjwY1j1o8WO-ijdCS05Moma43F3aahX9fEFCDLL4Awyjuu8PwxbItogZpn_NQkAG8nQucaKO6bBSOjHgneNyKkfLVginIykWptw4mItCEmqXV7gzm7smmmqtzJLnEhVtZ_HRDzRLP25IMRSastsZmqV4k3iHXXnttcTZYPq5NBNis_HHCeS1JVvZQRFh4RcUOj9hYdd8kNO_hvxwXUBIN7X5nkBIvEHsD9hTAnxKGC1cPokqS27Hab-nNjCen1PdlFLq7-loGlZHVks7wzOqvKiLBrklzFyRZPaEJhyVnUGAhu3oKfwB57HnYjVETXMQ5b3_DSycz9EI_Jl5y12iDxlO21ER9GEmacdVmY_FjCOvCTcGUCCKpPhj543j8gcLzFX8CaThNFcTTqc2jZy9zJkG3mWsIUXKdWsK0tcDeR-VrIVqhcXoGWx95xiKVzhf3wE6cgOpVE0QD2I1nuujwP9lYVprwvLc0w2yoCzv-okCR4wP3UAeKCawfmtSlhXBw6Ldb3KHOxj2ORu9Ke7HKVfyEcizG5OL8_ft2EfZa-98qXOxceTDw4FPU-iVbVc60D_IL5Y2XJ7uoHLadD31A9tmtTYf37C7FKS-ZD5l1G4panPIA6ojZS3g9RYBcnHOqlx9BvMjKSik-Dyvfq25E7GOLeb03SpVpV7PydUpNZ7VA7Z_ody1FgNLD80awBJzNn607XKQbN6LqkUaw9mgs_lts5rSZmapvm_J6rL4s9LCheSgnl5bOM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 11:41:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styleschromeless.css
c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/ Frame 9F41 		285 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/styleschromeless.css
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:2b5::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dee875b498ab5a091abe0451bcc9cb2b96435205a31f7aa650b2d837cae427da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
"a2601514be9ed71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
AM4PEPF00007277
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
Content-Length
34770
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
Last-Modified
Tue, 31 Aug 2021 23:15:24 GMT
X-OFFICEFD
AM4PEPF00007277
X-MSEdge-Ref
Ref A: 2A0BD3B0A5CE4BA99B5D06585972FAF3 Ref B: LON21EDGE1116 Ref C: 2021-09-04T20:13:30Z
X-UserSessionId
d99dc3e4-d358-4eed-ae4c-10e0c10a4421
Date
Fri, 10 Sep 2021 11:41:15 GMT
Content-Type
text/css
Access-Control-Allow-Origin
*
X-CorrelationId
d99dc3e4-d358-4eed-ae4c-10e0c10a4421
Accept-Ranges
bytes
Timing-Allow-Origin
*
MicrosoftAjax.js
c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/ Frame 9F41 		106 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:2b2::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
"6794977919ed71:0"
X-OfficeCluster
GEU3C
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
DU2PEPF000082E0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
Content-Length
23714
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
Last-Modified
Tue, 31 Aug 2021 17:56:03 GMT
X-OFFICEFD
DU2PEPF000082D6
X-MSEdge-Ref
Ref A: 61EC99EB9AC44274B2150AC27FB0E189 Ref B: LON21EDGE0720 Ref C: 2021-09-10T06:14:36Z
X-UserSessionId
6b9629b9-2979-4a1a-ad7d-394c732b504e
Date
Fri, 10 Sep 2021 11:41:15 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
6b9629b9-2979-4a1a-ad7d-394c732b504e
Accept-Ranges
bytes
Timing-Allow-Origin
*
powerpointintl.js
c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/1031/ Frame 9F41 		259 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/1031/powerpointintl.js
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:2b5::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7a3e860a1e6b181c2f36d76e0023221f89264c33cc266b6261bd28d8572197d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
W/"e5338f8939ed71:0"
X-OfficeCluster
PUS4
X-OfficeVersion
16.0.14419.40504
X-OfficeFE
BL6PEPF00007429
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
56576
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified
Tue, 31 Aug 2021 18:13:58 GMT
X-OFFICEFD
BL6PEPF00007429
X-MSEdge-Ref
Ref A: 2A4806775FE84E6A8B1F8549CF44B828 Ref B: LON21EDGE0811 Ref C: 2021-08-31T18:13:58Z
X-UserSessionId
ff0889d4-88fa-4296-a3c5-269d4111def0
Date
Fri, 10 Sep 2021 11:41:15 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
ff0889d4-88fa-4296-a3c5-269d4111def0
Accept-Ranges
bytes
Timing-Allow-Origin
*
BootView.js
c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/ Frame 9F41 		2 MB
456 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:2b5::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bfa951c118160b44e0b1b84a2f7ce669f3b008d8472d93c140e6aa7460e68a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"8062b281769ed71:0"
X-OfficeCluster
PIE1
X-OfficeVersion
16.0.14419.40504
X-OfficeFE
DB5PEPF0000832D
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
465966
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified
Tue, 31 Aug 2021 14:43:05 GMT
X-OFFICEFD
DB5PEPF0000832D
X-MSEdge-Ref
Ref A: 462F7CF73E474C5FB9EB0221940D7024 Ref B: LON21EDGE1120 Ref C: 2021-08-31T14:43:05Z
X-UserSessionId
6e0a252c-6b63-43f2-88a2-d40d260afe31
Date
Fri, 10 Sep 2021 11:41:15 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
6e0a252c-6b63-43f2-88a2-d40d260afe31
Accept-Ranges
bytes
Timing-Allow-Origin
*
progress.gif
c1-officeapps-15.cdn.office.net/p/s/161442440504_resources/1031/ Frame 9F41 		695 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1-officeapps-15.cdn.office.net/p/s/161442440504_resources/1031/progress.gif
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:2b2::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"7b29db2ca99ed71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
AM4PEPF00006963
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
695
Cache-Control
public,max-age=31536000
X-MSEdge-Features
tasmigration015,typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified
Tue, 31 Aug 2021 20:45:46 GMT
X-OFFICEFD
AM4PEPF000068A6
X-MSEdge-Ref
Ref A: 3F2DDA183A1342699AF332CF0382DAE7 Ref B: LON21EDGE0613 Ref C: 2021-08-31T20:48:29Z
X-UserSessionId
76505686-622a-45d3-a1ec-4ca5f474d7b4
Date
Fri, 10 Sep 2021 11:41:15 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-CorrelationId
76505686-622a-45d3-a1ec-4ca5f474d7b4
Accept-Ranges
bytes
Timing-Allow-Origin
*
prt.png
c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptResources/1031/ Frame 9F41 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptResources/1031/prt.png
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:2b5::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"5641bf8939ed71:0"
X-OfficeCluster
PIE1
X-OfficeVersion
16.0.14419.40504
X-OfficeFE
DB5PEPF0000832B
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
Content-Length
13611
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
Last-Modified
Tue, 31 Aug 2021 18:13:58 GMT
X-OFFICEFD
DB5PEPF0000832B
X-MSEdge-Ref
Ref A: 1313BAA20CFA4DE999795E25F7503590 Ref B: LON21EDGE0807 Ref C: 2021-08-31T18:13:58Z
X-UserSessionId
cc7be94e-756a-40ba-a69a-39f3da258cf8
Date
Fri, 10 Sep 2021 11:41:15 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
cc7be94e-756a-40ba-a69a-39f3da258cf8
Accept-Ranges
bytes
Timing-Allow-Origin
*
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		0
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14424.40504&waccluster=PNL1
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
X-UserSessionId
49ac1445-da77-4d5a-b352-269bf15f4377
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-BrowserUlsBeacon
[{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006024
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
6a8a631f-4cfe-4177-a161-ff7dad2fe284
x-officefd
AM4PEPF00006024
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 5018D8620EF84F79889E756DF12D89DC Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:15Z
timing-allow-origin
*
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		0
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14424.40504&waccluster=PNL1
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
X-UserSessionId
49ac1445-da77-4d5a-b352-269bf15f4377
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-BrowserUlsBeacon
[{"Index":1,"MsSinceStart":136,"Value":"https://c1-powerpoint-15.cdn.office.net:443/p/s/h57F9713B6D6D5DBA_PptResources/1031/styleschromeless.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006964
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
348dbbb6-a10d-46d3-b20b-b261dfb318e0
x-officefd
AM4PEPF00006964
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: B9AE03926AF6400CBCC18B354C133E28 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:15Z
timing-allow-origin
*
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		0
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14424.40504&waccluster=PNL1
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
X-UserSessionId
49ac1445-da77-4d5a-b352-269bf15f4377
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-BrowserUlsBeacon
[{"Index":2,"MsSinceStart":338,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F86
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice,afd_pptcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid
480f5162-dfc8-4b72-bc63-67354dfb748c
x-officefd
AM4PEPF00006F86
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 29535312E65C44EB95D9789246E9976E Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:15Z
timing-allow-origin
*
RemoteTelemetry.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		0
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteTelemetry.ashx
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
AM4PEPF00006966
x-officeversion
16.0.14424.40504
x-cache
CONFIG_NOCACHE
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
d576a1c4-4083-42ff-addd-41c90097052b
x-officecluster
PNL1
x-usersessionid
d576a1c4-4083-42ff-addd-41c90097052b
x-download-options
noopen
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
cache-control
private
x-msedge-ref
Ref A: D6E6A78AA0D9467F86409369CABA78C6 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:15Z
timing-allow-origin
*
x-officefe
AM4PEPF00006966
segoeui.woff
c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/ Frame 9F41 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/segoeui.woff
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/styleschromeless.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:2b5::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/styleschromeless.css
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-OFFICEFD
DM3PEPF00001D4A
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
DM3PEPF00013A67
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
1245
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
X-CorrelationId
675bb7ca-2573-4826-acb6-2bddf65c3aef
X-OfficeCluster
US1C
X-UserSessionId
675bb7ca-2573-4826-acb6-2bddf65c3aef
Date
Fri, 10 Sep 2021 11:41:16 GMT
Content-Type
text/html
Access-Control-Allow-Origin
*
X-MSEdge-Ref
Ref A: ED706E6FAA7F497B8B3FA6B375AE1F2F Ref B: LON21EDGE0709 Ref C: 2021-09-10T11:41:15Z
Timing-Allow-Origin
*
GetPresentationWithSlideById
pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 9F41 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetPresentationWithSlideById
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e4487e8e2cfb6f8123b1b5cb2dd7bd30b7e906b92eb7dbd7ef59adf443a8e87b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-AccessToken
1
X-UserSessionId
49ac1445-da77-4d5a-b352-269bf15f4377
Accept-Language
de-DE,de;q=0.9
X-OfficeVersion
16.0.14424.40504
X-Key
McLnq8qS8pzZPMwBT9TQW1DF8/QJYEBsYqFRp/saU5U=,637668708754227072
Content-Type
application/json; charset=UTF-8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-AccessTokenTtl
0
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006024
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
2118
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
8413acb9-de7a-4541-8bf3-fb2101dd9216
x-officefd
AM4PEPF00006024
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store
x-msedge-ref
Ref A: 68A3BDFDAA244F87A19DF6AA81BD924C Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:15Z
timing-allow-origin
*
expires
-1
2aa96d76-efd7-401d-8d39-c29ab5a1e71b
https://pnl1-powerpoint.officeapps.live.com/ Frame 9F41 		224 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://pnl1-powerpoint.officeapps.live.com/2aa96d76-efd7-401d-8d39-c29ab5a1e71b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8839a0b7ed21aeb6fe4d005e25b889f06864058b2359076672e2b825dba0d349

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
224
Content-Type
application/javascript
wl.ms.js
js.live.net/v5.0/ Frame 9F41 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.live.net/v5.0/wl.ms.js
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
23.72.19.83 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-19-83.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 11:41:16 GMT
X-MSNServer
RD0003FF1D5DC4
Last-Modified
Fri, 10 Jul 2020 18:30:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0b3b92be856d61:0"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=69439, public
X-ODWebServer
westeurope0-odwebp
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
16199
segoeui.ttf
c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/ Frame 9F41 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/segoeui.ttf
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/styleschromeless.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:2b5::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/styleschromeless.css
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-OFFICEFD
AM4PEPF000069B1
X-Powered-By
ARR/3.0
X-OfficeFE
AM4PEPF00006967
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
1245
Server
Microsoft-IIS/10.0
X-CorrelationId
0e519092-662d-4149-99fa-87bb162a8c43
X-OfficeCluster
PNL1
X-UserSessionId
0e519092-662d-4149-99fa-87bb162a8c43
Date
Fri, 10 Sep 2021 11:41:16 GMT
Content-Type
text/html
Access-Control-Allow-Origin
*
Timing-Allow-Origin
*
X-OfficeVersion
16.0.14424.40504
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=M18D%5FBG%5F1132x849%2Ejpg&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-officefd
AM4PEPF00006963
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006963
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_onenoteslice,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
92a9c3f6-4f14-497f-b84d-bc0d24a30595
x-officecluster
PNL1
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
date
Fri, 10 Sep 2021 11:41:16 GMT
cache-control
private
x-msedge-ref
Ref A: ECA7FA7BEAD344B08792915F6F6D6EF0 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=M18D%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-officefd
AM4PEPF00006964
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006964
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid
d8f26d96-00a7-4a7a-ba51-443e818f7c57
x-officecluster
PNL1
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
date
Fri, 10 Sep 2021 11:41:16 GMT
cache-control
private
x-msedge-ref
Ref A: A0DD5E28AE1F4B2FA30575690DCE7A19 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=M18D%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-officefd
AM4PEPF00006F86
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F86
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid
fb78506a-8685-4aa4-ad02-8ecebad9fcf8
x-officecluster
PNL1
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
date
Fri, 10 Sep 2021 11:41:16 GMT
cache-control
private
x-msedge-ref
Ref A: 27A3E8F73E664DB387A2EBD5889BE6B0 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=S0%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-officefd
AM4PEPF00006966
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006966
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid
1c5f7aa9-aed2-48f2-88d1-aef63d8dbc3b
x-officecluster
PNL1
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
date
Fri, 10 Sep 2021 11:41:16 GMT
cache-control
private
x-msedge-ref
Ref A: 7D071D39C50245BCBA3040A446BEFD5D Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=S0%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
da31a412d0d02b40dde6f5af57cad13ffb565939517f719cf4ed2eb3d4dd9291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006024
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4
content-length
44583
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4
x-correlationid
17092af4-2bab-4158-8a89-00d438421759
x-officefd
AM4PEPF00006024
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10S0_2_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: BEFB4EA5D1B8433A93A4197431D034FF Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:16 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=M18D%5FBG%5F1132x849%2Ejpg&waccluster=PNL1&try=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
29d50b182a7b1b5d9ab9e3c119bc139eeacfc4583bce8192085bbaaae87e757c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006963
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
17931
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
c930bd01-0c3c-4ee5-916d-2fdc2c826e3b
x-officefd
AM4PEPF00006963
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10M18D_BG_1132x849.jpg
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: F282ADFDC73E4AA59A4AB9E9C954C052 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:16 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=M18D%5F1%5F1132x849%2Epng&waccluster=PNL1&try=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
85a51339f21664c2535afd7c55c91fff1495b4f03e289b10a5bb68f2f287f7ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006024
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
3554
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice,afd_wordcapacity_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid
4622ed46-3fd8-480e-b7ae-12ca03637c19
x-officefd
AM4PEPF00006024
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10M18D_1_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 62C2F114F6EC480788552A541160B73B Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:16 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=M18D%5F2%5F1132x849%2Epng&waccluster=PNL1&try=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1c44f0da3c55a5d34168a7feb0bfbfe0b4fc4fc89a250ead9bc4509e844f7cd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006964
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
23097
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
8e1aeac4-cfe0-4d4d-b574-f1de47c75cc6
x-officefd
AM4PEPF00006964
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10M18D_2_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: AEF06D8F3163491CB41A763961C9289D Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:16 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=S0%5F1%5F1132x849%2Epng&waccluster=PNL1&try=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
31d4567790ae7abb4bb51516cc5891bb1b6c87dd1507339b9ec2dca9aa827f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F86
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
36841
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid
f4683da5-21aa-477a-b30a-9b482dafca00
x-officefd
AM4PEPF00006F86
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10S0_1_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 92E26C0AE6BD46FF9569EDC184411892 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:16 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=M18D%5F2%5F1132x849%2Epng&waccluster=PNL1&try=1
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1c44f0da3c55a5d34168a7feb0bfbfe0b4fc4fc89a250ead9bc4509e844f7cd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006966
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
23097
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
cbc02391-b6f3-4923-b1e1-633369899b7c
x-officefd
AM4PEPF00006966
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10M18D_2_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 98A6E79156B54CD8A612A89836CFAC1A Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:16 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=M18D%5F1%5F1132x849%2Epng&waccluster=PNL1&try=1
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
85a51339f21664c2535afd7c55c91fff1495b4f03e289b10a5bb68f2f287f7ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006963
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
3554
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
1f61257d-eabb-4c50-b10c-12327e0dff21
x-officefd
AM4PEPF00006963
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10M18D_1_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 6C439A7843D24A5BB08103B4AF872700 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:16 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=S0%5F1%5F1132x849%2Epng&waccluster=PNL1&try=1
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
31d4567790ae7abb4bb51516cc5891bb1b6c87dd1507339b9ec2dca9aa827f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006964
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
36841
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
37e386c9-f013-459c-b3d6-106e9c382f71
x-officefd
AM4PEPF00006964
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10S0_1_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 19E6BA3FB83E44BA8C1CC84FA5A53E75 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:16 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=S0%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
da31a412d0d02b40dde6f5af57cad13ffb565939517f719cf4ed2eb3d4dd9291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006024
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
44583
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
565ac131-3fd6-453d-9b55-93a1697c66c1
x-officefd
AM4PEPF00006024
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10S0_2_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 9520EF439A934A89A672468A6C513A7D Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:16 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=M18D%5FBG%5F1132x849%2Ejpg&waccluster=PNL1&try=1
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
29d50b182a7b1b5d9ab9e3c119bc139eeacfc4583bce8192085bbaaae87e757c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F86
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
17931
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
635d341c-843e-470c-ba41-0c08ed18939e
x-officefd
AM4PEPF00006F86
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10M18D_BG_1132x849.jpg
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: A2C6501C1DE240C18D7AE3594360F149 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:16 GMT
reader.calypso.js
c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/ Frame 9F41 		331 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/reader.calypso.js
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:2b5::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c50293e2ebb87c4e3da5f1230118a18ab9dd4eabfac4a103369d52f73dfc63df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
W/"60ef59b7779ed71:0"
X-OfficeCluster
PIE1
X-OfficeVersion
16.0.14419.40504
X-OfficeFE
DB5PEPF0000649D
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
Content-Length
68749
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
Last-Modified
Tue, 31 Aug 2021 14:51:44 GMT
X-OFFICEFD
DB5PEPF0000649D
X-MSEdge-Ref
Ref A: D9F986F341AD427898E37EC18765D0B2 Ref B: LON21EDGE0807 Ref C: 2021-08-31T14:51:44Z
X-UserSessionId
934981f0-de02-44a7-845f-b2915db68f55
Date
Fri, 10 Sep 2021 11:41:16 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
934981f0-de02-44a7-845f-b2915db68f55
Accept-Ranges
bytes
Timing-Allow-Origin
*
wacairspaceanimationlibrary.js
c1-officeapps-15.cdn.office.net/p/s/h234CAE682920AB63_App_Scripts/ Frame 9F41 		40 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-officeapps-15.cdn.office.net/p/s/h234CAE682920AB63_App_Scripts/wacairspaceanimationlibrary.js
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:2b2::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
"859ad60b69ed71:0"
X-OfficeCluster
PIE1
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
DB5PEPF0000649E
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
Content-Length
6787
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
Last-Modified
Tue, 31 Aug 2021 22:20:16 GMT
X-OFFICEFD
DB5PEPF000082E5
X-MSEdge-Ref
Ref A: 04C9588ADB9C478B81E0104A58376682 Ref B: LON21EDGE0415 Ref C: 2021-09-06T06:31:43Z
X-UserSessionId
83d08f20-9de2-4a73-bfd5-aeea8e43eca8
Date
Fri, 10 Sep 2021 11:41:16 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
83d08f20-9de2-4a73-bfd5-aeea8e43eca8
Accept-Ranges
bytes
Timing-Allow-Origin
*
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		0
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14424.40504&waccluster=PNL1
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
X-UserSessionId
49ac1445-da77-4d5a-b352-269bf15f4377
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-BrowserUlsBeacon
[{"Index":3,"MsSinceStart":1141,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006963
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
2b829bca-56f1-4d42-8ca2-51569839fdf2
x-officefd
AM4PEPF00006963
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: CEAEE8359F294EF8A9CD2D1789004E3C Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
GetSlide
pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 9F41 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
de668c59989258ba1873d9f3087ad29cc80b97701e843a0a5dd8b42662ff4417
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-AccessToken
1
X-UserSessionId
49ac1445-da77-4d5a-b352-269bf15f4377
Accept-Language
de-DE,de;q=0.9
X-OfficeVersion
16.0.14424.40504
X-Key
McLnq8qS8pzZPMwBT9TQW1DF8/QJYEBsYqFRp/saU5U=,637668708754227072
Content-Type
application/json; charset=UTF-8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-AccessTokenTtl
0
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006024
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
1734
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
7f451830-1f03-46b3-8b2d-9d662809111f
x-officefd
AM4PEPF00006024
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store
x-msedge-ref
Ref A: 63460E19F485472BBF1BDE9E83A56691 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
expires
-1
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		0
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14424.40504&waccluster=PNL1
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-AccessToken
1
X-UserSessionId
49ac1445-da77-4d5a-b352-269bf15f4377
Accept-Language
de-DE,de;q=0.9
X-OfficeVersion
16.0.14424.40504
X-Key
McLnq8qS8pzZPMwBT9TQW1DF8/QJYEBsYqFRp/saU5U=,637668708754227072
X-bULS-SuppressionETag
5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
X-xhr
1
X-AccessTokenTtl
0
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006966
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4
x-correlationid
6b593d2f-ed35-49ba-a09a-410a49dedade
x-officefd
AM4PEPF00006966
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 5E8225E68F5F4CE491B169094D04286E Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		0
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14424.40504&waccluster=PNL1
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
X-UserSessionId
49ac1445-da77-4d5a-b352-269bf15f4377
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-BrowserUlsBeacon
[{"Index":4,"MsSinceStart":1142,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006964
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid
4a534bc0-ee6e-4937-b31d-36f3ab413450
x-officefd
AM4PEPF00006964
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 76EAA7B7C0E8449AB063B66C3F28D8DE Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:16Z
timing-allow-origin
*
otelFull.min.js
c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/ Frame 9F41 		103 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/otelFull.min.js
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/BootView.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:2b5::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0
Resource Hash
36da7c3931e03ae21506b0e7a9a26573e414d4ca7bb659c7c6c8a421a79efb6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
W/"4dd665b7779ed71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14419.40504
X-OfficeFE
AM4PEPF00007277
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
28386
Cache-Control
public,max-age=31536000
Server
Microsoft-IIS/10.0
Last-Modified
Tue, 31 Aug 2021 14:51:44 GMT
X-OFFICEFD
AM4PEPF0000696B
X-UserSessionId
fa7bf4b1-a86d-4b60-a63d-a8ab69797937
X-Powered-By
ARR/3.0
Date
Fri, 10 Sep 2021 11:41:16 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
fa7bf4b1-a86d-4b60-a63d-a8ab69797937
Accept-Ranges
bytes
Timing-Allow-Origin
*
prt.png
c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptResources/1031/ Frame 9F41 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptResources/1031/prt.png
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/reader.calypso.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ec:2b5::4b36 London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"5641bf8939ed71:0"
X-OfficeCluster
PIE1
X-OfficeVersion
16.0.14419.40504
X-OfficeFE
DB5PEPF0000832B
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
Content-Length
13611
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
Last-Modified
Tue, 31 Aug 2021 18:13:58 GMT
X-OFFICEFD
DB5PEPF0000832B
X-MSEdge-Ref
Ref A: 1313BAA20CFA4DE999795E25F7503590 Ref B: LON21EDGE0807 Ref C: 2021-08-31T18:13:58Z
X-UserSessionId
cc7be94e-756a-40ba-a69a-39f3da258cf8
Date
Fri, 10 Sep 2021 11:41:16 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
cc7be94e-756a-40ba-a69a-39f3da258cf8
Accept-Ranges
bytes
Timing-Allow-Origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=M18C%5FBG%5F1132x849%2Ejpg&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b085127a669adedc8b76dd1861ea6f7e1a98a72cfdd9a29ac3551a4adeb06689
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006964
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
57252
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
3355fdd8-7465-4aa1-925b-e170d64fa5a6
x-officefd
AM4PEPF00006964
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10M18C_BG_1132x849.jpg
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: 6660D97152F74825B99FBD5C14DB08BB Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:17Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:17 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=M190%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
85a51339f21664c2535afd7c55c91fff1495b4f03e289b10a5bb68f2f287f7ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F86
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
3554
x-cache
CONFIG_NOCACHE
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid
daa37b95-c829-4ba8-9e70-88899a226b97
x-officefd
AM4PEPF00006F86
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10M190_1_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: D933AA0B09B34D9E9D69BF3B50130D65 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:17Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:17 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=M190%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
096d6273322ae2980d1bd01942d3926e68e4ac5aa651e407bd84f4b4a17bbd32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006963
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
22853
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
f0bcc120-5d70-43eb-b83b-77b0d8eb57d9
x-officefd
AM4PEPF00006963
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10M190_2_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 2EAE5BFB4660463AA82322A011F50712 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:17Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:17 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=S2%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0cf0733f806ed6175964929c167ed62b9ab8859abbf0239dca2f45304957af3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006024
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
38413
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
14fd49e0-127e-43bd-9218-43eeb8bdaba3
x-officefd
AM4PEPF00006024
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10S2_1_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 919EF2C89BFB4833B897048503652F7E Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:17Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:17 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		182 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=S2%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cee06f72d441c2957ba9f4a026ffc48a1c7cec94431ca3e87ac7d221a68d582b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006966
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
186726
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid
0aab724e-638b-4fd6-b91f-2644828e44f1
x-officefd
AM4PEPF00006966
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10S2_2_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 2F498E258A644324B20BA43203BA57B1 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:17Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:17 GMT
ping
browser.events.data.microsoft.com/ Frame 9F41 		4 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/ping
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/otelFull.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 11:41:17 GMT
Server
Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://pnl1-powerpoint.officeapps.live.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Content-Length
4
GetSlide
pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 9F41 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
544b5a76a5b51c3233c5d3597930930d8bd351e57f1b866affde3d47fe04cd31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-AccessToken
1
X-UserSessionId
49ac1445-da77-4d5a-b352-269bf15f4377
Accept-Language
de-DE,de;q=0.9
X-OfficeVersion
16.0.14424.40504
X-Key
McLnq8qS8pzZPMwBT9TQW1DF8/QJYEBsYqFRp/saU5U=,637668708754227072
Content-Type
application/json; charset=UTF-8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-AccessTokenTtl
0
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006F86
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
1634
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid
7204b101-a886-470f-9df1-042f99fae7f3
x-officefd
AM4PEPF00006F86
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store
x-msedge-ref
Ref A: CC1F83A899544D2A963D910875946846 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:17Z
timing-allow-origin
*
expires
-1
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=M18E%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
85a51339f21664c2535afd7c55c91fff1495b4f03e289b10a5bb68f2f287f7ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006024
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length
3554
x-cache
CONFIG_NOCACHE
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid
f553b757-bef4-4842-8f7c-8facc6535973
x-officefd
AM4PEPF00006024
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10M18E_1_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: F9C928747B7843A4811DAE90CB6D3785 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:17Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:17 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=M18E%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
096d6273322ae2980d1bd01942d3926e68e4ac5aa651e407bd84f4b4a17bbd32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006963
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
22853
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid
f1299eb8-6906-493d-b897-6d20ea3e5557
x-officefd
AM4PEPF00006963
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10M18E_2_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 1A4E643065D04CBC9827DEF7DCE82F56 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:17Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:17 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=S1%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fa800a1dfc4be33a03b3ee5afdc9a1a984e84dffeeda7d3c5f19236b8e582113
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006966
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
4508
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
5c6b393c-4a4b-48a8-a259-2f629daf82cf
x-officefd
AM4PEPF00006966
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10S1_1_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 39314E4F557E43748865B64569D39C81 Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:17Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:17 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 9F41 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10&usid=49ac1445%2Dda77%2D4d5a%2Db352%2D269bf15f4377&Rid=S1%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d405f43071f24294903b399662d844fa97a7b44f8e95f1c0a46cb3dbbda9343e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token_ttl=0&hid=11a64402-cf3c-4ed9-a768-eb3fc5a7950c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14424.40504
x-officefe
AM4PEPF00006964
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
52390
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid
ab89e227-4b13-4ab4-bbcc-d438d6e14b6e
x-officefd
AM4PEPF00006964
x-usersessionid
49ac1445-da77-4d5a-b352-269bf15f4377
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F50550%253Fshareable%255Flink%253D33443&access_token=1&access_token_ttl=0&z=edb683ec60837775e16a049cc2f20a52b074fed24490edc24b47468ae4090b10S1_2_1132x849.png
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 6DF8AE8FABD74392B129A6BF9971814A Ref B: AMS04EDGE1512 Ref C: 2021-09-10T11:41:17Z
timing-allow-origin
*
expires
Sat, 10 Sep 2022 11:41:17 GMT
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 9F41 		24 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.4.6&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,b664cab4b3f24a739be75b93b026749e-65c206a3-a985-48b4-8b50-36c56c3ce309-7201&upload-time=1631274079083&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161442440504_PptScripts/otelFull.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 10 Sep 2021 11:41:18 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
48
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://pnl1-powerpoint.officeapps.live.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
24

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect boolean| originAgentCluster string| bootstrapData string| GoogleAnalyticsObject function| ga object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched function| Hammer object| Prism object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__orientationchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| google_js_reporting_queue number| google_srt object| __zone_symbol__loadfalse object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| __zone_symbol__messagefalse boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| __zone_symbol__focusfalse function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_tag_data object| gaplugins object| gaData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure object| __zone_symbol__unloadfalse function| google_osd_amcb object| GoogleGcLKhOms function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

11 Cookies

Domain/Path Name / Value
speedyshare.com/ Name: theme
Value: dark
.speedyshare.com/ Name: _ga
Value: GA1.2.1699771244.1631274074
.speedyshare.com/ Name: _gid
Value: GA1.2.1052126530.1631274074
.speedyshare.com/ Name: _gat
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
speedyshare.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlRhcEhvUklVRnJIYXkyZzhQOTlBc3c9PSIsInZhbHVlIjoiZ1pXMnp5dm1NODZMMU80emZGNy85WWxscGFNNkhnR1FWSFkvbUVCUCtPdDVXOWtTVExtcHdmUmcyeTErSWFmT0lVTUtWNUwrbGJkMFpBV2JpdUFsZ2NtcC81Wm91QXF3WVFXY3BSSTJyNVFocDQvczh1aXdrcEtaeUY0UDZjanAiLCJtYWMiOiI4YWQ2M2VjYmUyMTg1MTZmYzJjMTA5Y2ExMDViN2RiMmY1MTZmZTJmMjJmZDdlYWQwYTMyY2JlZDhiNjk2NTZjIn0%3D
speedyshare.com/ Name: speedyshare_session
Value: eyJpdiI6IlZHR0NBYkU4cUJ6TjZyREN1NUNRUWc9PSIsInZhbHVlIjoib0wzc3F0NEh3ODNqM25NTDZSckVEakQ5cjZ0S3lEMnpTY1NGZjVxYUZtVjhVUS9td3FLeHJ5Z2lnclRkeUdJWFlnNEIwSmdjK1lNNWtoTzI5eW5qUmJxNExhYTdVclRXWVd1T1J0eFVVKzZ0QTBZNjJkeXJFNUtBWnNEV3BXYjYiLCJtYWMiOiIyMTUyZTE1ZGQyMjA5ZmNmMzkzOWU5ODgwYjM2NTMyYjUwMDI3NWYyMGE1NzIzNGRhZWVkZGUyMTc2YTY5ZmY0In0%3D
.speedyshare.com/ Name: __gads
Value: ID=984b1f161950dfce-222021f3e8ca001a:T=1631274073:RT=1631274073:S=ALNI_MZQdzXTpVN5VNJ7xGixVacQC0x7cA
.view.officeapps.live.com/ Name: PNL1-ARRAffinity
Value: 989bf998426bfc735c6cb1291a1601ab4f278c342673b11b1a02f5c79e772ce3
pnl1-powerpoint.officeapps.live.com/ Name: DcLcid
Value: ui=1031&data=1031
pnl1-powerpoint.officeapps.live.com/ Name: BIGipCookie
Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

2 Console Messages

Source Level URL
Text
network error URL: https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/segoeui.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://c1-powerpoint-15.cdn.office.net/p/s/h57F9713B6D6D5DBA_PptResources/1031/segoeui.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
browser.events.data.microsoft.com
c1-officeapps-15.cdn.office.net
c1-powerpoint-15.cdn.office.net
fonts.googleapis.com
fonts.gstatic.com
freegeoip.app
googleads.g.doubleclick.net
js.live.net
pagead2.googlesyndication.com
partner.googleadservices.com
pnl1-powerpoint.officeapps.live.com
speedyshare.com
tpc.googlesyndication.com
view.officeapps.live.com
www.google-analytics.com
www.google.com
www.googletagservices.com
216.58.214.162
23.72.19.83
2606:4700:3036::6815:13c8
2606:4700:3036::ac43:b7df
2620:1ec:a92::171
2a00:1450:4007:807::2002
2a00:1450:4007:80d::2004
2a00:1450:4007:810::2003
2a00:1450:4007:813::2001
2a00:1450:4007:815::2002
2a00:1450:4007:816::2002
2a00:1450:4007:817::2002
2a00:1450:4007:817::200e
2a00:1450:4007:818::2002
2a00:1450:4007:81a::200a
2a02:26f0:ec:2b2::4b36
2a02:26f0:ec:2b5::4b36
52.178.17.2
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01fbbb934342964bf4725afbfcb9c9be37fedb54237432a45717d41a1f1d9475
096d6273322ae2980d1bd01942d3926e68e4ac5aa651e407bd84f4b4a17bbd32
0cf0733f806ed6175964929c167ed62b9ab8859abbf0239dca2f45304957af3e
1c44f0da3c55a5d34168a7feb0bfbfe0b4fc4fc89a250ead9bc4509e844f7cd9
1ed321a25a5100de9b889259a32f457ac6e6987bcb3c0a1921f4295ac9858e53
2290577e68e4424c963cf210056e808e6e8cf0ae0026c9d617a53d18893a0fe4
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
29d50b182a7b1b5d9ab9e3c119bc139eeacfc4583bce8192085bbaaae87e757c
31d4567790ae7abb4bb51516cc5891bb1b6c87dd1507339b9ec2dca9aa827f48
33b6505c289d57802a0ac8ef3be7193985853a2f34813011fb68f0d341281e72
36da7c3931e03ae21506b0e7a9a26573e414d4ca7bb659c7c6c8a421a79efb6c
3a50a92670c9425a60b90b45f61b762e892053438c7690d7d7cdd704260d5617
4b70365b09badf5fceb9effc21b9cca9d19e08b0045fc0ebcaf5765293b2518d
4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
544b5a76a5b51c3233c5d3597930930d8bd351e57f1b866affde3d47fe04cd31
712b9ed53864ed16b5e81f7d6d90569a6e1d5c58fdeb88a4756f70bc0e79b0fe
7a3e860a1e6b181c2f36d76e0023221f89264c33cc266b6261bd28d8572197d0
7eb4c5aa81c3b4b9ff3d8f2af37245bdb5a2d2d9e2b53e3a7c0c975372f95c2b
7fcb1587aad6caf3a5d6bb0446b09cfe2dd0221d1e0893b95b86e50f116978cc
81a5e2d4752306a9b02d3b126b26e232c9449197b3fdbe458baf2555d35bf950
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a51339f21664c2535afd7c55c91fff1495b4f03e289b10a5bb68f2f287f7ad
8839a0b7ed21aeb6fe4d005e25b889f06864058b2359076672e2b825dba0d349
974a05a2c6331bff6ee67a441283ad0dcd9cdf25b84ac700fb351abfa1ddc49f
989567004f6e207c2fa550e55b4bca1c7d0b5be92b92f6d7bc67a8579e154244
9f3f352d2dabed88ad74787aad8d372b42a14fe77d3b47e5c4ce7f52fc97ea19
9fd307b5982d3254d9f60f7ce04d8fe154cf6195c3ceb519d558801df29ac31f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b085127a669adedc8b76dd1861ea6f7e1a98a72cfdd9a29ac3551a4adeb06689
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
bfa951c118160b44e0b1b84a2f7ce669f3b008d8472d93c140e6aa7460e68a36
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c50293e2ebb87c4e3da5f1230118a18ab9dd4eabfac4a103369d52f73dfc63df
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce347b5811b83ad5b59f0953ee12ee5196ad4cdbb14cbd0b585fea39d3d29828
cedfbfa784fad02997626a083882aa3a2765c5f5909fba298d9e08b01b375de3
cee06f72d441c2957ba9f4a026ffc48a1c7cec94431ca3e87ac7d221a68d582b
d405f43071f24294903b399662d844fa97a7b44f8e95f1c0a46cb3dbbda9343e
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
da31a412d0d02b40dde6f5af57cad13ffb565939517f719cf4ed2eb3d4dd9291
de668c59989258ba1873d9f3087ad29cc80b97701e843a0a5dd8b42662ff4417
dee875b498ab5a091abe0451bcc9cb2b96435205a31f7aa650b2d837cae427da
e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182
e16ed299b472d3f09c1fecfb67a63c435bfabd6e582f5b4d6703cd7030fc6701
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4487e8e2cfb6f8123b1b5cb2dd7bd30b7e906b92eb7dbd7ef59adf443a8e87b
e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c
eb9384f7a4fbdb141e673788b2b80d39e36b5ba956b176207ff315dfc40a8df0
f123e9ef3f393e0de6b24f9ccab82d4e8ab276319ddee6a1e9349e1eba309287
fa800a1dfc4be33a03b3ee5afdc9a1a984e84dffeeda7d3c5f19236b8e582113
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62