urlscan.io logo urlscan.io
SecurityTrails logo

speedyshare.com Open in urlscan Pro
2606:4700:3036::ac43:b7df  Public Scan

Go To Rescan Add Verdict Report
URL: http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Submission: On September 17 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 14 domains to perform 79 HTTP transactions. The main IP is 2606:4700:3036::ac43:b7df, located in United States and belongs to CLOUDFLARENET, US. The main domain is speedyshare.com.
This is the only time speedyshare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2606:4700:3036::ac43:b7df (United States)

ASN13335 (CLOUDFLARENET, US)
speedyshare.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.se
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2606:4700:3036::6815:13c8 (United States)

ASN13335 (CLOUDFLARENET, US)
freegeoip.app
2    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a01:111:f100:9001::1761:950c (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
view.officeapps.live.com
31    2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pnl1-powerpoint.officeapps.live.com
9    2a02:26f0:6c00:2bc::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c1-powerpoint-15.cdn.office.net
3    2a02:26f0:6c00:292::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c1-officeapps-15.cdn.office.net
1    104.111.237.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-183.deploy.static.akamaitechnologies.com
js.live.net
1    52.178.17.3 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Domain Requested by
31 pnl1-powerpoint.officeapps.live.com pnl1-powerpoint.officeapps.live.com
c1-powerpoint-15.cdn.office.net
c1-officeapps-15.cdn.office.net
9 c1-powerpoint-15.cdn.office.net pnl1-powerpoint.officeapps.live.com
c1-powerpoint-15.cdn.office.net
9 speedyshare.com speedyshare.com
8 pagead2.googlesyndication.com speedyshare.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 c1-officeapps-15.cdn.office.net pnl1-powerpoint.officeapps.live.com
c1-powerpoint-15.cdn.office.net
3 www.google-analytics.com speedyshare.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 browser.events.data.microsoft.com c1-powerpoint-15.cdn.office.net
1 js.live.net c1-powerpoint-15.cdn.office.net
1 view.officeapps.live.com speedyshare.com
1 www.google.com tpc.googlesyndication.com
1 freegeoip.app speedyshare.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.se pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.googleapis.com speedyshare.com
79 18

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.se
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
officeapps.live.com
DigiCert Cloud Services CA-1		 2021-04-30 -
2022-04-29		 a year crt.sh
*.cdn.office.net
Microsoft RSA TLS CA 01		 2021-01-26 -
2022-01-26		 a year crt.sh
p.sfx.ms
Microsoft RSA TLS CA 02		 2020-09-28 -
2021-09-28		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2021-08-12 -
2022-08-07		 a year crt.sh

This page contains 7 frames:

Primary Page: http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Frame ID: 42858DC332E8AD77D91C519A791E2D40
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Frame ID: 647D30A1DA413425D891CCF5EDDF8A63
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7360086138245943&output=html&adk=1812271804&adf=3025194257&lmt=1631874096&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&ea=0&flash=0&pra=5&wgl=1&dt=1631874096290&bpp=4&bdt=121&idt=102&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6002344468413&frm=20&pv=2&ga_vid=1839339404.1631874096&ga_sid=1631874096&ga_hid=368583273&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062563%2C31062312&oid=3&pvsid=2815481657063502&pem=899&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=117
Frame ID: 34C9598E92122AB8DA2CED0721FBBC2D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C8235D08910C63E27AEB1A8BBD8E84B0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EC3E02E0303EDCA6BBE890B957D82EE7
Requests: 2 HTTP requests in this frame

Frame: https://view.officeapps.live.com/op/embed.aspx?src=http%3A%2F%2Fspeedyshare.com%2Fsecure%2Fuploads%2F52527%3Fshareable_link%3D35009
Frame ID: A5B9896A646AAFEABDE2E54C688B714A
Requests: 2 HTTP requests in this frame

Frame: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
Frame ID: 8ABE771AC6565C46DDF088502DCBBB8C
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SpeedyShare

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

79
Requests

85 %
HTTPS

83 %
IPv6

14
Domains

18
Subdomains

19
IPs

3
Countries

2235 kB
Transfer

6209 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 21
  • http://www.google-analytics.com/collect?v=1&_v=j93&a=368583273&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&dp=%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&ul=en-us&de=UTF-8&dt=SpeedyShare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAhAAEABAAAAAC~&jid=&gjid=&cid=1839339404.1631874096&tid=UA-62006872-1&_gid=1995819969.1631874096&z=6855076 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j93&a=368583273&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&dp=%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&ul=en-us&de=UTF-8&dt=SpeedyShare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAhAAEABAAAAAC~&jid=&gjid=&cid=1839339404.1631874096&tid=UA-62006872-1&_gid=1995819969.1631874096&z=6855076

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request d8323YtZ483PQDflKTSY4M1kv3Dl8u
speedyshare.com/drive/s/ 		97 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5315424fd4427ce4ce94144aabe477d0cf9fddd978aae64bd883a2aaf2e68cee

Request headers

Host
speedyshare.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 17 Sep 2021 10:21:36 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6Ik5DLytjRmUrcjlRcTdsRUZndXpGRXc9PSIsInZhbHVlIjoiZ2xpKzc3SzA4cXZMekU0QkhDY1lKTGFxWW1LU2hZZFFxd1p5S1gvbnIybnVhNk5xaXhWTHdmOU16dHRzajJyZkRSNDhKOEMyL2hsSCtjbWFRR3BRZjRweFFnaFYyRmZkYmZObjBNdVB5cjVpNnZZYldSbFZURmdzWUdxNUdpdnkiLCJtYWMiOiIyNWMxOWI3ZDk5MWYxZGE4MTQwMDQ4YWQ3YTg4ZjhiZmUxMDBiMmIwMjljYzJjYmJjNWEyOTdlOGUzOWNjZjQyIn0%3D; expires=Fri, 17-Sep-2021 12:21:36 GMT; Max-Age=7200; path=/ speedyshare_session=eyJpdiI6ImpUbWVMTGVWVklXRnFyaUJ3OEZZZ3c9PSIsInZhbHVlIjoiWXAzL3dRcFR0SElhWmZ4OGw5clZEUGdHeTAvbkVVb3djVjg5c2RoaXZDZzlydGhjRUIzcDMxWE8xdGtDRW1WazdPeUg3MWlIZitCR1hEU25ReHd4RHIzeE93R0tYbkkzakRESWt2dDdsV0RMamlhLzBxWGtuNUFsaVBsVlJaMGMiLCJtYWMiOiJmOWJjZWIxNGEwM2Q5M2Y1YmJhMDZlMWQwNzlkZTA3OGNiMTk4NTQ0ZDYwZDFkM2RhODQwMjBiNDQ3NDE3ZDNjIn0%3D; expires=Fri, 17-Sep-2021 12:21:36 GMT; Max-Age=7200; path=/; httponly
vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJzM3SCB7lqASiQIZlwF2fM09wXMALCxIG7BOXhhhlR4AVD%2FnWtxXBoeuUuB0YNlbAADnG3w0sLxNTyu9lpRhhPk62oWdFRMDyxrBBqpj%2BbOgFRNsqKr26F8nx8Ebs26TYNDwdjbanMVHxLpAKw%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
69019bcc1e7142fd-FRA
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb9384f7a4fbdb141e673788b2b80d39e36b5ba956b176207ff315dfc40a8df0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 09:03:06 GMT
server
ESF
date
Fri, 17 Sep 2021 10:21:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Sep 2021 10:21:36 GMT
styles.ad79e8d05c75455030dd.css
speedyshare.com/client/ 		105 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/styles.ad79e8d05c75455030dd.css
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed321a25a5100de9b889259a32f457ac6e6987bcb3c0a1921f4295ac9858e53

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Cookie
XSRF-TOKEN=eyJpdiI6Ik5DLytjRmUrcjlRcTdsRUZndXpGRXc9PSIsInZhbHVlIjoiZ2xpKzc3SzA4cXZMekU0QkhDY1lKTGFxWW1LU2hZZFFxd1p5S1gvbnIybnVhNk5xaXhWTHdmOU16dHRzajJyZkRSNDhKOEMyL2hsSCtjbWFRR3BRZjRweFFnaFYyRmZkYmZObjBNdVB5cjVpNnZZYldSbFZURmdzWUdxNUdpdnkiLCJtYWMiOiIyNWMxOWI3ZDk5MWYxZGE4MTQwMDQ4YWQ3YTg4ZjhiZmUxMDBiMmIwMjljYzJjYmJjNWEyOTdlOGUzOWNjZjQyIn0%3D; speedyshare_session=eyJpdiI6ImpUbWVMTGVWVklXRnFyaUJ3OEZZZ3c9PSIsInZhbHVlIjoiWXAzL3dRcFR0SElhWmZ4OGw5clZEUGdHeTAvbkVVb3djVjg5c2RoaXZDZzlydGhjRUIzcDMxWE8xdGtDRW1WazdPeUg3MWlIZitCR1hEU25ReHd4RHIzeE93R0tYbkkzakRESWt2dDdsV0RMamlhLzBxWGtuNUFsaVBsVlJaMGMiLCJtYWMiOiJmOWJjZWIxNGEwM2Q5M2Y1YmJhMDZlMWQwNzlkZTA3OGNiMTk4NTQ0ZDYwZDFkM2RhODQwMjBiNDQ3NDE3ZDNjIn0%3D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 10:21:36 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
15442
last-modified
Thu, 12 Nov 2020 14:21:55 GMT
Server
cloudflare
etag
"1a2fd-5b3e9a24906c0-gzip"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdHc%2BtUsnWs%2F5wcm7gpqYWHJ8pSTezcbEJ%2B6UDjey8kZBQ5vmct9iwSN50llTfbM%2B3gQaC72K9oLu4MEHaj1TL2kU8%2B3V%2FhmrtXCm764Z%2FmE27lCdNYh%2BU0zMZIiDZGOKZNl9YqSws2lKSZW4Vc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
69019bcd38ba42fd-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0701ba86b44566898cd0b41d1ab202dbf5ab0bcba83f07898c62f5fa25d43edc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 10:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49031
x-xss-protection
0
server
cafe
etag
2350876906647372073
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 17 Sep 2021 10:21:36 GMT
runtime-es2015.079d2104455a7fd227c6.js
speedyshare.com/client/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/runtime-es2015.079d2104455a7fd227c6.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f123e9ef3f393e0de6b24f9ccab82d4e8ab276319ddee6a1e9349e1eba309287

Request headers

Pragma
no-cache
Origin
http://speedyshare.com
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Cookie
XSRF-TOKEN=eyJpdiI6Ik5DLytjRmUrcjlRcTdsRUZndXpGRXc9PSIsInZhbHVlIjoiZ2xpKzc3SzA4cXZMekU0QkhDY1lKTGFxWW1LU2hZZFFxd1p5S1gvbnIybnVhNk5xaXhWTHdmOU16dHRzajJyZkRSNDhKOEMyL2hsSCtjbWFRR3BRZjRweFFnaFYyRmZkYmZObjBNdVB5cjVpNnZZYldSbFZURmdzWUdxNUdpdnkiLCJtYWMiOiIyNWMxOWI3ZDk5MWYxZGE4MTQwMDQ4YWQ3YTg4ZjhiZmUxMDBiMmIwMjljYzJjYmJjNWEyOTdlOGUzOWNjZjQyIn0%3D; speedyshare_session=eyJpdiI6ImpUbWVMTGVWVklXRnFyaUJ3OEZZZ3c9PSIsInZhbHVlIjoiWXAzL3dRcFR0SElhWmZ4OGw5clZEUGdHeTAvbkVVb3djVjg5c2RoaXZDZzlydGhjRUIzcDMxWE8xdGtDRW1WazdPeUg3MWlIZitCR1hEU25ReHd4RHIzeE93R0tYbkkzakRESWt2dDdsV0RMamlhLzBxWGtuNUFsaVBsVlJaMGMiLCJtYWMiOiJmOWJjZWIxNGEwM2Q5M2Y1YmJhMDZlMWQwNzlkZTA3OGNiMTk4NTQ0ZDYwZDFkM2RhODQwMjBiNDQ3NDE3ZDNjIn0%3D
Connection
keep-alive
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Origin
http://speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 10:21:36 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
1359
last-modified
Thu, 12 Nov 2020 14:21:55 GMT
Server
cloudflare
etag
"a04-5b3e9a24906c0-gzip"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMB5yfIiCRjVAHRXgAhfIfGekyZtF%2FYwY5l7BnTHIgxrcB4ACYO6VoFXBkARUZTWW%2B4k1qVKpQ19UDCGyb6oJdY65feKBBVdcmI2SUy4PiI2MPA1V%2FLj89WKXQqin3l1oexGmyGlAdLa2PKnd5A%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
69019bcd3ecd4db8-FRA
polyfills-es2015.cf8a40a25e05e5019c0d.js
speedyshare.com/client/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01fbbb934342964bf4725afbfcb9c9be37fedb54237432a45717d41a1f1d9475

Request headers

Pragma
no-cache
Origin
http://speedyshare.com
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Cookie
XSRF-TOKEN=eyJpdiI6Ik5DLytjRmUrcjlRcTdsRUZndXpGRXc9PSIsInZhbHVlIjoiZ2xpKzc3SzA4cXZMekU0QkhDY1lKTGFxWW1LU2hZZFFxd1p5S1gvbnIybnVhNk5xaXhWTHdmOU16dHRzajJyZkRSNDhKOEMyL2hsSCtjbWFRR3BRZjRweFFnaFYyRmZkYmZObjBNdVB5cjVpNnZZYldSbFZURmdzWUdxNUdpdnkiLCJtYWMiOiIyNWMxOWI3ZDk5MWYxZGE4MTQwMDQ4YWQ3YTg4ZjhiZmUxMDBiMmIwMjljYzJjYmJjNWEyOTdlOGUzOWNjZjQyIn0%3D; speedyshare_session=eyJpdiI6ImpUbWVMTGVWVklXRnFyaUJ3OEZZZ3c9PSIsInZhbHVlIjoiWXAzL3dRcFR0SElhWmZ4OGw5clZEUGdHeTAvbkVVb3djVjg5c2RoaXZDZzlydGhjRUIzcDMxWE8xdGtDRW1WazdPeUg3MWlIZitCR1hEU25ReHd4RHIzeE93R0tYbkkzakRESWt2dDdsV0RMamlhLzBxWGtuNUFsaVBsVlJaMGMiLCJtYWMiOiJmOWJjZWIxNGEwM2Q5M2Y1YmJhMDZlMWQwNzlkZTA3OGNiMTk4NTQ0ZDYwZDFkM2RhODQwMjBiNDQ3NDE3ZDNjIn0%3D
Connection
keep-alive
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Origin
http://speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 10:21:36 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
18380
Last-Modified
Thu, 12 Nov 2020 14:21:55 GMT
Server
cloudflare
ETag
"d6ee-5b3e9a24906c0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ctsp2%2BqJeCK6fhd9pP43B2aQfQcTzj0rX5bK1i3OX97drZwKOrlDlSp6mnY7YQ5wBsC9EbXC1Yfpm4YxbfkOUhWrvY6VjBlwX3IQ6QyyFt8H9occVPs8wOjXw5sWYnpkLiVbughdgO3683t07HY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
69019bcd3fb34e50-FRA
main-es2015.ad03a1dd0f3781611ef9.js
speedyshare.com/client/ 		1 MB
285 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/main-es2015.ad03a1dd0f3781611ef9.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33b6505c289d57802a0ac8ef3be7193985853a2f34813011fb68f0d341281e72

Request headers

Pragma
no-cache
Origin
http://speedyshare.com
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Cookie
XSRF-TOKEN=eyJpdiI6Ik5DLytjRmUrcjlRcTdsRUZndXpGRXc9PSIsInZhbHVlIjoiZ2xpKzc3SzA4cXZMekU0QkhDY1lKTGFxWW1LU2hZZFFxd1p5S1gvbnIybnVhNk5xaXhWTHdmOU16dHRzajJyZkRSNDhKOEMyL2hsSCtjbWFRR3BRZjRweFFnaFYyRmZkYmZObjBNdVB5cjVpNnZZYldSbFZURmdzWUdxNUdpdnkiLCJtYWMiOiIyNWMxOWI3ZDk5MWYxZGE4MTQwMDQ4YWQ3YTg4ZjhiZmUxMDBiMmIwMjljYzJjYmJjNWEyOTdlOGUzOWNjZjQyIn0%3D; speedyshare_session=eyJpdiI6ImpUbWVMTGVWVklXRnFyaUJ3OEZZZ3c9PSIsInZhbHVlIjoiWXAzL3dRcFR0SElhWmZ4OGw5clZEUGdHeTAvbkVVb3djVjg5c2RoaXZDZzlydGhjRUIzcDMxWE8xdGtDRW1WazdPeUg3MWlIZitCR1hEU25ReHd4RHIzeE93R0tYbkkzakRESWt2dDdsV0RMamlhLzBxWGtuNUFsaVBsVlJaMGMiLCJtYWMiOiJmOWJjZWIxNGEwM2Q5M2Y1YmJhMDZlMWQwNzlkZTA3OGNiMTk4NTQ0ZDYwZDFkM2RhODQwMjBiNDQ3NDE3ZDNjIn0%3D
Connection
keep-alive
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Origin
http://speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 10:21:36 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 12 Nov 2020 14:21:55 GMT
Server
cloudflare
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ETag
"101c50-5b3e9a24906c0-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkavId2d6PHw%2F9X81DDfJzw2Avpb6jw4uB8qmX74MVErYGf2ObaTJGVu5J3x8LE2fUlfuBu5choldAbpTJqwibNCNLvPY%2FA1zRRoZo4%2Fy3ZA0MpmJAsWvYZ3z2NHSOB19N4fpMz8UHKD1tCdDMM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
69019bcd3a885369-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/ 		253 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62041c5f28273fd145ea7674720b00e92f34b28475ad0f794122772744a69a69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 10:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95723
x-xss-protection
0
server
cafe
etag
14017188503161131672
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 Sep 2021 10:21:36 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/ Frame 647D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210915/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://speedyshare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 16 Sep 2021 12:36:30 GMT
expires
Thu, 30 Sep 2021 12:36:30 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
cache-control
public, max-age=1209600
age
78306
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5376
date
Fri, 17 Sep 2021 08:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 17 Sep 2021 10:52:00 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 08:46:15 GMT
x-content-type-options
nosniff
age
178521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 08:46:15 GMT
cookie.js
partner.googleadservices.com/gampad/ 		205 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=speedyshare.com&callback=_gfp_s_&client=ca-pub-7360086138245943
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
ae5f40323d1e537c3b72b4f778e0c1eb9c358e5f0d2353be53aa7af8b2afccec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 10:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&tn=DIV&cls=global-spinner&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Sep 2021 10:21:36 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&tn=DIV&cls=global-spinner&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Sep 2021 10:21:36 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.se/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=speedyshare.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Sep 2021 10:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=speedyshare.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Sep 2021 10:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 34C9 		603 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7360086138245943&output=html&adk=1812271804&adf=3025194257&lmt=1631874096&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&ea=0&flash=0&pra=5&wgl=1&dt=1631874096290&bpp=4&bdt=121&idt=102&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6002344468413&frm=20&pv=2&ga_vid=1839339404.1631874096&ga_sid=1631874096&ga_hid=368583273&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062563%2C31062312&oid=3&pvsid=2815481657063502&pem=899&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=117
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7360086138245943&output=html&adk=1812271804&adf=3025194257&lmt=1631874096&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&ea=0&flash=0&pra=5&wgl=1&dt=1631874096290&bpp=4&bdt=121&idt=102&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6002344468413&frm=20&pv=2&ga_vid=1839339404.1631874096&ga_sid=1631874096&ga_hid=368583273&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062563%2C31062312&oid=3&pvsid=2815481657063502&pem=899&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=117
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://speedyshare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 17 Sep 2021 10:21:36 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 17-Sep-2021 10:36:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 17 Sep 2021 10:21:36 GMT
cache-control
private
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=368583273&t=pageview&_s=1&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&ul=en-us&de=UTF-8&dt=SpeedyShare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=170848122&gjid=2140810006&cid=1839339404.1631874096&tid=UA-62006872-1&_gid=1995819969.1631874096&_r=1&_slc=1&z=1058884855
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://speedyshare.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 10:21:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://speedyshare.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
freegeoip.app/json/ 		230 B
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freegeoip.app/json/
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:13c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0f0787d2ab42134357d6e0aea59c8a4205fbb0af21680c7860966381148b5c

Request headers

Accept
application/json, text/plain, */*
Referer
http://speedyshare.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 10:21:36 GMT
content-encoding
br
vary
Origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-database-date
Wed, 25 Aug 2021 10:15:20 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
14999
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwJddcN%2FcPjKdadn48lv2HiGiiwwwu%2BP2wWM15dzX7LMgvD8OSIVL5lqKeVg574wP0GsoaCuxRSswOcqFQvrYI4gstVzDqPsctKcCct%2Fo6e195JCAEjSWcsxUfUmvend86%2Bgfm1hzH3Q%2Favu"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
http://speedyshare.com
access-control-allow-credentials
true
x-ratelimit-reset
3600
x-ratelimit-limit
15000
cf-ray
69019bcf1c5f692d-FRA
7-es2015.e9e23d5f8ea9fb14cae6.js
speedyshare.com/client/ 		431 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/7-es2015.e9e23d5f8ea9fb14cae6.js
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/runtime-es2015.079d2104455a7fd227c6.js
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
712b9ed53864ed16b5e81f7d6d90569a6e1d5c58fdeb88a4756f70bc0e79b0fe

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Cookie
XSRF-TOKEN=eyJpdiI6Ik5DLytjRmUrcjlRcTdsRUZndXpGRXc9PSIsInZhbHVlIjoiZ2xpKzc3SzA4cXZMekU0QkhDY1lKTGFxWW1LU2hZZFFxd1p5S1gvbnIybnVhNk5xaXhWTHdmOU16dHRzajJyZkRSNDhKOEMyL2hsSCtjbWFRR3BRZjRweFFnaFYyRmZkYmZObjBNdVB5cjVpNnZZYldSbFZURmdzWUdxNUdpdnkiLCJtYWMiOiIyNWMxOWI3ZDk5MWYxZGE4MTQwMDQ4YWQ3YTg4ZjhiZmUxMDBiMmIwMjljYzJjYmJjNWEyOTdlOGUzOWNjZjQyIn0%3D; speedyshare_session=eyJpdiI6ImpUbWVMTGVWVklXRnFyaUJ3OEZZZ3c9PSIsInZhbHVlIjoiWXAzL3dRcFR0SElhWmZ4OGw5clZEUGdHeTAvbkVVb3djVjg5c2RoaXZDZzlydGhjRUIzcDMxWE8xdGtDRW1WazdPeUg3MWlIZitCR1hEU25ReHd4RHIzeE93R0tYbkkzakRESWt2dDdsV0RMamlhLzBxWGtuNUFsaVBsVlJaMGMiLCJtYWMiOiJmOWJjZWIxNGEwM2Q5M2Y1YmJhMDZlMWQwNzlkZTA3OGNiMTk4NTQ0ZDYwZDFkM2RhODQwMjBiNDQ3NDE3ZDNjIn0%3D; _ga=GA1.2.1839339404.1631874096; _gid=GA1.2.1995819969.1631874096; _gat=1; theme=dark
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 10:21:36 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Thu, 12 Nov 2020 14:21:49 GMT
Server
cloudflare
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ETag
"6bc01-5b3e9a1ed7940-gzip"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Zq9PavZDgnzn%2FfjptGrG9QE86L%2B428vPZmalQwVFgQAkBaPUItu6kiz4yxUNU5%2B%2B1dcb5jq1rozEbuipc2kz2hHR8I5wwK4Rh40%2FLGCrQZRAupO%2FrPLZRW1U9zHfLrBUvD2tefAsilQy%2BXEk0U%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
69019bcf0d855369-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 07:54:01 GMT
x-content-type-options
nosniff
age
8855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Sep 2022 07:54:01 GMT
d8323YtZ483PQDflKTSY4M1kv3Dl8u
speedyshare.com/secure/drive/shareable-links/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/secure/drive/shareable-links/d8323YtZ483PQDflKTSY4M1kv3Dl8u?withEntries=true
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c870bfbdfb3feaa97c84aa6f60ceb8a8a459e277324f61aaccc38c25e73caabc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
application/json, text/plain, */*
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Cookie
XSRF-TOKEN=eyJpdiI6Ik5DLytjRmUrcjlRcTdsRUZndXpGRXc9PSIsInZhbHVlIjoiZ2xpKzc3SzA4cXZMekU0QkhDY1lKTGFxWW1LU2hZZFFxd1p5S1gvbnIybnVhNk5xaXhWTHdmOU16dHRzajJyZkRSNDhKOEMyL2hsSCtjbWFRR3BRZjRweFFnaFYyRmZkYmZObjBNdVB5cjVpNnZZYldSbFZURmdzWUdxNUdpdnkiLCJtYWMiOiIyNWMxOWI3ZDk5MWYxZGE4MTQwMDQ4YWQ3YTg4ZjhiZmUxMDBiMmIwMjljYzJjYmJjNWEyOTdlOGUzOWNjZjQyIn0%3D; speedyshare_session=eyJpdiI6ImpUbWVMTGVWVklXRnFyaUJ3OEZZZ3c9PSIsInZhbHVlIjoiWXAzL3dRcFR0SElhWmZ4OGw5clZEUGdHeTAvbkVVb3djVjg5c2RoaXZDZzlydGhjRUIzcDMxWE8xdGtDRW1WazdPeUg3MWlIZitCR1hEU25ReHd4RHIzeE93R0tYbkkzakRESWt2dDdsV0RMamlhLzBxWGtuNUFsaVBsVlJaMGMiLCJtYWMiOiJmOWJjZWIxNGEwM2Q5M2Y1YmJhMDZlMWQwNzlkZTA3OGNiMTk4NTQ0ZDYwZDFkM2RhODQwMjBiNDQ3NDE3ZDNjIn0%3D; _ga=GA1.2.1839339404.1631874096; _gid=GA1.2.1995819969.1631874096; _gat=1; theme=dark; __gads=ID=bcc56079b4b2495e-22760cc632c90038:T=1631874096:RT=1631874096:S=ALNI_MYSulBt0Ym8anTeYDPUzqXFpKm3og
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 10:21:37 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BT6WjJ2by8A2Ix5vLS8Qa7Lnp24IiuEtwko7J0HvQsojOFsEAo1qDt2EaSy2tdy2Ii8lgv5PSlLmwpPCoRpjiYoeg10o4qRzAKNq%2BMfwjQHlZMj1ACCpbRgnKVIAwAIgB2sp7siVQIqspO0zsk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/json
set-cookie
XSRF-TOKEN=eyJpdiI6IndhMllKMXFTL2JsczNUemp1TXpJTHc9PSIsInZhbHVlIjoid29pSW02cTlEK2ExYll4MDFlU01LK0RxN2Jick5LeUlnaFEvaEwwTTdScEJ6cm5JcVRLZHVLUzBsZU1VZENYVkFzR3B1NjNGM09uR3lEeEZQVnJjQXhCZEVsZXI1RURhVmE5Vnd5ZXVka1pmUmQydE14dDRyTHpZQkNLeXhHSzYiLCJtYWMiOiJjM2Q1NDg2NmFlZmUzMGMyNTA2YjRlY2NmMzdlMjc0N2U5NTgwNzVjZjA4N2RiNDcxMjVjNWVmODlhNTRmOTdmIn0%3D; expires=Fri, 17-Sep-2021 12:21:37 GMT; Max-Age=7200; path=/ speedyshare_session=eyJpdiI6IlBnd2FkclVocjI2Vmkwc1dWZERvQ2c9PSIsInZhbHVlIjoiTnZqZkx2SXRROGlqMzh2dFpJU1M3QUVDb1h1cVdPdURNUHE4T0pFaFZzZ0V4ZFJxaFBvS0E2d21OUjFxdk5CdnB0Lzh0M0tEbjV6VnVJMXZlTzJCaDVBR2ZXQ2xJeEZnQjRhZUM3L3g1bEViT1JFVkVXWlhiZjVWRitpd2hGN0giLCJtYWMiOiI5YjlkYTQ0YTJkYWU0MWI5OWYxMjcwODY0MTkyOTZmMzFiMjQ4N2NjNDI2MjIyZWU3ZTczYzA3MjBiNjQ2NzQwIn0%3D; expires=Fri, 17-Sep-2021 12:21:37 GMT; Max-Age=7200; path=/; httponly
cache-control
no-cache, private
Connection
keep-alive
CF-RAY
69019bd1ea675369-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j93&a=368583273&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&dp=%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1...
  • https://www.google-analytics.com/collect?v=1&_v=j93&a=368583273&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&dp=%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M...
35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=368583273&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&dp=%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&ul=en-us&de=UTF-8&dt=SpeedyShare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAhAAEABAAAAAC~&jid=&gjid=&cid=1839339404.1631874096&tid=UA-62006872-1&_gid=1995819969.1631874096&z=6855076
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 13:49:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
73946
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j93&a=368583273&t=pageview&_s=2&dl=http%3A%2F%2Fspeedyshare.com%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&dp=%2Fdrive%2Fs%2Fd8323YtZ483PQDflKTSY4M1kv3Dl8u&ul=en-us&de=UTF-8&dt=SpeedyShare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAhAAEABAAAAAC~&jid=&gjid=&cid=1839339404.1631874096&tid=UA-62006872-1&_gid=1995819969.1631874096&z=6855076
Non-Authoritative-Reason
HSTS
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210915&st=env
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a04da87bf8fa5ccda9478168cce523c2ae11380852f8c26950b15ee206e4aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Sep 2021 10:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8524
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7360086138245943&plah=speedyshare.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 10:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 17 Sep 2021 10:21:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C823 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://speedyshare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 17 Sep 2021 10:18:01 GMT
expires
Sat, 17 Sep 2022 10:18:01 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
216
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame EC3E 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f7e51d9075cb296dfa10e7b4ed9af5adaff4a95cf1e13b1e66f169db17fca7be
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wLlTN8pzSUWtbPzRm1NQQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://speedyshare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 17 Sep 2021 10:21:37 GMT
date
Fri, 17 Sep 2021 10:21:37 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-wLlTN8pzSUWtbPzRm1NQQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
XcVhRkqPIT2L3eK0A2yH-xZ56-A5-6Pxm_m8s2he-Ag.js
pagead2.googlesyndication.com/bg/ Frame C823 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/XcVhRkqPIT2L3eK0A2yH-xZ56-A5-6Pxm_m8s2he-Ag.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5dc561464a8f213d8bdde2b4036c87fb1679ebe039fba3f19bf9bcb3685ef808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 07:21:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
10794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13291
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 17 Sep 2022 07:21:43 GMT
merged.svg
speedyshare.com/client/assets/icons/ 		57 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://speedyshare.com/client/assets/icons/merged.svg?v3
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/polyfills-es2015.cf8a40a25e05e5019c0d.js
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
989567004f6e207c2fa550e55b4bca1c7d0b5be92b92f6d7bc67a8579e154244

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
application/json, text/plain, */*
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Cookie
_ga=GA1.2.1839339404.1631874096; _gid=GA1.2.1995819969.1631874096; _gat=1; theme=dark; __gads=ID=bcc56079b4b2495e-22760cc632c90038:T=1631874096:RT=1631874096:S=ALNI_MYSulBt0Ym8anTeYDPUzqXFpKm3og; XSRF-TOKEN=eyJpdiI6IndhMllKMXFTL2JsczNUemp1TXpJTHc9PSIsInZhbHVlIjoid29pSW02cTlEK2ExYll4MDFlU01LK0RxN2Jick5LeUlnaFEvaEwwTTdScEJ6cm5JcVRLZHVLUzBsZU1VZENYVkFzR3B1NjNGM09uR3lEeEZQVnJjQXhCZEVsZXI1RURhVmE5Vnd5ZXVka1pmUmQydE14dDRyTHpZQkNLeXhHSzYiLCJtYWMiOiJjM2Q1NDg2NmFlZmUzMGMyNTA2YjRlY2NmMzdlMjc0N2U5NTgwNzVjZjA4N2RiNDcxMjVjNWVmODlhNTRmOTdmIn0%3D; speedyshare_session=eyJpdiI6IlBnd2FkclVocjI2Vmkwc1dWZERvQ2c9PSIsInZhbHVlIjoiTnZqZkx2SXRROGlqMzh2dFpJU1M3QUVDb1h1cVdPdURNUHE4T0pFaFZzZ0V4ZFJxaFBvS0E2d21OUjFxdk5CdnB0Lzh0M0tEbjV6VnVJMXZlTzJCaDVBR2ZXQ2xJeEZnQjRhZUM3L3g1bEViT1JFVkVXWlhiZjVWRitpd2hGN0giLCJtYWMiOiI5YjlkYTQ0YTJkYWU0MWI5OWYxMjcwODY0MTkyOTZmMzFiMjQ4N2NjNDI2MjIyZWU3ZTczYzA3MjBiNjQ2NzQwIn0%3D
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 10:21:37 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 12 Nov 2020 14:21:50 GMT
Server
cloudflare
ETag
W/"e33a-5b3e9a1fcbb80"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WN%2BGoHn9fq%2BznVNQZ8rSN4v2mllKQK5j9c0t55C6C4xm8xeoJDpqZBcZZ0vE%2B7g8B5WNPLsHOieixbGjqfKkXayjUZBbinrGtuDR%2FVOZerlkJyv1X5BmkgjpSzFQYo84hqs04OhU3mpbpUOSVH0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
69019bd2dbc65369-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
embed.aspx
view.officeapps.live.com/op/ Frame A5B9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://view.officeapps.live.com/op/embed.aspx?src=http%3A%2F%2Fspeedyshare.com%2Fsecure%2Fuploads%2F52527%3Fshareable_link%3D35009
Requested by
Host: speedyshare.com
URL: http://speedyshare.com/client/7-es2015.e9e23d5f8ea9fb14cae6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:950c Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
289675750375e32549c24efbbaf74aa8d219a85393378ec884a0d7bea8e04aff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
view.officeapps.live.com
:scheme
https
:path
/op/embed.aspx?src=http%3A%2F%2Fspeedyshare.com%2Fsecure%2Fuploads%2F52527%3Fshareable_link%3D35009
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://speedyshare.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/

Response headers

cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-correlationid
bd8586de-dab1-47b0-9103-90146c6a1c43
x-officefe
AM4PEPF000069DD
x-officeversion
16.0.14509.41021
x-officecluster
PNL1
x-content-type-options
nosniff
set-cookie
PNL1-ARRAffinity=989bf998426bfc735c6cb1291a1601ab4f278c342673b11b1a02f5c79e772ce3;Path=/;Domain=view.officeapps.live.com; samesite=none; secure
x-officefd
AM4PEPF000068A5
date
Fri, 17 Sep 2021 10:21:37 GMT
logo-light.png
speedyshare.com/client/assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://speedyshare.com/client/assets/images/logo-light.png
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b7df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974a05a2c6331bff6ee67a441283ad0dcd9cdf25b84ac700fb351abfa1ddc49f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
speedyshare.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
Cookie
_ga=GA1.2.1839339404.1631874096; _gid=GA1.2.1995819969.1631874096; _gat=1; theme=dark; __gads=ID=bcc56079b4b2495e-22760cc632c90038:T=1631874096:RT=1631874096:S=ALNI_MYSulBt0Ym8anTeYDPUzqXFpKm3og; XSRF-TOKEN=eyJpdiI6IndhMllKMXFTL2JsczNUemp1TXpJTHc9PSIsInZhbHVlIjoid29pSW02cTlEK2ExYll4MDFlU01LK0RxN2Jick5LeUlnaFEvaEwwTTdScEJ6cm5JcVRLZHVLUzBsZU1VZENYVkFzR3B1NjNGM09uR3lEeEZQVnJjQXhCZEVsZXI1RURhVmE5Vnd5ZXVka1pmUmQydE14dDRyTHpZQkNLeXhHSzYiLCJtYWMiOiJjM2Q1NDg2NmFlZmUzMGMyNTA2YjRlY2NmMzdlMjc0N2U5NTgwNzVjZjA4N2RiNDcxMjVjNWVmODlhNTRmOTdmIn0%3D; speedyshare_session=eyJpdiI6IlBnd2FkclVocjI2Vmkwc1dWZERvQ2c9PSIsInZhbHVlIjoiTnZqZkx2SXRROGlqMzh2dFpJU1M3QUVDb1h1cVdPdURNUHE4T0pFaFZzZ0V4ZFJxaFBvS0E2d21OUjFxdk5CdnB0Lzh0M0tEbjV6VnVJMXZlTzJCaDVBR2ZXQ2xJeEZnQjRhZUM3L3g1bEViT1JFVkVXWlhiZjVWRitpd2hGN0giLCJtYWMiOiI5YjlkYTQ0YTJkYWU0MWI5OWYxMjcwODY0MTkyOTZmMzFiMjQ4N2NjNDI2MjIyZWU3ZTczYzA3MjBiNjQ2NzQwIn0%3D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/drive/s/d8323YtZ483PQDflKTSY4M1kv3Dl8u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 10:21:37 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 12 Nov 2020 14:21:50 GMT
Server
cloudflare
ETag
"d73-5b3e9a1fcbb80"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLOOwdzHJEghiC5yWO6hp4tabaThE%2Fxq%2FH1Hwlo9fzOKbN3Dr%2B3zvU8a41rriHIHH4GOgFp3XkTuU4OX85jaMZF37DaJ2Tjh0dRWaAOMq2afbL6B21hWfUmIU6kmIg6NouVrJ2ALLh4O1DF4Q%2BY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
69019bd2f9d94e50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
3443
sodar
pagead2.googlesyndication.com/pagead/ Frame EC3E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210915&jk=2815481657063502&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210915&jk=2815481657063502&bg=!HxylHFjNAAaUnz4elJ87ACkAdvg8WqvM-rH0h8CTfPyzaa_OsSJGMaEi4rErYr-6E2GEheDu28-tUgIAAABaUgAAAAtoAQcKAO9WPXW73u1PjBL7vGazVfF7a8pvyapRxxthcLyHERVFe9WyaIaq2QQTTgWVC8eNeuLqiDGAiTGM-WTSKLMsrfkAuN6SsuZjMb_maFoRec-7s3euanfJ-EPcwFww0EN78xIHOsWqVyrsNmV1mPMRAwOP3JfPUy6kmArJcQ2ydz2AC8LWX7XhSgQINDj-Vtai58nau1T0i6rouky53ukyaNFaKuExwaTyNU59tX_2IhwEDhvDpObfy6RiugVp8ssSZZQsAgQDJ_c9yV1_axjnc5mXEB5OQxyhwfgEiDvIAHmX7RBevQdM_iIo-CDThUBcD5kCfX1Te6vWkbCbtMQ1uPJjAQJFx-FQyMfo9Q252wUwvfLrHWJhqiWccEynA7jES2IZNqA0XnUH616PFZuwZA4rEkGw973ufVUSUQMMKnqnZmiZZc7mSRlg3cukTeMDZsMaBDoYomfONv861Kicj8kdKhAgsvolUH0a9lYSWWoEodTIZUF2fJxwdgoO3naWK25bn0-vRgmKxm3IFoyZsULeGNE6lehtwXQSO5syT2KDHavJQvVWmPWBYWqNKu-OGfRMSi8fENAR9dA-jtSBTGAsE1vtJR6vSGKC428CBOTv454o-OU4JD-eXMoTDgQ66ERfEaPW-q-h_yQlc0_0pieL2z--cSNDUiKaQCo3QHCrZ_Un8qmamOeCntHIHSo5SbnUqWJTVWwTVk26Wh_MV70aZmVezcyCvc_jsnthJCBcQxh0uShG1PosA-n233jI5Cv94pHV3zZ1lWEDwJ6jrnu8fvsZykgVR9c3wbocVt0iMOtzgbyUgUKvU-unRQvGbhe5QmbOxMzLOgK76j07UDKVDiRq2UpRnc5VcDrXpSAaIweGwR9q_Mwa7fPqeI-uyESeoo1kFYM-RHVm4kaSE9knT8-zj2kz2uf-1b8H3UlrbC_YNO-nyipZkigSuIRnZVdzIpDq0dK3Ih9-Gyrd257Rjw57J7fzng3TCjLs8KrlpAbi6ndbRqBd4R3RWu5838amZI7h6N3wulUOeEBI3z-VUP_GKbGdT4hBr95imHr04AsIhD74jhthWdP09ZeH0_V146QY-LGDFLzrl72hF9TmgXfN-VduDswnnYsNyeEeULifhPlF-HXh0ruouUvs-8EeaHbMf90r7yTkCVazAnE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://speedyshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 10:21:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame A5B9 		695 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
PowerPointFrame.aspx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		83 KB
85 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
55b1c6c0e94c777d2788930832b09c95c9e030e43dd2a86f1be1660c8fba72fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
POST
:authority
pnl1-powerpoint.officeapps.live.com
:scheme
https
:path
/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
content-length
14
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://view.officeapps.live.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://view.officeapps.live.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://view.officeapps.live.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://view.officeapps.live.com/

Response headers

cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
expires
-1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1031&data=1031; expires=Fri, 17-Dec-2021 11:21:38 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure
x-correlationid
e0dec063-7995-4a67-988b-17c180e580ec
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-officefe
AM4PEPF00010823
x-officeversion
16.0.14510.40502
x-officecluster
PNL1
x-content-type-options
nosniff
content-security-policy-report-only
font-src data: c1-powerpoint-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com content.lifecycle.office.net www.microsoft.com *.youtube.com s.ytimg.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com *.officeapps.live.com https:; object-src 'self' *.youtube.com s.ytimg.com https:; child-src blob: * https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /p/reportcsp.ashx
document-policy
js-profiling
x-officefd
AM4PEPF00010823
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
x-msedge-ref
Ref A: EA464A6731B8482181E5A76D21C2E024 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:38Z
date
Fri, 17 Sep 2021 10:21:37 GMT
styleschromeless.css
c1-powerpoint-15.cdn.office.net/p/s/hFF37EE91B44C2841_PptResources/1031/ Frame 8ABE 		288 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/hFF37EE91B44C2841_PptResources/1031/styleschromeless.css
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b431f349aedc24eeaff95449f28ce3f82257f1f31d4193ef9c2703594a85bea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
W/"b653712cda5d71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
AM4PEPF00007277
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
Content-Length
34894
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_visioslice,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
Last-Modified
Wed, 08 Sep 2021 23:56:42 GMT
X-OFFICEFD
AM4PEPF00007277
X-MSEdge-Ref
Ref A: DCBBCEFB098342BF959317764892B5C5 Ref B: AMS04EDGE1217 Ref C: 2021-09-08T23:56:42Z
X-UserSessionId
b18f5247-6327-488c-8956-98ef415c43c2
Date
Fri, 17 Sep 2021 10:21:38 GMT
Content-Type
text/css
Access-Control-Allow-Origin
*
X-CorrelationId
b18f5247-6327-488c-8956-98ef415c43c2
Accept-Ranges
bytes
Timing-Allow-Origin
*
MicrosoftAjax.js
c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/ Frame 8ABE 		106 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:292::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
"73202a80d1a5d71:0"
X-OfficeCluster
PIE1
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
DB5PEPF0000C66A
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
23714
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified
Thu, 09 Sep 2021 23:22:04 GMT
X-OFFICEFD
DB5PEPF000082C6
X-MSEdge-Ref
Ref A: AB43D489C2DA44BC886FAE3D07A84880 Ref B: AMS04EDGE1121 Ref C: 2021-09-10T09:41:16Z
X-UserSessionId
4eb4947c-7e01-4a24-86f8-237bcfe7fac6
Date
Fri, 17 Sep 2021 10:21:38 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
4eb4947c-7e01-4a24-86f8-237bcfe7fac6
Accept-Ranges
bytes
Timing-Allow-Origin
*
powerpointintl.js
c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/1031/ Frame 8ABE 		261 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/1031/powerpointintl.js
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
464a492d3357d7785c75cd63fc7c7a6215a7df15b2967ba4c69515ff6248ce42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
W/"6f9aff43cfa6d71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
AM4PEPF00006F87
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
Content-Length
56831
Cache-Control
public,max-age=31536000
X-MSEdge-Features
tasmigration015,typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
Last-Modified
Sat, 11 Sep 2021 05:38:35 GMT
X-OFFICEFD
AM4PEPF00006F87
X-MSEdge-Ref
Ref A: 38874D4EB5EE4FE6834CDABAC1C1811D Ref B: AMS04EDGE1514 Ref C: 2021-09-11T05:38:35Z
X-UserSessionId
d71a84be-319e-4a61-99b2-c0b6e172d27c
Date
Fri, 17 Sep 2021 10:21:38 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
d71a84be-319e-4a61-99b2-c0b6e172d27c
Accept-Ranges
bytes
Timing-Allow-Origin
*
BootView.js
c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/ Frame 8ABE 		2 MB
353 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/BootView.js
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
444f2b624e483152b2db7b32630bc35dbc4897a2c8feda5c7544b80ee94f9507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
W/"ffb6e258da6d71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
AM4PEPF00006963
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
Content-Length
360174
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
Last-Modified
Fri, 10 Sep 2021 21:45:17 GMT
X-OFFICEFD
AM4PEPF00006963
X-MSEdge-Ref
Ref A: 362FD65D7CDD46FEA372B9F293FD2221 Ref B: AM3EDGE0209 Ref C: 2021-09-10T21:45:17Z
X-UserSessionId
e7f7ed68-c804-4e79-878a-3f34fd56f32b
Date
Fri, 17 Sep 2021 10:21:38 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
e7f7ed68-c804-4e79-878a-3f34fd56f32b
Accept-Ranges
bytes
Timing-Allow-Origin
*
progress.gif
c1-officeapps-15.cdn.office.net/p/s/161451040502_resources/1031/ Frame 8ABE 		695 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1-officeapps-15.cdn.office.net/p/s/161451040502_resources/1031/progress.gif
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:292::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
"64b61b2eada6d71:0"
X-OfficeCluster
GEU1C
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
AM4PEPF0000CAA8
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
Content-Length
695
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
Last-Modified
Sat, 11 Sep 2021 01:34:36 GMT
X-OFFICEFD
AM4PEPF0000D7CE
X-MSEdge-Ref
Ref A: 15353249F822470BAA6118115E908030 Ref B: AM3EDGE1017 Ref C: 2021-09-11T13:56:25Z
X-UserSessionId
e3436c19-ae30-40fc-9918-724718581b06
Date
Fri, 17 Sep 2021 10:21:38 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-CorrelationId
e3436c19-ae30-40fc-9918-724718581b06
Accept-Ranges
bytes
Timing-Allow-Origin
*
prt.png
c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptResources/1031/ Frame 8ABE 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptResources/1031/prt.png
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"da53785a77a8d71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
AM4PEPF00006F87
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
Content-Length
13611
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
Last-Modified
Mon, 13 Sep 2021 08:14:20 GMT
X-OFFICEFD
AM4PEPF00006F87
X-MSEdge-Ref
Ref A: 2B059B108A21466A924066BAC3BD5408 Ref B: AMS04EDGE1609 Ref C: 2021-09-13T08:14:20Z
X-UserSessionId
bdeaf7bb-135c-4524-9f2e-7452e9cc80ee
Date
Fri, 17 Sep 2021 10:21:38 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
bdeaf7bb-135c-4524-9f2e-7452e9cc80ee
Accept-Ranges
bytes
Timing-Allow-Origin
*
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		0
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14510.40502&waccluster=PNL1
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
X-UserSessionId
e0dec063-7995-4a67-988b-17c180e580ec
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-BrowserUlsBeacon
[{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010819
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
6b6eef5f-7eb4-4676-a394-8b119e220cfc
x-officefd
AM4PEPF00010819
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 593466454EBD46888A3B4437492885BE Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:38Z
timing-allow-origin
*
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14510.40502&waccluster=PNL1
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
X-UserSessionId
e0dec063-7995-4a67-988b-17c180e580ec
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-BrowserUlsBeacon
[{"Index":1,"MsSinceStart":85,"Value":"https://c1-powerpoint-15.cdn.office.net:443/p/s/hFF37EE91B44C2841_PptResources/1031/styleschromeless.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00006F86
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
60cad25e-9836-49b4-877e-a7ec9a97e09e
x-officefd
AM4PEPF00006F86
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 665E6ACDE14C4465A764120B8CC4C854 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:38Z
timing-allow-origin
*
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		0
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14510.40502&waccluster=PNL1
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
X-UserSessionId
e0dec063-7995-4a67-988b-17c180e580ec
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-BrowserUlsBeacon
[{"Index":2,"MsSinceStart":217,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00006967
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
1767befe-0db2-49e2-b98d-fc09b48059d3
x-officefd
AM4PEPF00006967
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: EF0B25CE899B4CFEB4AE2E31DAFF2033 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:38Z
timing-allow-origin
*
RemoteTelemetry.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteTelemetry.ashx
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officefd
AM4PEPF00010821
x-officeversion
16.0.14510.40502
x-cache
CONFIG_NOCACHE
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
aea372a2-6054-41de-84dd-aca33d10c524
x-officecluster
PNL1
x-usersessionid
aea372a2-6054-41de-84dd-aca33d10c524
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
cache-control
private
x-msedge-ref
Ref A: 32BAF784DCE14C22A386AD72D30A25B1 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:38Z
timing-allow-origin
*
x-officefe
AM4PEPF00010821
segoeui.woff
c1-powerpoint-15.cdn.office.net/p/s/hFF37EE91B44C2841_PptResources/1031/ Frame 8ABE 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/hFF37EE91B44C2841_PptResources/1031/segoeui.woff
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/hFF37EE91B44C2841_PptResources/1031/styleschromeless.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://c1-powerpoint-15.cdn.office.net/p/s/hFF37EE91B44C2841_PptResources/1031/styleschromeless.css
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-OFFICEFD
AM4PEPF00006967
X-OfficeVersion
16.0.14510.40502
X-OfficeFE
AM4PEPF00006967
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control,2pfz=afd_wordcapacity_4_control
Content-Length
1245
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control,afd_wordcapacity_4_control
X-CorrelationId
ce2ba682-9f64-4f81-a4fb-6be5d3043653
X-OfficeCluster
PNL1
X-UserSessionId
ce2ba682-9f64-4f81-a4fb-6be5d3043653
Date
Fri, 17 Sep 2021 10:21:38 GMT
Content-Type
text/html
Access-Control-Allow-Origin
*
X-MSEdge-Ref
Ref A: BA29E99AB51148F1AB23433F8D0644E0 Ref B: AM3EDGE0805 Ref C: 2021-09-17T10:21:38Z
Timing-Allow-Origin
*
GetPresentationWithSlideById
pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 8ABE 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetPresentationWithSlideById
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b2c44c4c97f28eb60a08bdb3d8ac40004d3b46abb97fddef68ad64e38ac5c2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-AccessToken
1
X-UserSessionId
e0dec063-7995-4a67-988b-17c180e580ec
Accept-Language
de-DE,de;q=0.9
X-OfficeVersion
16.0.14510.40502
X-Key
GwsihjEi0k5/uTa1a1p2Kyl0IHV3mLoP0aVTEYJXT0E=,637674708981886018
Content-Type
application/json; charset=UTF-8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-AccessTokenTtl
0
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010819
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
1917
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid
0d063dc7-1b76-4e3a-b57f-8f0379049a11
x-officefd
AM4PEPF00010819
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store
x-msedge-ref
Ref A: 56181F5B47B34A3DB1B4871DDFF275CE Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:38Z
timing-allow-origin
*
expires
-1
d6d149cc-d1b2-48d3-8d83-85d5f7a45871
https://pnl1-powerpoint.officeapps.live.com/ Frame 8ABE 		224 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://pnl1-powerpoint.officeapps.live.com/d6d149cc-d1b2-48d3-8d83-85d5f7a45871
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8839a0b7ed21aeb6fe4d005e25b889f06864058b2359076672e2b825dba0d349

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
224
Content-Type
application/javascript
segoeui.ttf
c1-powerpoint-15.cdn.office.net/p/s/hFF37EE91B44C2841_PptResources/1031/ Frame 8ABE 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/hFF37EE91B44C2841_PptResources/1031/segoeui.ttf
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/hFF37EE91B44C2841_PptResources/1031/styleschromeless.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://c1-powerpoint-15.cdn.office.net/p/s/hFF37EE91B44C2841_PptResources/1031/styleschromeless.css
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-OFFICEFD
AM4PEPF00010826
X-OfficeVersion
16.0.14510.40502
X-OfficeFE
AM4PEPF00010826
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
Content-Length
1245
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
X-CorrelationId
d85299c9-1a8c-4886-8197-e7ed3c14a429
X-OfficeCluster
PNL1
X-UserSessionId
d85299c9-1a8c-4886-8197-e7ed3c14a429
Date
Fri, 17 Sep 2021 10:21:39 GMT
Content-Type
text/html
Access-Control-Allow-Origin
*
X-MSEdge-Ref
Ref A: 5590703383114FA581473CD5D2FDC0AD Ref B: AMS04EDGE1305 Ref C: 2021-09-17T10:21:38Z
Timing-Allow-Origin
*
wl.ms.js
js.live.net/v5.0/ Frame 8ABE 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.live.net/v5.0/wl.ms.js
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/BootView.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
104.111.237.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-237-183.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 10:21:38 GMT
X-MSNServer
RD0003FF242117
Last-Modified
Fri, 10 Jul 2020 18:30:22 GMT
Server
Microsoft-IIS/10.0
ETag
"0b3b92be856d61:0"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=44656, public
X-ODWebServer
westeurope1-odwebp
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
16199
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=M15D%5FBG%5F1132x849%2Ejpg&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-officefd
AM4PEPF00010823
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010823
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid
a4d2d057-fca3-485d-bb12-690697b29d93
x-officecluster
PNL1
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
cache-control
private
x-msedge-ref
Ref A: C556F17CDEF343B19EB5C38F8258A018 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:38Z
timing-allow-origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=M15D%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-officefd
AM4PEPF00006F86
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00006F86
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
524babfe-feac-4758-a877-d6f21d5c96f8
x-officecluster
PNL1
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
cache-control
private
x-msedge-ref
Ref A: 219EBE46EAF74B989A5E95245E67BCCA Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:38Z
timing-allow-origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=M15D%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-officefd
AM4PEPF00006967
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00006967
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid
e1a64fef-6cfa-483e-b1f6-89c3555e59ea
x-officecluster
PNL1
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
cache-control
private
x-msedge-ref
Ref A: 2A24932B51F54FDD9887B97BE4A2BA89 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:38Z
timing-allow-origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		0
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=S0%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-officefd
AM4PEPF00010821
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010821
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
0
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid
24cbd742-c3e7-4e2c-b8e6-9b3e4a816b69
x-officecluster
PNL1
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
cache-control
private
x-msedge-ref
Ref A: 66CD104AE0984AA7AA03154834439C59 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:38Z
timing-allow-origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=M15D%5FBG%5F1132x849%2Ejpg&waccluster=PNL1&try=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
456291c462f36d2ff0701c4d33d85e4b7957ee498110a370d4c511e315492bd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010819
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
16660
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9M15D_BG_1132x849.jpg
x-cache
CONFIG_NOCACHE
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
69c0479c-8441-4dbc-98fd-e03c79369f50
x-officefd
AM4PEPF00010819
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: 34E8FA12776D4716B46D36B56BA4EDE8 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:38Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:38 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=M15D%5F2%5F1132x849%2Epng&waccluster=PNL1&try=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e8cf30923a6519a1739d78d57a2bf8aec931172572cb8820cb2383249d3fdc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010823
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
7534
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9M15D_2_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid
df92d76c-ce11-4ca9-81fa-75e5a8aee67b
x-officefd
AM4PEPF00010823
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 8B7E0F0D34FD42D1AE53AE0E063FC142 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:38Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:38 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=M15D%5F1%5F1132x849%2Epng&waccluster=PNL1&try=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b10c60a0502e0f3db6d5e79527e8c4749522074e5305e42a1e9815a00cd658ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00006967
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
20124
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9M15D_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid
49d67a09-3cec-4b7d-b5ee-e8738999ae52
x-officefd
AM4PEPF00006967
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 85FBF7D376394D9D948013CF5F1C7274 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:38Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:38 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		128 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=S0%5F1%5F1132x849%2Epng&waccluster=PNL1&try=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7863177a130ecd76893cce3945a8ee2d882f7e57eda4c82eb34c34d435dc40ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00006F86
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
130964
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9S0_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
a9e47c7b-e2a0-49cd-9dc5-97e2b5e133f6
x-officefd
AM4PEPF00006F86
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: CF08ACF6E2BB4CE4A8E6C1A09F80138A Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:38Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:38 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=M15D%5F2%5F1132x849%2Epng&waccluster=PNL1&try=1
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e8cf30923a6519a1739d78d57a2bf8aec931172572cb8820cb2383249d3fdc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010821
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control,2pfz=afd_wordcapacity_4
content-length
7534
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9M15D_2_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control,afd_wordcapacity_4
x-correlationid
2a70583e-ded7-41cf-8620-59eb36979b9d
x-officefd
AM4PEPF00010821
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 2EABA83D4F94480E96C1EDE1AB6BE809 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:39 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=M15D%5F1%5F1132x849%2Epng&waccluster=PNL1&try=1
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b10c60a0502e0f3db6d5e79527e8c4749522074e5305e42a1e9815a00cd658ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010823
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
20124
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9M15D_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid
45eacdc0-157f-45c9-a21e-66bb61605c11
x-officefd
AM4PEPF00010823
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: FE7FAC8B3C524448BE6F57225A1C8E81 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:39 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		128 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=S0%5F1%5F1132x849%2Epng&waccluster=PNL1&try=1
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7863177a130ecd76893cce3945a8ee2d882f7e57eda4c82eb34c34d435dc40ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010819
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length
130964
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9S0_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid
4c3c7ee8-1248-481e-8b37-d6d43c435de5
x-officefd
AM4PEPF00010819
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 769376A710A54B3082750C04EDF850AC Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:39 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=M15D%5FBG%5F1132x849%2Ejpg&waccluster=PNL1&try=1
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/BootView.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
456291c462f36d2ff0701c4d33d85e4b7957ee498110a370d4c511e315492bd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00006967
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
16660
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9M15D_BG_1132x849.jpg
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid
6dd8101e-8f39-4d93-ad47-4f71bb391067
x-officefd
AM4PEPF00006967
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
content-type
image/jpeg
cache-control
private
x-msedge-ref
Ref A: 99A0F7DDED074B6C96E985F9E3025172 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:39 GMT
reader.calypso.js
c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/ Frame 8ABE 		332 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/reader.calypso.js
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/BootView.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f6dd56e5aa95232db934cb2b51f9ed8d5bc88e719303bcf868c42b5fb0dcdb39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
W/"8593781a87a6d71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
AM4PEPF00006F86
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
Content-Length
69046
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
Last-Modified
Fri, 10 Sep 2021 21:02:02 GMT
X-OFFICEFD
AM4PEPF00006F86
X-MSEdge-Ref
Ref A: 58B1FF9E6B0D40C3A724E2B14C67E3B9 Ref B: AMS04EDGE2116 Ref C: 2021-09-10T21:02:02Z
X-UserSessionId
909d130b-40c2-4a42-9927-d0bf6a3bbf66
Date
Fri, 17 Sep 2021 10:21:39 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
909d130b-40c2-4a42-9927-d0bf6a3bbf66
Accept-Ranges
bytes
Timing-Allow-Origin
*
wacairspaceanimationlibrary.js
c1-officeapps-15.cdn.office.net/p/s/h234CAE682920AB63_App_Scripts/ Frame 8ABE 		40 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-officeapps-15.cdn.office.net/p/s/h234CAE682920AB63_App_Scripts/wacairspaceanimationlibrary.js
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/BootView.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:292::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
"9c14fba40a9d71:0"
X-OfficeCluster
PIE1
X-OfficeVersion
16.0.14510.40502
X-OfficeFE
DB5PEPF0000832B
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
Content-Length
5997
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
Last-Modified
Tue, 14 Sep 2021 08:15:49 GMT
X-OFFICEFD
DB5PEPF0000C266
X-MSEdge-Ref
Ref A: D4E36CE1507A4FA8A553CA33107A93BD Ref B: AM3EDGE0108 Ref C: 2021-09-14T22:37:05Z
X-UserSessionId
c19ed86f-4200-4679-98e3-831256c7199a
Date
Fri, 17 Sep 2021 10:21:39 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
c19ed86f-4200-4679-98e3-831256c7199a
Accept-Ranges
bytes
Timing-Allow-Origin
*
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14510.40502&waccluster=PNL1
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
X-UserSessionId
e0dec063-7995-4a67-988b-17c180e580ec
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-BrowserUlsBeacon
[{"Index":3,"MsSinceStart":862,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00006F86
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
2d6149ae-79dc-4991-b8bb-f100f9d0cc4a
x-officefd
AM4PEPF00006F86
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 8BFE67D007374430973419FE4E07131A Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
GetSlide
pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 8ABE 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3adf1d028d2c3e9a8212404f66316a2a1752c108213d1bad62377d114c3e1b84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-AccessToken
1
X-UserSessionId
e0dec063-7995-4a67-988b-17c180e580ec
Accept-Language
de-DE,de;q=0.9
X-OfficeVersion
16.0.14510.40502
X-Key
GwsihjEi0k5/uTa1a1p2Kyl0IHV3mLoP0aVTEYJXT0E=,637674708981886018
Content-Type
application/json; charset=UTF-8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-AccessTokenTtl
0
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010821
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
1955
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
x-correlationid
79d72c14-a047-40b0-90f9-270fb7d2c355
x-officefd
AM4PEPF00010821
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store
x-msedge-ref
Ref A: A1295B9DA1C743DEBFF969CB556C721A Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
expires
-1
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		0
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14510.40502&waccluster=PNL1
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-AccessToken
1
X-UserSessionId
e0dec063-7995-4a67-988b-17c180e580ec
Accept-Language
de-DE,de;q=0.9
X-OfficeVersion
16.0.14510.40502
X-Key
GwsihjEi0k5/uTa1a1p2Kyl0IHV3mLoP0aVTEYJXT0E=,637674708981886018
X-bULS-SuppressionETag
5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
X-xhr
1
X-AccessTokenTtl
0
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00006F86
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag
5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid
c78ff07f-97a4-4c30-aabf-baf8eeff25ce
x-officefd
AM4PEPF00006F86
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: BF4AE9F9348B4B7882F9B2DA9466B797 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
otelFull.min.js
c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/ Frame 8ABE 		103 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/otelFull.min.js
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/BootView.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
36da7c3931e03ae21506b0e7a9a26573e414d4ca7bb659c7c6c8a421a79efb6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/
Origin
https://pnl1-powerpoint.officeapps.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
W/"45306f1a87a6d71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
AM4PEPF00006967
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length
28386
Cache-Control
public,max-age=31536000
X-MSEdge-Features
tasmigration015,typeheadertest,afd_waccluster,afd_wordslice,afd_onenoteslice,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified
Fri, 10 Sep 2021 21:02:02 GMT
X-OFFICEFD
AM4PEPF00006967
X-MSEdge-Ref
Ref A: 697241B02961497FBB4495BABDF02214 Ref B: AMS04EDGE1609 Ref C: 2021-09-10T21:02:02Z
X-UserSessionId
c00290d9-921f-4b01-aa47-6e13a8e06166
Date
Fri, 17 Sep 2021 10:21:39 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
c00290d9-921f-4b01-aa47-6e13a8e06166
Accept-Ranges
bytes
Timing-Allow-Origin
*
RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		0
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14510.40502&waccluster=PNL1
Requested by
Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
X-UserSessionId
e0dec063-7995-4a67-988b-17c180e580ec
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-BrowserUlsBeacon
[{"Index":4,"MsSinceStart":862,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010823
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
0
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_onenoteslice,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
a635780b-c16c-4c86-8273-79cb6e0dce2b
x-officefd
AM4PEPF00010823
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:38 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: F87923CA359945A3846B03CAF9CEB45E Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
prt.png
c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptResources/1031/ Frame 8ABE 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptResources/1031/prt.png
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/reader.calypso.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bc::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"da53785a77a8d71:0"
X-OfficeCluster
PNL1
X-OfficeVersion
16.0.14424.40504
X-OfficeFE
AM4PEPF00006F87
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-MSEdge-Flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
Content-Length
13611
Cache-Control
public,max-age=31536000
X-MSEdge-Features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
Last-Modified
Mon, 13 Sep 2021 08:14:20 GMT
X-OFFICEFD
AM4PEPF00006F87
X-MSEdge-Ref
Ref A: 2B059B108A21466A924066BAC3BD5408 Ref B: AMS04EDGE1609 Ref C: 2021-09-13T08:14:20Z
X-UserSessionId
bdeaf7bb-135c-4524-9f2e-7452e9cc80ee
Date
Fri, 17 Sep 2021 10:21:39 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
bdeaf7bb-135c-4524-9f2e-7452e9cc80ee
Accept-Ranges
bytes
Timing-Allow-Origin
*
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=M160%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
28423a960a7f99b6463789ccf06e503009837af1025e2b85e53b314c0bd56f11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010819
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length
10457
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9M160_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_powerpointslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid
3ccf7fb4-16b6-47b0-aec1-bd40e63592d8
x-officefd
AM4PEPF00010819
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:39 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: C09EDECDE3CF423FBCD9AE60DE624977 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:39 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=M160%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e8cf30923a6519a1739d78d57a2bf8aec931172572cb8820cb2383249d3fdc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00006F86
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
7534
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9M160_2_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
ad77fab6-b7dc-4875-b1ed-2dfdcb74c991
x-officefd
AM4PEPF00006F86
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:39 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 9860CF5AAAB1470BB013DDD3645F9BF6 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:39 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=S2%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d6400fba4f30aa0cbc2b773c69de347c366161b52664feb528f1e679fe94268d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010821
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
46146
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9S2_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
f20f6fd3-6901-4ba2-a56d-787378d32989
x-officefd
AM4PEPF00010821
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:39 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 1C317038BFDF4A34A4E37A450A2C8C21 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:39 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		298 KB
298 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=S2%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
154f1e6176ba7702eaf16fbf97f135d4cd9a6c2a331b1c2c9287ddb7d4031c0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010823
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length
304671
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9S2_2_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid
6925e620-14be-4ecd-86c1-f281404ade41
x-officefd
AM4PEPF00010823
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:39 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 84E81EC37C444919977B4B9917C40D7F Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:39 GMT
ping
browser.events.data.microsoft.com/ Frame 8ABE 		4 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/ping
Requested by
Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161451040502_PptScripts/otelFull.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.178.17.3 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 10:21:39 GMT
Server
Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://pnl1-powerpoint.officeapps.live.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Content-Length
4
GetSlide
pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 8ABE 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide
Requested by
Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac9acada9909570a2fca63a6e8a486b9c527c2d7362e898fb41bbef03aabe24a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

haep
1
X-AccessToken
1
X-UserSessionId
e0dec063-7995-4a67-988b-17c180e580ec
Accept-Language
de-DE,de;q=0.9
X-OfficeVersion
16.0.14510.40502
X-Key
GwsihjEi0k5/uTa1a1p2Kyl0IHV3mLoP0aVTEYJXT0E=,637674708981886018
Content-Type
application/json; charset=UTF-8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
X-Requested-With
XMLHttpRequest
X-UserType
WOPI
X-xhr
1
X-AccessTokenTtl
0
X-WacCluster
PNL1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00006967
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
1650
x-cache
CONFIG_NOCACHE
pragma
no-cache
x-msedge-features
typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid
7c8b4b03-1d45-4941-bdea-1b6e8300ea54
x-officefd
AM4PEPF00006967
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:39 GMT
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store
x-msedge-ref
Ref A: 914CC06241D145719C754441D3B810E7 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
expires
-1
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=M15E%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
28423a960a7f99b6463789ccf06e503009837af1025e2b85e53b314c0bd56f11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00006F86
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control,2pfz=afd_wordcapacity_4
content-length
10457
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9M15E_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control,afd_wordcapacity_4
x-correlationid
4c3e366b-a48e-46a6-8de5-6f939de768ac
x-officefd
AM4PEPF00006F86
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:39 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 613A164C325B47C0BCA1FBEBA58E2C82 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:39 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=M15E%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e8cf30923a6519a1739d78d57a2bf8aec931172572cb8820cb2383249d3fdc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010821
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length
7534
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9M15E_2_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid
087ce00c-dd66-47a8-8b50-fcd57ce7ed2c
x-officefd
AM4PEPF00010821
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:39 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: AA298FD3EFF44DF28D7993AEEF7A8DE7 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:39 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=S1%5F1%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f92ff8276d441e58d910b07e047bae1deafc6463af6837f2cd0a89a5c5fcf53d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010823
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length
7815
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9S1_1_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid
dd28eee7-9f12-48bc-b5b7-918bf6441af1
x-officefd
AM4PEPF00010823
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:39 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 7CC3CB10E6644B169C2BF518B4822929 Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:39 GMT
imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 8ABE 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9&usid=e0dec063%2D7995%2D4a67%2D988b%2D17c180e580ec&Rid=S1%5F2%5F1132x849%2Epng&waccluster=PNL1&try=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
72c86da2cedd6da4437b1ace5f4b5ad9666fbeca50abcbd74db74e364fcb21ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token_ttl=0&hid=bd8586de-dab1-47b0-9103-90146c6a1c43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
PNL1
x-officeversion
16.0.14510.40502
x-officefe
AM4PEPF00010819
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition
attachment
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length
60232
etag
WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttp%253A%252F%252Fspeedyshare%252Ecom%253A80%252Fsecure%252Fuploads%252F52527%253Fshareable%255Flink%253D35009&access_token=1&access_token_ttl=0&z=001f6bf6d93f022d66e4dfcbad515ce39db62bc16f6082f26e90556d7cad3fb9S1_2_1132x849.png
x-cache
CONFIG_NOCACHE
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid
3a28e8f6-e185-475b-9f14-73aca4e887e6
x-officefd
AM4PEPF00010819
x-usersessionid
e0dec063-7995-4a67-988b-17c180e580ec
date
Fri, 17 Sep 2021 10:21:39 GMT
x-download-options
noopen
content-type
image/png
cache-control
private
x-msedge-ref
Ref A: 03D7F89683FF463DB1A96AE5807161DC Ref B: AMS04EDGE2111 Ref C: 2021-09-17T10:21:39Z
timing-allow-origin
*
expires
Sat, 17 Sep 2022 10:21:39 GMT

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| bootstrapData string| GoogleAnalyticsObject function| ga object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests object| __zone_symbol__messagefalse function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages object| __zone_symbol__loadfalse object| __zone_symbol__resizefalse object| google_tag_data object| gaplugins object| gaData function| Hammer object| Prism object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__orientationchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__focusfalse object| GoogleGcLKhOms function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

11 Cookies

Domain/Path Name / Value
.speedyshare.com/ Name: _ga
Value: GA1.2.1839339404.1631874096
.speedyshare.com/ Name: _gid
Value: GA1.2.1995819969.1631874096
.speedyshare.com/ Name: _gat
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
speedyshare.com/ Name: theme
Value: dark
.speedyshare.com/ Name: __gads
Value: ID=bcc56079b4b2495e-22760cc632c90038:T=1631874096:RT=1631874096:S=ALNI_MYSulBt0Ym8anTeYDPUzqXFpKm3og
speedyshare.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IndhMllKMXFTL2JsczNUemp1TXpJTHc9PSIsInZhbHVlIjoid29pSW02cTlEK2ExYll4MDFlU01LK0RxN2Jick5LeUlnaFEvaEwwTTdScEJ6cm5JcVRLZHVLUzBsZU1VZENYVkFzR3B1NjNGM09uR3lEeEZQVnJjQXhCZEVsZXI1RURhVmE5Vnd5ZXVka1pmUmQydE14dDRyTHpZQkNLeXhHSzYiLCJtYWMiOiJjM2Q1NDg2NmFlZmUzMGMyNTA2YjRlY2NmMzdlMjc0N2U5NTgwNzVjZjA4N2RiNDcxMjVjNWVmODlhNTRmOTdmIn0%3D
speedyshare.com/ Name: speedyshare_session
Value: eyJpdiI6IlBnd2FkclVocjI2Vmkwc1dWZERvQ2c9PSIsInZhbHVlIjoiTnZqZkx2SXRROGlqMzh2dFpJU1M3QUVDb1h1cVdPdURNUHE4T0pFaFZzZ0V4ZFJxaFBvS0E2d21OUjFxdk5CdnB0Lzh0M0tEbjV6VnVJMXZlTzJCaDVBR2ZXQ2xJeEZnQjRhZUM3L3g1bEViT1JFVkVXWlhiZjVWRitpd2hGN0giLCJtYWMiOiI5YjlkYTQ0YTJkYWU0MWI5OWYxMjcwODY0MTkyOTZmMzFiMjQ4N2NjNDI2MjIyZWU3ZTczYzA3MjBiNjQ2NzQwIn0%3D
.view.officeapps.live.com/ Name: PNL1-ARRAffinity
Value: 989bf998426bfc735c6cb1291a1601ab4f278c342673b11b1a02f5c79e772ce3
pnl1-powerpoint.officeapps.live.com/ Name: DcLcid
Value: ui=1031&data=1031
pnl1-powerpoint.officeapps.live.com/ Name: BIGipCookie
Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

2 Console Messages

Source Level URL
Text
network error URL: https://c1-powerpoint-15.cdn.office.net/p/s/hFF37EE91B44C2841_PptResources/1031/segoeui.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://c1-powerpoint-15.cdn.office.net/p/s/hFF37EE91B44C2841_PptResources/1031/segoeui.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.se
browser.events.data.microsoft.com
c1-officeapps-15.cdn.office.net
c1-powerpoint-15.cdn.office.net
fonts.googleapis.com
fonts.gstatic.com
freegeoip.app
googleads.g.doubleclick.net
js.live.net
pagead2.googlesyndication.com
partner.googleadservices.com
pnl1-powerpoint.officeapps.live.com
speedyshare.com
tpc.googlesyndication.com
view.officeapps.live.com
www.google-analytics.com
www.google.com
104.111.237.183
172.217.23.98
2606:4700:3036::6815:13c8
2606:4700:3036::ac43:b7df
2620:1ec:a92::171
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:831::200a
2a01:111:f100:9001::1761:950c
2a02:26f0:6c00:292::4b36
2a02:26f0:6c00:2bc::4b36
52.178.17.3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01fbbb934342964bf4725afbfcb9c9be37fedb54237432a45717d41a1f1d9475
0701ba86b44566898cd0b41d1ab202dbf5ab0bcba83f07898c62f5fa25d43edc
154f1e6176ba7702eaf16fbf97f135d4cd9a6c2a331b1c2c9287ddb7d4031c0e
1ed321a25a5100de9b889259a32f457ac6e6987bcb3c0a1921f4295ac9858e53
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
28423a960a7f99b6463789ccf06e503009837af1025e2b85e53b314c0bd56f11
289675750375e32549c24efbbaf74aa8d219a85393378ec884a0d7bea8e04aff
2d0f0787d2ab42134357d6e0aea59c8a4205fbb0af21680c7860966381148b5c
33b6505c289d57802a0ac8ef3be7193985853a2f34813011fb68f0d341281e72
36da7c3931e03ae21506b0e7a9a26573e414d4ca7bb659c7c6c8a421a79efb6c
3adf1d028d2c3e9a8212404f66316a2a1752c108213d1bad62377d114c3e1b84
444f2b624e483152b2db7b32630bc35dbc4897a2c8feda5c7544b80ee94f9507
456291c462f36d2ff0701c4d33d85e4b7957ee498110a370d4c511e315492bd5
464a492d3357d7785c75cd63fc7c7a6215a7df15b2967ba4c69515ff6248ce42
4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5315424fd4427ce4ce94144aabe477d0cf9fddd978aae64bd883a2aaf2e68cee
55b1c6c0e94c777d2788930832b09c95c9e030e43dd2a86f1be1660c8fba72fd
5dc561464a8f213d8bdde2b4036c87fb1679ebe039fba3f19bf9bcb3685ef808
62041c5f28273fd145ea7674720b00e92f34b28475ad0f794122772744a69a69
712b9ed53864ed16b5e81f7d6d90569a6e1d5c58fdeb88a4756f70bc0e79b0fe
72c86da2cedd6da4437b1ace5f4b5ad9666fbeca50abcbd74db74e364fcb21ad
7863177a130ecd76893cce3945a8ee2d882f7e57eda4c82eb34c34d435dc40ea
7a04da87bf8fa5ccda9478168cce523c2ae11380852f8c26950b15ee206e4aed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8839a0b7ed21aeb6fe4d005e25b889f06864058b2359076672e2b825dba0d349
974a05a2c6331bff6ee67a441283ad0dcd9cdf25b84ac700fb351abfa1ddc49f
989567004f6e207c2fa550e55b4bca1c7d0b5be92b92f6d7bc67a8579e154244
9e8cf30923a6519a1739d78d57a2bf8aec931172572cb8820cb2383249d3fdc6
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ac9acada9909570a2fca63a6e8a486b9c527c2d7362e898fb41bbef03aabe24a
ae5f40323d1e537c3b72b4f778e0c1eb9c358e5f0d2353be53aa7af8b2afccec
b10c60a0502e0f3db6d5e79527e8c4749522074e5305e42a1e9815a00cd658ad
b2c44c4c97f28eb60a08bdb3d8ac40004d3b46abb97fddef68ad64e38ac5c2b9
b431f349aedc24eeaff95449f28ce3f82257f1f31d4193ef9c2703594a85bea9
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c870bfbdfb3feaa97c84aa6f60ceb8a8a459e277324f61aaccc38c25e73caabc
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6400fba4f30aa0cbc2b773c69de347c366161b52664feb528f1e679fe94268d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c
eb9384f7a4fbdb141e673788b2b80d39e36b5ba956b176207ff315dfc40a8df0
f123e9ef3f393e0de6b24f9ccab82d4e8ab276319ddee6a1e9349e1eba309287
f6dd56e5aa95232db934cb2b51f9ed8d5bc88e719303bcf868c42b5fb0dcdb39
f7e51d9075cb296dfa10e7b4ed9af5adaff4a95cf1e13b1e66f169db17fca7be
f92ff8276d441e58d910b07e047bae1deafc6463af6837f2cd0a89a5c5fcf53d
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62