linderlake.com Open in urlscan Pro
200.225.41.249 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://linderlake.com/
Effective URL:
https://linderlake.com/
Submission: On November 14 via manual (November 14th 2022, 9:10:01 pm UTC) from US — Scanned from DE

Summary HTTP 124 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 13 domains to perform 124 HTTP transactions. The main IP is 200.225.41.249, located in El Segundo, United States and belongs to IMH-IAD, US. The main domain is linderlake.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 27th 2022. Valid for: 3 months.

This is the only time linderlake.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 59	200.225.41.249 200.225.41.249	54641 (IMH-IAD) (IMH-IAD)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	13.107.43.13 13.107.43.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:683d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2a02:26f0:350... 2a02:26f0:3500:586::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:480... 2a02:26f0:480:294::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.205.236.6 23.205.236.6	16625 (AKAMAI-AS) (AKAMAI-AS)
1	20.189.173.7 20.189.173.7	() ()
124	19

59 200.225.41.249 (El Segundo, United States) 1 redirects

ASN54641 (IMH-IAD, US)
PTR: vps78879.inmotionhosting.com

linderlake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:3500:c::5c7b:683d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

res-1.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

powerpoint.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:3500:586::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1-powerpoint-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:294::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1-officeapps-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.236.6 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-236-6.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.189.173.7 (None, )

ASN- ()

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	linderlake.com 1 redirects linderlake.com	5 MB
20	office.net res-1.cdn.office.net — Cisco Umbrella Rank: 442 c1-powerpoint-15.cdn.office.net — Cisco Umbrella Rank: 4731 c1-officeapps-15.cdn.office.net — Cisco Umbrella Rank: 2603	1 MB
18	live.com 1 redirects onedrive.live.com — Cisco Umbrella Rank: 1796 powerpoint.officeapps.live.com — Cisco Umbrella Rank: 10279 c.live.com — Cisco Umbrella Rank: 9408	546 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	463 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	41 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	147 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5922	655 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
1	microsoft.com browser.events.data.microsoft.com	379 B
1	live.net js.live.net — Cisco Umbrella Rank: 4945	16 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 241	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	3 KB
124	13

	Domain	Requested by
59	linderlake.com	1 redirects linderlake.com
15	powerpoint.officeapps.live.com	onedrive.live.com powerpoint.officeapps.live.com c1-powerpoint-15.cdn.office.net
11	c1-powerpoint-15.cdn.office.net	powerpoint.officeapps.live.com c1-powerpoint-15.cdn.office.net onedrive.live.com
7	res-1.cdn.office.net	onedrive.live.com
6	www.google.com	linderlake.com www.gstatic.com www.google.com
5	fonts.gstatic.com	fonts.googleapis.com linderlake.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	www.googletagmanager.com	linderlake.com www.googletagmanager.com
2	c.live.com	1 redirects
2	c1-officeapps-15.cdn.office.net	powerpoint.officeapps.live.com c1-powerpoint-15.cdn.office.net
2	www.google.de	linderlake.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	browser.events.data.microsoft.com	c1-powerpoint-15.cdn.office.net
1	js.live.net	c1-powerpoint-15.cdn.office.net
1	c.bing.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	onedrive.live.com	linderlake.com
1	fonts.googleapis.com	linderlake.com
124	19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
inertiagroup.com

Subject Issuer	Validity	Valid
linderlake.com cPanel, Inc. Certification Authority	`2022-10-27` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
onedrive.com Microsoft Azure TLS Issuing CA 05	`2022-11-09` - `2023-11-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.res.outlook.com DigiCert SHA2 Secure Server CA	`2022-08-23` - `2023-08-23`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2022-04-19` - `2023-04-18`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2022-08-12` - `2023-08-12`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 06	`2022-09-08` - `2023-09-03`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://linderlake.com/
Frame ID: AD749D962B012578A7DBD0FFCA8C8409
Requests: 75 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=4CCC5E76527E7303&resid=4CCC5E76527E7303%21118&authkey=AFpdkaIiWVd-6WM&em=2
Frame ID: B8EFB3EBB2B7B441AA8B81089A1047C3
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcLAcEZAAAAAHc31n9n4d3na7bYB_PzRtk0uPOD&co=aHR0cHM6Ly9saW5kZXJsYWtlLmNvbTo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=y862lflw2szl
Frame ID: D9E24393E2DCBBF4025D315E085EE246
Requests: 8 HTTP requests in this frame

Frame: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem
Frame ID: 4242B4B840C2DBF01946BD71C324FDF3
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Linderlake Corporation Right of Way Services

Page URL History Show full URLs

http://linderlake.com/ HTTP 301
https://linderlake.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

124
Requests

98 %
HTTPS

74 %
IPv6

13
Domains

19
Subdomains

19
IPs

4
Countries

7099 kB
Transfer

11160 kB
Size

13
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/LinderlakeCorp/?ref=aymt_homepage_panel
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Linderlake1
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/linderlake-corporation?trk=tyah&trkInfo=clickedVertical%3Acompany%2CclickedEntityId%3A2376835%2Cidx%3A1-1-1%2CtarId%3A1453326377972%2Ctas%3Alinderlake
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://inertiagroup.com/
Title: The Inertia Group

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://linderlake.com/ HTTP 301
https://linderlake.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://c.live.com/c.gif?DI=15347&wlxid=c40d8c10-5322-4125-bd19-05261681efa5&reqid=00108919912&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FF9DFE17%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1649%26IR%3D1%26EX%3D0%26L.h%3D950%26L.sjs%3D1093%26L.ttg%3D950%26C.st%3D1668460194783%26N.domIn%3D968%26N.dns%3D99%26N.tcp%3D40%26N.req%3D674%26N.resp%3D3%26N.navType%3D0%26N.redirectCount%3D0&r=0.6771718801903168 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=c40d8c10-5322-4125-bd19-05261681efa5&reqid=00108919912&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FF9DFE17%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1649%26IR%3D1%26EX%3D0%26L.h%3D950%26L.sjs%3D1093%26L.ttg%3D950%26C.st%3D1668460194783%26N.domIn%3D968%26N.dns%3D99%26N.tcp%3D40%26N.req%3D674%26N.resp%3D3%26N.navType%3D0%26N.redirectCount%3D0&r=0.6771718801903168&CtsSyncId=599CC69DCBC24831B743CC04DCF845ED&RedC=c.live.com&MXFR=304F74E6A5A162B712ED66BAA1A166C5 HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=c40d8c10-5322-4125-bd19-05261681efa5&reqid=00108919912&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FF9DFE17%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1649%26IR%3D1%26EX%3D0%26L.h%3D950%26L.sjs%3D1093%26L.ttg%3D950%26C.st%3D1668460194783%26N.domIn%3D968%26N.dns%3D99%26N.tcp%3D40%26N.req%3D674%26N.resp%3D3%26N.navType%3D0%26N.redirectCount%3D0&r=0.6771718801903168&CtsSyncId=599CC69DCBC24831B743CC04DCF845ED&MUID=304F74E6A5A162B712ED66BAA1A166C5

124 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
linderlake.com/
Redirect Chain

http://linderlake.com/
https://linderlake.com/

112 KB
112 KB

412ms
230ms

Document
text/html

200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 134b024fd753ce50172273c732e43fc9872d9e92398b0ef939412e55d6b90476

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Nov 2022 21:09:53 GMT
Keep-Alive: timeout=5, max=100
Link: <https://linderlake.com/wp-json/>; rel="https://api.w.org/", <https://linderlake.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://linderlake.com/>; rel=shortlink
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 231
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 14 Nov 2022 21:09:53 GMT
Keep-Alive: timeout=5, max=100
Location: https://linderlake.com/
Server: Apache

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
linderlake.com/wp-includes/js/ 18 KB
18 KB 879ms
94ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Fri, 02 Sep 2022 17:08:35 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 18617

GET
H/1.1 200
OK style.min.css
linderlake.com/wp-includes/css/dist/block-library/ 93 KB
93 KB 208ms
90ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 187af6783dd59cd3b9dd90e77b3daa1509c1c3c18f5ce5d6fe2133f9bc3828df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:53 GMT
Last-Modified: Wed, 02 Nov 2022 21:39:59 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 94821

GET
H/1.1 200
OK classic-themes.min.css
linderlake.com/wp-includes/css/ 217 B
458 B 268ms
90ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:53 GMT
Last-Modified: Wed, 02 Nov 2022 21:39:59 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 217

GET
H/1.1 200
OK video-container.min.css
linderlake.com/wp-content/plugins/simple-embed-code/css/ 221 B
462 B 269ms
90ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/simple-embed-code/css/video-container.min.css?ver=6.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 074d9505d547acdfced56ba7203b153958881abceb7a19326029f652acb75191

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:53 GMT
Last-Modified: Tue, 02 Mar 2021 17:07:37 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 221

GET
H/1.1 200
OK wpcf7-redirect-frontend.min.css
linderlake.com/wp-content/plugins/wpcf7-redirect/build/css/ 316 B
557 B 270ms
90ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:53 GMT
Last-Modified: Tue, 09 Aug 2022 02:29:37 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 316

GET
H/1.1 200
OK header-footer-elementor.css
linderlake.com/wp-content/plugins/header-footer-elementor/assets/css/ 776 B
1017 B 269ms
89ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:53 GMT
Last-Modified: Wed, 24 Aug 2022 02:29:37 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 776

GET
H/1.1 200
OK elementor-icons.min.css
linderlake.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
19 KB 357ms
90ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19279

GET
H/1.1 200
OK frontend-legacy.min.css
linderlake.com/wp-content/plugins/elementor/assets/css/ 13 KB
14 KB 358ms
90ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.8.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: fde0d5a578eb6673d38d66dff152e36b610384b19954f0723e07f4302305592f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 13805

GET
H/1.1 200
OK frontend.min.css
linderlake.com/wp-content/plugins/elementor/assets/css/ 158 KB
158 KB 359ms
90ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: b091fb04aeb43da4cec3392a4de451d0f6b97a91235e0dc68560bc271c2b83c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 161415

GET
H/1.1 200
OK post-6.css
linderlake.com/wp-content/uploads/elementor/css/ 1 KB
1 KB 359ms
90ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/uploads/elementor/css/post-6.css?ver=1668393023
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 99d3e7367ff42d0dca6d56396310d972010238597faa8d2a7869ff5fa0e1bae7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:30:23 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1229

GET
H/1.1 200
OK all.min.css
linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 58 KB
58 KB 378ms
90ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 59344

GET
H/1.1 200
OK v4-shims.min.css
linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 26 KB
26 KB 448ms
91ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 26702

GET
H/1.1 200
OK post-5.css
linderlake.com/wp-content/uploads/elementor/css/ 20 KB
20 KB 450ms
90ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/uploads/elementor/css/post-5.css?ver=1668393023
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 7664fbce0f54b49f0cc633e76c50919ee1cfd241b42f077a9c23bfef3fc0a475

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:30:23 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 20673

GET
H/1.1 200
OK frontend.css
linderlake.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/ 74 KB
74 KB 535ms
90ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: ea14d1b1233e6cbc9b1a156ac532f076f7adafc309726fca7bf8833f882ac872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Wed, 24 Aug 2022 02:29:37 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 75684

GET
H/1.1 200
OK post-1314.css
linderlake.com/wp-content/uploads/elementor/css/ 13 KB
13 KB 558ms
90ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/uploads/elementor/css/post-1314.css?ver=1668393023
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 20738b92edeadb89e1191cc6ff1ce4b424fce38ce9e391142ef8947c612d75aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:30:23 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 13462

GET
H/1.1 200
OK post-1049.css
linderlake.com/wp-content/uploads/elementor/css/ 11 KB
11 KB 561ms
90ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/uploads/elementor/css/post-1049.css?ver=1668393023
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 89119c28107e8082f4070fd189be04f4d52773986d54e9f5428946ce5698996b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:30:23 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 11117

GET
H/1.1 200
OK 00342c607f04c5aa6767111bf84c3980.min.css
linderlake.com/wp-content/uploads/fusion-styles/ 1 MB
1 MB 628ms
91ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/uploads/fusion-styles/00342c607f04c5aa6767111bf84c3980.min.css?ver=3.6.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 095ff0aab53ffc451b8f8efc1683a4229d7460be8a09ee811b88e470be0c0441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Wed, 19 Oct 2022 15:51:40 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1113297

GET
H2 200 css
fonts.googleapis.com/ 64 KB
3 KB 86ms
27ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1

Requested by

Host: linderlake.com
URL: https://linderlake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c6f23e99f260b2119c71f79c4f9dc0f257e0aa8bb1c9fe4bc8c874da45aaa9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 21:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 21:09:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 21:09:53 GMT

GET
H/1.1 200
OK fontawesome.min.css
linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
57 KB 520ms
91ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 57912

GET
H/1.1 200
OK solid.min.css
linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
909 B 539ms
90ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 669

GET
H/1.1 200
OK brands.min.css
linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 675 B
915 B 542ms
90ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 675

GET
H/1.1 200
OK regular.min.css
linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 677 B
917 B 607ms
91ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 677

GET
H/1.1 200
OK jquery.min.js Show response
linderlake.com/wp-includes/js/jquery/ 88 KB
88 KB 606ms
90ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Wed, 02 Nov 2022 21:39:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 89684

GET
H/1.1 200
OK jquery-migrate.min.js Show response
linderlake.com/wp-includes/js/jquery/ 11 KB
11 KB 629ms
90ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Tue, 08 Mar 2022 17:09:51 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 11224

GET
H/1.1 200
OK v4-shims.min.js Show response
linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/ 15 KB
15 KB 632ms
90ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 15055

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 65ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175559692-1

Requested by

Host: linderlake.com
URL: https://linderlake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07ff0b2426887067673b4e02fe2f57aeb33ea937183b8f6790065921209d59e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:09:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43680
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Nov 2022 21:09:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 79ms
42ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-602065528

Requested by

Host: linderlake.com
URL: https://linderlake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d84a1a047b4e7898fb0fb94ba68b519ec8d5c3bffabb6634e20e03baeff99f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:09:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 53033
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Nov 2022 21:09:54 GMT

GET
H/1.1 200
OK header-logo-new.png
linderlake.com/wp-content/uploads/2020/08/ 57 KB
57 KB 149ms
90ms Image
image/png 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linderlake.com/wp-content/uploads/2020/08/header-logo-new.png
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: f6af97fac9cbea2fee9b8b1d066599c64377b5a4e6e57a6239dfd08e0a92bd22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Wed, 22 Dec 2021 08:21:10 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 58225

GET
H/1.1 200
OK newss.png
linderlake.com/wp-content/uploads/2020/08/ 424 KB
425 KB 169ms
90ms Image
image/png 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linderlake.com/wp-content/uploads/2020/08/newss.png
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: f11874e5240e27e89dc7d484a5791e6d9c432c2f1b42d76ff4a808a759b512a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Fri, 07 Aug 2020 13:48:03 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 434611

GET
H/1.1 200
OK power-1.jpg
linderlake.com/wp-content/uploads/2020/08/ 216 KB
217 KB 92ms
92ms Image
image/jpeg 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linderlake.com/wp-content/uploads/2020/08/power-1.jpg
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: a99036457a6272598cad9367b204d3cfe4b22af9aa17d212b3f765c4fc1649d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Fri, 07 Aug 2020 09:27:25 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 221615

GET
H/1.1 200
OK mapping.jpg
linderlake.com/wp-content/uploads/2021/12/ 191 KB
192 KB 115ms
90ms Image
image/jpeg 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linderlake.com/wp-content/uploads/2021/12/mapping.jpg
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 75dcdbaa57164aae681c6b0f7a4678aad106039d0a9d04f510aacb89bdf8d20a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Wed, 22 Dec 2021 10:25:09 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 196044

GET
H/1.1 200
OK new-t.jpg
linderlake.com/wp-content/uploads/2021/12/ 291 KB
291 KB 91ms
90ms Image
image/jpeg 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linderlake.com/wp-content/uploads/2021/12/new-t.jpg
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 0311641381d6d7a0f8eb102f0b325da238c696ce6b945540cdde66bb5d82504e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Wed, 22 Dec 2021 10:25:51 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 297481

GET
H/1.1 200
OK flexibility.png
linderlake.com/wp-content/uploads/2020/08/ 7 KB
7 KB 90ms
90ms Image
image/png 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linderlake.com/wp-content/uploads/2020/08/flexibility.png
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 23f6736649eaf600d1741d64ab10b7baa9c976b864847caaa40c469879f9c81c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Wed, 05 Aug 2020 12:02:19 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 6750

GET
H/1.1 200
OK icon.png
linderlake.com/wp-content/uploads/2020/08/ 5 KB
5 KB 90ms
90ms Image
image/png 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linderlake.com/wp-content/uploads/2020/08/icon.png
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: e2ea3e01b3fc952312e4aa1cf24784574e62a3802c77095a7be05ea0ae521506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Thu, 06 Aug 2020 14:59:08 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 4767

GET
H/1.1 200
OK taxes.png
linderlake.com/wp-content/uploads/2020/08/ 6 KB
6 KB 90ms
90ms Image
image/png 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linderlake.com/wp-content/uploads/2020/08/taxes.png
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 14c110085d8e0ec3560f9794b9a998106dd5e3ccee24ac74d1b41a4a47997ff2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Wed, 05 Aug 2020 12:03:04 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 6158

GET
H/1.1 200
OK cost-icon.png
linderlake.com/wp-content/uploads/2020/08/ 6 KB
6 KB 90ms
90ms Image
image/png 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linderlake.com/wp-content/uploads/2020/08/cost-icon.png
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: cce073f327be66a527e0d259088bd5ac77653cef03c0c11e115389f42768d734

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Wed, 05 Aug 2020 12:03:19 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 5889

GET
H/1.1 200
OK footer-logo-white.png
linderlake.com/wp-content/uploads/2019/12/ 35 KB
35 KB 90ms
90ms Image
image/png 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linderlake.com/wp-content/uploads/2019/12/footer-logo-white.png
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: d599b8e67a4aa97149614ec5b439f91d6bbd2e3716aee08f88ea9474e21a68ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Wed, 22 Dec 2021 08:22:05 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 35718

GET
H/1.1 200
OK animations.min.css
linderlake.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
18 KB 93ms
92ms Stylesheet
text/css 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 18468

GET
H/1.1 200
OK index.js Show response
linderlake.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
10 KB 384ms
383ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Thu, 20 Oct 2022 02:29:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 9937

GET
H/1.1 200
OK index.js Show response
linderlake.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
12 KB 90ms
90ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Thu, 20 Oct 2022 02:29:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 12310

GET
H/1.1 200
OK wpcf7r-fe.js Show response
linderlake.com/wp-content/plugins/wpcf7-redirect/build/js/ 8 KB
8 KB 91ms
90ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Tue, 09 Aug 2022 02:29:37 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 8074

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1000 B 71ms
26ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcLAcEZAAAAAHc31n9n4d3na7bYB_PzRtk0uPOD&ver=3.0

Requested by

Host: linderlake.com
URL: https://linderlake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6ba5e1470a4bf5fe6a71bd94a88f1fe8c2a8e13d990accacaf8ab473b8927c61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Mon, 14 Nov 2022 21:09:54 GMT

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
linderlake.com/wp-includes/js/dist/vendor/ 6 KB
7 KB 94ms
90ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Fri, 02 Sep 2022 17:08:35 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 6475

GET
H/1.1 200
OK wp-polyfill.min.js Show response
linderlake.com/wp-includes/js/dist/vendor/ 17 KB
18 KB 94ms
91ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Wed, 02 Nov 2022 21:39:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 17823

GET
H/1.1 200
OK index.js Show response
linderlake.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 999 B
1 KB 95ms
91ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Thu, 20 Oct 2022 02:29:22 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 999

GET
H/1.1 200
OK frontend.js Show response
linderlake.com/wp-content/plugins/header-footer-elementor/inc/js/ 27 KB
27 KB 93ms
92ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.13
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 8d13e5f190e4c0f968ed033233598e278d294737abc5a46c5e0505b1f88320cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Wed, 24 Aug 2022 02:29:37 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 27307

GET
H/1.1 200
OK df2828ba6aec41285d3c265d30d682bc.min.js Show response
linderlake.com/wp-content/uploads/fusion-scripts/ 305 KB
306 KB 90ms
90ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/uploads/fusion-scripts/df2828ba6aec41285d3c265d30d682bc.min.js?ver=3.6.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 81ec2620ff4ba849e3839257a84455b351aa24c1b5a542bd53b3a5f57dbaf25d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Wed, 19 Oct 2022 00:17:47 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 312831

GET
H/1.1 200
OK webpack.runtime.min.js Show response
linderlake.com/wp-content/plugins/elementor/assets/js/ 5 KB
5 KB 90ms
90ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 4957

GET
H/1.1 200
OK frontend-modules.min.js Show response
linderlake.com/wp-content/plugins/elementor/assets/js/ 32 KB
32 KB 90ms
90ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 5d80f13fd7524318f81eb1301170d4d0fbee242c12403c01f3a06c9f681192c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 32947

GET
H/1.1 200
OK waypoints.min.js Show response
linderlake.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
12 KB 91ms
91ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 12198

GET
H/1.1 200
OK core.min.js Show response
linderlake.com/wp-includes/js/jquery/ui/ 21 KB
21 KB 90ms
90ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Wed, 02 Nov 2022 21:39:58 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 21440

GET
H/1.1 200
OK swiper.min.js Show response
linderlake.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
136 KB 90ms
90ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 139153

GET
H/1.1 200
OK share-link.min.js Show response
linderlake.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
3 KB 90ms
90ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2620

GET
H/1.1 200
OK dialog.min.js Show response
linderlake.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
11 KB 91ms
90ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 10682

GET
H/1.1 200
OK frontend.min.js Show response
linderlake.com/wp-content/plugins/elementor/assets/js/ 40 KB
40 KB 91ms
91ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 40513

GET
H/1.1 200
OK preloaded-modules.min.js Show response
linderlake.com/wp-content/plugins/elementor/assets/js/ 42 KB
42 KB 90ms
90ms Script
application/javascript 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.1
Requested by: Host: linderlake.com
URL: https://linderlake.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 689cd339b9de5d18314f13848a05a7ede4548ae9e30673035d1302da6d139ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 43140

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 65ms
30ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://linderlake.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:18:54 GMT
x-content-type-options: nosniff
age: 604260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 21:18:54 GMT

GET
H2 200 embed Show response
onedrive.live.com/ Frame B8EF 61 KB
21 KB 811ms
671ms Document
text/html 13.107.43.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=4CCC5E76527E7303&resid=4CCC5E76527E7303%21118&authkey=AFpdkaIiWVd-6WM&em=2

Requested by

Host: linderlake.com
URL: https://linderlake.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.43.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

506c514ead1999b7f1f051d87f26995f8bac2798c0ca83ce3f55f5b6fc63480f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://linderlake.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 14 Nov 2022 21:09:55 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-msedge-ref: Ref A: 30272019B7EF43DAB5898F76FA89E5CC Ref B: VIEEDGE3311 Ref C: 2022-11-14T21:09:54Z
x-msnserver: RD0004FF9DFE17
x-odwebserver: canadaeast0-odwebpl

GET
H/1.1 200
OK AdobeStock_181739158-scaled.jpeg
linderlake.com/wp-content/uploads/2020/08/ 366 KB
367 KB 150ms
91ms Image
image/jpeg 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linderlake.com/wp-content/uploads/2020/08/AdobeStock_181739158-scaled.jpeg
Requested by: Host: linderlake.com
URL: https://linderlake.com/wp-content/uploads/elementor/css/post-5.css?ver=1668393023
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 1c4c71986546b48ec53d695236c90f972084a72f4646793c0e6cc14bf26f13b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/wp-content/uploads/elementor/css/post-5.css?ver=1668393023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Fri, 07 Aug 2020 12:46:45 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 375054

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 63ms
36ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://linderlake.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:24:32 GMT
x-content-type-options: nosniff
age: 416722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 01:24:32 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 40ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: linderlake.com
URL: https://linderlake.com/wp-content/uploads/fusion-styles/00342c607f04c5aa6767111bf84c3980.min.css?ver=3.6.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://linderlake.com/
Origin: https://linderlake.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 16:15:31 GMT
x-content-type-options: nosniff
age: 190463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Nov 2023 16:15:31 GMT

GET
H/1.1 200
OK fa-brands-400.woff2
linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
75 KB 106ms
90ms Font
font/woff2 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: linderlake.com
URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer: https://linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
Origin: https://linderlake.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 76764

GET
H/1.1 200
OK fa-solid-900.woff2
linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 152ms
90ms Font
font/woff2 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: linderlake.com
URL: https://linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://linderlake.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
Origin: https://linderlake.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 02:29:15 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 78196

GET
H/1.1 200
OK hcall1.jpg
linderlake.com/wp-content/uploads/2020/08/ 292 KB
292 KB 90ms
90ms Image
image/jpeg 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linderlake.com/wp-content/uploads/2020/08/hcall1.jpg
Requested by: Host: linderlake.com
URL: https://linderlake.com/wp-content/uploads/elementor/css/post-5.css?ver=1668393023
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: ebc2778821dd7ab9a9d6eb372f2d848e5750da68a4b319f1c170b7ae9df0156e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/wp-content/uploads/elementor/css/post-5.css?ver=1668393023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Mon, 03 Aug 2020 12:21:54 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 298892

GET
H/1.1 200
OK hb1.jpg
linderlake.com/wp-content/uploads/2019/12/ 163 KB
164 KB 90ms
90ms Image
image/jpeg 200.225.41.249
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linderlake.com/wp-content/uploads/2019/12/hb1.jpg
Requested by: Host: linderlake.com
URL: https://linderlake.com/wp-content/uploads/elementor/css/post-1049.css?ver=1668393023
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.225.41.249 El Segundo, United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps78879.inmotionhosting.com
Software: Apache /
Resource Hash: 1858c50ebbd701613656980065ad2126cf62d2a6649f35cfd3a76e93f97aef01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/wp-content/uploads/elementor/css/post-1049.css?ver=1668393023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:55 GMT
Last-Modified: Mon, 03 Aug 2020 13:06:09 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 167312

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175559692-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Nov 2022 19:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6305
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 14 Nov 2022 21:24:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-602065528&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175559692-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13b0a34ceb46a2eafb004037bccb4c907c7fed41475b0779f511b4ab60f2e1ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:09:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 53034
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Nov 2022 21:09:54 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/602065528/ 2 KB
1 KB 108ms
60ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/602065528/?random=1668460194876&cv=11&fst=1668460194876&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Flinderlake.com%2F&tiba=Linderlake%20Corporation%20Right%20of%20Way%20Services&auid=1039426747.1668460195&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-602065528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0c557a33e6392c05e873114204f5d36b35cb585e6bd6e658ba6aebe38d28b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 21:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 886
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 48ms
21ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1933285726&t=pageview&_s=1&dl=https%3A%2F%2Flinderlake.com%2F&ul=en-us&de=UTF-8&dt=Linderlake%20Corporation%20Right%20of%20Way%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1665509992&gjid=1782056948&cid=1991997091.1668460195&tid=UA-175559692-1&_gid=720452085.1668460195&_r=1&gtm=2oub90&z=2063638050

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://linderlake.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 21:09:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://linderlake.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 65ms
19ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-175559692-1&cid=1991997091.1668460195&jid=1665509992&gjid=1782056948&_gid=720452085.1668460195&_u=YEBAAUAAAAAAACAAI~&z=1634504399

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://linderlake.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 14 Nov 2022 21:09:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://linderlake.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/602065528/ 42 B
64 B 56ms
26ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/602065528/?random=1668460194876&cv=11&fst=1668459600000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Flinderlake.com%2F&tiba=Linderlake%20Corporation%20Right%20of%20Way%20Services&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1970394466&rmt_tld=0&ipr=y

Requested by

Host: linderlake.com
URL: https://linderlake.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 21:09:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/602065528/ 42 B
548 B 81ms
28ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/602065528/?random=1668460194876&cv=11&fst=1668459600000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Flinderlake.com%2F&tiba=Linderlake%20Corporation%20Right%20of%20Way%20Services&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1970394466&rmt_tld=1&ipr=y

Requested by

Host: linderlake.com
URL: https://linderlake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 21:09:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ 402 KB
161 KB 53ms
14ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcLAcEZAAAAAHc31n9n4d3na7bYB_PzRtk0uPOD&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://linderlake.com/
Origin: https://linderlake.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 19:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164348
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 19:20:03 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 50ms
49ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-175559692-1&cid=1991997091.1668460195&jid=1665509992&_u=YEBAAUAAAAAAACAAI~&z=2110727148

Requested by

Host: linderlake.com
URL: https://linderlake.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 21:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 52ms
51ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-175559692-1&cid=1991997091.1668460195&jid=1665509992&_u=YEBAAUAAAAAAACAAI~&z=2110727148

Requested by

Host: linderlake.com
URL: https://linderlake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linderlake.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 21:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D9E2 42 KB
22 KB 43ms
42ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcLAcEZAAAAAHc31n9n4d3na7bYB_PzRtk0uPOD&co=aHR0cHM6Ly9saW5kZXJsYWtlLmNvbTo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=y862lflw2szl

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c6cf450ce7bf6e1b6ee27c5d06d58ad0c1016c2d2515865c15d5cb6d36d604ca

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wKH70VCHimiNlpoHtWGW9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://linderlake.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22280
content-security-policy: script-src 'report-sample' 'nonce-wKH70VCHimiNlpoHtWGW9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 21:09:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame D9E2 52 KB
24 KB 64ms
14ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcLAcEZAAAAAHc31n9n4d3na7bYB_PzRtk0uPOD&co=aHR0cHM6Ly9saW5kZXJsYWtlLmNvbTo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=y862lflw2szl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 18:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 18:12:51 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame D9E2 402 KB
161 KB 77ms
27ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 19:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164348
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 19:20:03 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D9E2 2 KB
2 KB 14ms
14ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 350986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 17 Nov 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D9E2 15 KB
15 KB 42ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 19:21:27 GMT
x-content-type-options: nosniff
age: 524908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:21:27 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D9E2 15 KB
15 KB 43ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 526207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Nov 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D9E2 102 B
134 B 22ms
22ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc61703e1ce27b748ad533e812e2b242334ff3eee6dff91b2cc13d1ca35227bf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcLAcEZAAAAAHc31n9n4d3na7bYB_PzRtk0uPOD&co=aHR0cHM6Ly9saW5kZXJsYWtlLmNvbTo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=y862lflw2szl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 14 Nov 2022 21:09:55 GMT

GET
H2 200 filescss1-11eb1969.css
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001// Frame B8EF 85 KB
16 KB 98ms
10ms Stylesheet
text/css 2a02:26f0:3500:c::5c7b:683d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001//filescss1-11eb1969.css

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=4CCC5E76527E7303&resid=4CCC5E76527E7303%21118&authkey=AFpdkaIiWVd-6WM&em=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c::5c7b:683d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 Aug 2022 05:56:51 GMT
x-cdn-provider: Akamai
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6e295743-b01e-0019-6230-ac7f2c000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: public, max-age=630720000
timing-allow-origin: *
content-length: 15784

GET
H2 200 filescss2-7859787f.css
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001// Frame B8EF 169 KB
30 KB 96ms
8ms Stylesheet
text/css 2a02:26f0:3500:c::5c7b:683d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001//filescss2-7859787f.css

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=4CCC5E76527E7303&resid=4CCC5E76527E7303%21118&authkey=AFpdkaIiWVd-6WM&em=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c::5c7b:683d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 Aug 2022 05:56:51 GMT
x-cdn-provider: Akamai
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6c000349-401e-0022-0930-ac3a88000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: public, max-age=630720000
timing-allow-origin: *
content-length: 30612

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame D9E2 32 KB
18 KB 87ms
87ms XHR
application/json 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcLAcEZAAAAAHc31n9n4d3na7bYB_PzRtk0uPOD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

98787f386b0e484a7cb1fe76f22916c03bcccccd5d9b37a57025d5b4cf6ac92f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcLAcEZAAAAAHc31n9n4d3na7bYB_PzRtk0uPOD&co=aHR0cHM6Ly9saW5kZXJsYWtlLmNvbTo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=y862lflw2szl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 14 Nov 2022 21:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18705
x-xss-protection: 1; mode=block
expires: Mon, 14 Nov 2022 21:09:55 GMT

POST
H2 200 PowerPointFrame.aspx Show response
powerpoint.officeapps.live.com/p/ Frame 4242 122 KB
125 KB 137ms
48ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=4CCC5E76527E7303&resid=4CCC5E76527E7303%21118&authkey=AFpdkaIiWVd-6WM&em=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ba7876c74da46163c2b68486c9f13051a08e653cc14d28ca144d05dfe897da31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy-report-only: font-src data: c1-powerpoint-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net *.youtube.com s.ytimg.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com res.cdn.office.net res-cn.cdn.partner.office365.cn res-dod.cdn.office.net res-gcch.cdn.office.net res-dev.cdn.officeppe.net res-1.cdn.office.net res-2.cdn.office.net res-3.cdn.office.net res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-dod.cdn.office.net res-2-dod.cdn.office.net res-1-gcch.cdn.office.net res-2-gcch.cdn.office.net res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-v.cdn.office.net https:; media-src *.skype.com *.skypeassets.com *.officeapps.live.com https:; object-src 'self' *.youtube.com s.ytimg.com https:; child-src blob: * https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /p/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Mon, 14 Nov 2022 21:09:55 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: AAB0DDA9430E41F2945535C29A618EB3 Ref B: AMS231032609029 Ref C: 2022-11-14T21:09:55Z
x-officecluster: PNL1
x-officefd: AM4PEPF00010819
x-officefe: AM4PEPF00010819
x-officeversion: 16.0.15825.40515
x-usersessionid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/ Frame B8EF 92 KB
33 KB 13ms
13ms Script
application/javascript 2a02:26f0:3500:c::5c7b:683d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/jquery-1.7.2-39eeb07e.js

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=4CCC5E76527E7303&resid=4CCC5E76527E7303%21118&authkey=AFpdkaIiWVd-6WM&em=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c::5c7b:683d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 Aug 2022 05:56:47 GMT
x-cdn-provider: Akamai
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6e298f77-b01e-0019-4230-ac7f2c000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: public, max-age=630720000
timing-allow-origin: *
content-length: 33335

GET
H2 200 embed_s_embed-02df9e94.js Show response
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/ Frame B8EF 486 KB
134 KB 57ms
57ms Script
application/javascript 2a02:26f0:3500:c::5c7b:683d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/embed_s_embed-02df9e94.js

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=4CCC5E76527E7303&resid=4CCC5E76527E7303%21118&authkey=AFpdkaIiWVd-6WM&em=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c::5c7b:683d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1cdfe8a8c95a5a93f441830b2a18dbe884016235e11b55dc7955505f5992ab5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 Aug 2022 05:56:46 GMT
x-cdn-provider: Akamai
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fd20bec0-001e-000c-3621-b2689f000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: public, max-age=630720000
timing-allow-origin: *
content-length: 137086

GET
H2 200 embed1-73836002.js Show response
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/ Frame B8EF 47 KB
14 KB 87ms
86ms Script
application/javascript 2a02:26f0:3500:c::5c7b:683d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/embed1-73836002.js

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=4CCC5E76527E7303&resid=4CCC5E76527E7303%21118&authkey=AFpdkaIiWVd-6WM&em=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c::5c7b:683d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

24a1d530f47847a53c5d016e452ef4d2e9eb89eb97b6e8d8907d1f4e3216d556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 Aug 2022 05:56:44 GMT
x-cdn-provider: Akamai
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1026c84e-801e-002d-0e21-b24ce4000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: public, max-age=630720000
timing-allow-origin: *
content-length: 14141

GET
H2 200 embed2-34d50142.js Show response
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/ Frame B8EF 203 KB
68 KB 23ms
23ms Script
application/javascript 2a02:26f0:3500:c::5c7b:683d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/embed2-34d50142.js

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=4CCC5E76527E7303&resid=4CCC5E76527E7303%21118&authkey=AFpdkaIiWVd-6WM&em=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c::5c7b:683d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bebee2d55b1641e7b16ba986128936cf7318aa01388f748ee4e5ee4083cff529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 Aug 2022 05:56:48 GMT
x-cdn-provider: Akamai
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ba9b424b-701e-005b-4b21-b2c6ac000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: public, max-age=630720000
timing-allow-origin: *
content-length: 69158

GET
H2 200 embed0-425fbbd1.js Show response
res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/ Frame B8EF 15 KB
6 KB 25ms
25ms Script
application/javascript 2a02:26f0:3500:c::5c7b:683d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res-1.cdn.office.net/files/onedrive-website-release-prod_master_20220804.001/embed0-425fbbd1.js

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=4CCC5E76527E7303&resid=4CCC5E76527E7303%21118&authkey=AFpdkaIiWVd-6WM&em=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c::5c7b:683d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f197ff63bcea0dc2e572e72f231ac1b493800866a21428eccd6e0a0fac1081e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 05 Aug 2022 05:56:48 GMT
x-cdn-provider: Akamai
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 84a5c77e-e01e-0014-418d-b3b7f8000000
access-control-expose-headers: date,Akamai-Request-BC
cache-control: public, max-age=630720000
timing-allow-origin: *
content-length: 5912

GET
H/1.1 200
OK styleschromeless.css
c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/ Frame 4242 284 KB
35 KB 103ms
21ms Stylesheet
text/css 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/styleschromeless.css

Requested by

Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0859da458d81f0c0b688f2577152589b812cd4c55630b31b3f87089d6f5b93b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
Date: Mon, 14 Nov 2022 21:09:56 GMT
X-OfficeVersion: 16.0.15825.40515
X-OfficeFE: AM4PEPF00006023
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 34683
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 28 Oct 2022 09:47:21 GMT
X-CorrelationId: fc242204-48e0-488e-8165-f3dedefbbc51
X-UserSessionId: fc242204-48e0-488e-8165-f3dedefbbc51
X-MSEdge-Ref: Ref A: F8B647140E5143459E6F29C485C2460C Ref B: AMS231032603019 Ref C: 2022-11-09T18:48:37Z
X-OfficeCluster: PNL1
ETag: "40d7bb46b2ead81:0"
X-OFFICEFD: AM4PEPF00006023
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjax.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161582540515_App_Scripts/ Frame 4242 106 KB
28 KB 89ms
7ms Script
application/javascript 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_App_Scripts/MicrosoftAjax.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Date: Mon, 14 Nov 2022 21:09:56 GMT
X-OfficeVersion: 16.0.15825.40515
X-OfficeFE: AM4PEPF00010822
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 27244
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 28 Oct 2022 12:08:52 GMT
X-CorrelationId: 6d41eb01-d639-4126-952a-a32b90fe6e7c
X-UserSessionId: 6d41eb01-d639-4126-952a-a32b90fe6e7c
X-MSEdge-Ref: Ref A: DF205A56FE654F0E8F5A04F83D620361 Ref B: AMS231032608019 Ref C: 2022-11-09T15:16:11Z
X-OfficeCluster: PNL1
ETag: "0e236bc6ead81:0"
X-OFFICEFD: AM4PEPF00010822
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK powerpointintl.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/1031/ Frame 4242 307 KB
63 KB 89ms
8ms Script
application/javascript 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/1031/powerpointintl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

df23f6d11d3992b687a5c0a1a24787648606df94dd6251c0d000a49f01318638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
Date: Mon, 14 Nov 2022 21:09:56 GMT
X-OfficeVersion: 16.0.15825.40515
X-OfficeFE: AM4PEPF00006963
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 63364
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 28 Oct 2022 07:46:27 GMT
X-CorrelationId: 9f12906a-5780-49d8-ac96-8c72c07b1e05
X-UserSessionId: 9f12906a-5780-49d8-ac96-8c72c07b1e05
X-MSEdge-Ref: Ref A: F233632002E1465FBC558A44EC00F2E4 Ref B: AMS231032603047 Ref C: 2022-11-09T18:43:18Z
X-OfficeCluster: PNL1
ETag: "90acc962a1ead81:0"
X-OFFICEFD: AM4PEPF00006963
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK BootView.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/ Frame 4242 2 MB
491 KB 99ms
20ms Script
application/javascript 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/BootView.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d752ca7d092ed89cefda8ffb94ff88fe44410f820cd037a096fc5ad45a19437a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Date: Mon, 14 Nov 2022 21:09:56 GMT
X-OfficeVersion: 16.0.15825.40515
X-OfficeFE: AM4PEPF00006963
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 501746
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice,afd_excelslice,afd_visioslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 28 Oct 2022 07:46:12 GMT
X-CorrelationId: 6d41eb01-d639-4126-952a-a32b90fe6e7c
X-UserSessionId: 6d41eb01-d639-4126-952a-a32b90fe6e7c
X-MSEdge-Ref: Ref A: F00FA7D35E3541439A3DF624C244F87E Ref B: AMS231032601003 Ref C: 2022-11-09T15:16:11Z
X-OfficeCluster: PNL1
ETag: "0ba8559a1ead81:0"
X-OFFICEFD: AM4PEPF00006963
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/p/s/161582540515_resources/1031/ Frame 4242 695 B
2 KB 99ms
21ms Image
image/gif 2a02:26f0:480:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/161582540515_resources/1031/progress.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000, max-age=31536000
Date: Mon, 14 Nov 2022 21:09:56 GMT
X-OfficeVersion: 16.0.15825.40515
X-Powered-By: ARR/3.0
X-OfficeFE: AM4PEPF0000726A
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 28 Oct 2022 11:21:16 GMT
X-CorrelationId: 0d0ef02c-20d2-464d-b906-c44e47c4bf94, 0d0ef02c-20d2-464d-b906-c44e47c4bf94
X-UserSessionId: 0d0ef02c-20d2-464d-b906-c44e47c4bf94, 0d0ef02c-20d2-464d-b906-c44e47c4bf94
X-MSEdge-Ref: Ref A: A5CB60DA48E94801B884E8A04EE0F50C Ref B: AMS231032602045 Ref C: 2022-11-06T18:49:42Z
X-OfficeCluster: PNL1
ETag: "9424f964bfead81:0"
X-OFFICEFD: AM4PEPF00011BC3
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK prt.png
c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/ Frame 4242 13 KB
14 KB 98ms
20ms Image
image/png 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/prt.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 14 Nov 2022 21:09:56 GMT
X-OfficeVersion: 16.0.15901.40521
X-OfficeFE: DM3PEPF00012EA4
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 13611
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 07 Nov 2022 06:13:32 GMT
X-CorrelationId: 15114e81-6406-453c-bf3c-02577d4ef24c
X-UserSessionId: 15114e81-6406-453c-bf3c-02577d4ef24c
X-MSEdge-Ref: Ref A: 77EC2B955BC9443083B6FA453CC7EB9D Ref B: AMS231032609047 Ref C: 2022-11-07T06:13:31Z
X-OfficeCluster: US4C
ETag: W/"fb82b2f70f2d81:0"
X-OFFICEFD: DM3PEPF000132AC
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 4242 0
1 KB 101ms
100ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15825.40515&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 21:09:56 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.15901.40521
x-officefe: BL6PEPF0000BACC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-ms-server-duration: 0.4917
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: e9aaa3b1-ba8b-4824-8540-9956c1bb28be
x-officecluster: PGTUS4
x-usersessionid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
x-msedge-ref: Ref A: 86266008A0264B3098F53CD670722D6C Ref B: AMS231032609029 Ref C: 2022-11-14T21:09:56Z
x-officefd: BL6PEPF0000BACC
x-download-options: noopen
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://powerpointonline.nelsdf.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PGTUS4"}]}
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
x-ms-request-id: 0a9e14f5-dfb1-40fb-8384-191c3719b1de
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, IsIntentional, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 4242 0
457 B 163ms
163ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15825.40515&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":113,"Value":"https://c1-powerpoint-15.cdn.office.net:443/p/s/161582540515_PptResources/1031/styleschromeless.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 21:09:56 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.15825.40515
x-officefe: BY3PEPF0000C8D2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-ms-server-duration: 0.9584
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: d0028461-3457-4239-a18e-c3a89f6dc023
x-officecluster: PGTUS1
x-usersessionid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
x-msedge-ref: Ref A: 009CB482714A47F39AA2924A671E6E12 Ref B: AMS231032609029 Ref C: 2022-11-14T21:09:56Z
x-officefd: BY3PEPF0000C8D2
x-download-options: noopen
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://powerpointonline.nelsdf.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PGTUS1"}]}
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
x-ms-request-id: 50ba2e03-cd5a-46db-ab98-2e8758cba9c8
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, IsIntentional, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

GET
H/1.1 404
Not Found segoeui.woff
c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/ Frame 4242 0
0 254ms
254ms Font
text/html 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/segoeui.woff

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/styleschromeless.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/styleschromeless.css
Origin: https://powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 14 Nov 2022 21:09:56 GMT
X-OfficeVersion: 16.0.15825.40515
X-OfficeFE: AM4PEPF0001081A
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1245
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
X-CorrelationId: ab16fb2f-6b00-4786-96da-d2a0beb1ccb2
X-OfficeCluster: PNL1
X-UserSessionId: ab16fb2f-6b00-4786-96da-d2a0beb1ccb2
X-MSEdge-Ref: Ref A: C1B3F79E687545C1B8AF8615B552E0DA Ref B: AMS231032608035 Ref C: 2022-11-14T21:09:56Z
X-OFFICEFD: AM4PEPF0001081A
Content-Type: text/html
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *

POST
H2 200 GetPresentationWithSlideById Show response
powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 4242 5 KB
2 KB 199ms
198ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetPresentationWithSlideById

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b2eee71d7b678cc620402a947d6d1620bdc8a3235a602360542bb7bdf9fc419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w9v1e7G9Bvmj_SWcwVxPtl0ksOMk1Mu70JjAjTN78INadj_U9NPh8sAkyq1MOEXrtdp-lWNmpjjttEbRo7AKTm5MwvJY7-l-VFnoOXryhzF5NARR-k22yk3T-okYNylNew4lAknwXuQYwWOQc6Y-fFQ
X-UserSessionId: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
X-AccessTokenTtl: 1670274595488
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15825.40515
X-Key: pBdXxC8RZrJIgiCA/HFSY7H2OiD66HHEWKKxLcvgB2o=,638040569958615093
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Nov 2022 21:09:56 GMT
x-officeversion: 16.0.15825.40515
x-officefe: AM4PEPF00006F86
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1780
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: c67f9cfc-5884-45b8-bcda-b11541433d19
x-officecluster: PNL1
x-usersessionid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
x-msedge-ref: Ref A: 7D7CDE5B1DBA42059DDFAD1C2F1748EB Ref B: AMS231032609029 Ref C: 2022-11-14T21:09:56Z
x-officefd: AM4PEPF00006F86
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
timing-allow-origin: *
expires: -1

GET
H/1.1 200
OK wapsw.png
c1-powerpoint-15.cdn.office.net/p/s/161582540515_resources/1031/ Frame 4242 6 KB
7 KB 8ms
8ms Image
image/png 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_resources/1031/wapsw.png?b=1601582415002

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=4CCC5E76527E7303&resid=4CCC5E76527E7303%21118&authkey=AFpdkaIiWVd-6WM&em=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 14 Nov 2022 21:09:56 GMT
X-OfficeVersion: 16.0.15825.40515
X-OfficeFE: AM4PEPF000103EE
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5884
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_excelslice,afd_visioslice,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 28 Oct 2022 09:32:17 GMT
X-CorrelationId: 37d097be-ae95-4218-9140-3ac2ab058ac7
X-UserSessionId: 37d097be-ae95-4218-9140-3ac2ab058ac7
X-MSEdge-Ref: Ref A: 5F2D9203DC14470FB540079CBBB3011F Ref B: AMS231032608037 Ref C: 2022-11-06T19:59:18Z
X-OfficeCluster: PNL1
ETag: "15f0af2bb0ead81:0"
X-OFFICEFD: AM4PEPF000103EE
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
BLOB 200
OK 4448ccf2-95ca-4101-857b-0a2be2b44934
https://powerpoint.officeapps.live.com/ Frame 4242 183 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://powerpoint.officeapps.live.com/4448ccf2-95ca-4101-857b-0a2be2b44934
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69a4082e274467bfd5cce7a601b3ed79ef9acac4d6f6e54125880c7268a92a49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 183
Content-Type: application/javascript

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 4242 0
384 B 162ms
162ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15825.40515&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":242,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 21:09:56 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.15901.40521
x-officefe: MW1PEPF00008706
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-ms-server-duration: 1.0417
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 23725a84-210c-490e-9797-24f93de7fae1
x-officecluster: PGTUS2
x-usersessionid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
x-msedge-ref: Ref A: 38A55175169D45BC97ABCED40027105C Ref B: AMS231032609029 Ref C: 2022-11-14T21:09:56Z
x-officefd: MW1PEPF00008706
x-download-options: noopen
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://powerpointonline.nelsdf.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PGTUS2"}]}
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
x-ms-request-id: 407978ef-3150-45d3-bee7-cccab84f2c85
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, IsIntentional, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

GET
H2

200

c.gif
c.live.com/ Frame B8EF
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=c40d8c10-5322-4125-bd19-05261681efa5&reqid=00108919912&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FF9DFE17%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=c40d8c10-5322-4125-bd19-05261681efa5&reqid=00108919912&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FF9DFE17%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=c40d8c10-5322-4125-bd19-05261681efa5&reqid=00108919912&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FF9DFE17%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
256 B

29ms
29ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=c40d8c10-5322-4125-bd19-05261681efa5&reqid=00108919912&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FF9DFE17%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1649%26IR%3D1%26EX%3D0%26L.h%3D950%26L.sjs%3D1093%26L.ttg%3D950%26C.st%3D1668460194783%26N.domIn%3D968%26N.dns%3D99%26N.tcp%3D40%26N.req%3D674%26N.resp%3D3%26N.navType%3D0%26N.redirectCount%3D0&r=0.6771718801903168&CtsSyncId=599CC69DCBC24831B743CC04DCF845ED&MUID=304F74E6A5A162B712ED66BAA1A166C5
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 21:09:56 GMT
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
server: Microsoft-IIS/10.0
etag: "40db785d3fdfd81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 21:09:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DBE9DCC2160D4E17829EB4DB327AAD6B Ref B: FRAEDGE2016 Ref C: 2022-11-14T21:09:56Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=c40d8c10-5322-4125-bd19-05261681efa5&reqid=00108919912&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FF9DFE17%26MA%3Dde-DE%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AEmbed.default.F.U.%26PLT%3D1649%26IR%3D1%26EX%3D0%26L.h%3D950%26L.sjs%3D1093%26L.ttg%3D950%26C.st%3D1668460194783%26N.domIn%3D968%26N.dns%3D99%26N.tcp%3D40%26N.req%3D674%26N.resp%3D3%26N.navType%3D0%26N.redirectCount%3D0&r=0.6771718801903168&CtsSyncId=599CC69DCBC24831B743CC04DCF845ED&MUID=304F74E6A5A162B712ED66BAA1A166C5
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 4242 42 KB
16 KB 101ms
9ms Script
application/javascript 23.205.236.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/BootView.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 23.205.236.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-236-6.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 21:09:56 GMT
X-MSNServer: RD0003FF23F6D7
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
X-ODWebServer: westeurope1-odwebp
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=69929, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16199

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 4242 12 KB
13 KB 212ms
211ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=2&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&access_token=4w9v1e7G9Bvmj%5FSWcwVxPtl0ksOMk1Mu70JjAjTN78INadj%5FU9NPh8sAkyq1MOEXrtdp%2DlWNmpjjttEbRo7AKTm5MwvJY7%2Dl%2DVFnoOXryhzF5NARR%2Dk22yk3T%2DokYNylNew4lAknwXuQYwWOQc6Y%2DfFQ&access_token_ttl=1670274595488&z=aNENDQzVFNzY1MjdFNzMwMyExMTguOA&usid=d405ae8d%2D8c87%2D4b51%2D8a69%2D68ebaa3cdce4&Rid=M87%5F1%5F608x342%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3805d972bdfbdbce691871bf53862b72fe69d20f5285ab43c8bf29d60fcd668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 21:09:56 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15825.40515
x-officefe: AM4PEPF0000726A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 12735
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 8a62b676-bd22-4f29-abea-1798f640c16a
x-officecluster: PNL1
x-usersessionid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
x-msedge-ref: Ref A: 4C14575B8B7A47449283A78994108D45 Ref B: AMS231032609029 Ref C: 2022-11-14T21:09:56Z
x-officefd: AM4PEPF0000726A
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&access_token=4w9v1e7G9Bvmj%5FSWcwVxPtl0ksOMk1Mu70JjAjTN78INadj%5FU9NPh8sAkyq1MOEXrtdp%2DlWNmpjjttEbRo7AKTm5MwvJY7%2Dl%2DVFnoOXryhzF5NARR%2Dk22yk3T%2DokYNylNew4lAknwXuQYwWOQc6Y%2DfFQ&access_token_ttl=1670274595488&z=aNENDQzVFNzY1MjdFNzMwMyExMTguOAM87_1_608x342.png
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Tue, 14 Nov 2023 21:09:56 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 4242 147 KB
148 KB 2103ms
2102ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d4b3ad1b274a1394ff38d0e046d6e325232dc7b9e0c0e11f2bea7ecf9c2932b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 21:09:58 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15825.40515
x-officefe: AM4PEPF0001081C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 150913
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 04f33aaf-08d6-4ac8-a13f-54fd9e6b0f14
x-officecluster: PNL1
x-usersessionid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
x-msedge-ref: Ref A: EC1FDE5986054FF298B2833EE6897324 Ref B: AMS231032609029 Ref C: 2022-11-14T21:09:56Z
x-officefd: AM4PEPF0001081C
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&access_token=4w9v1e7G9Bvmj%5FSWcwVxPtl0ksOMk1Mu70JjAjTN78INadj%5FU9NPh8sAkyq1MOEXrtdp%2DlWNmpjjttEbRo7AKTm5MwvJY7%2Dl%2DVFnoOXryhzF5NARR%2Dk22yk3T%2DokYNylNew4lAknwXuQYwWOQc6Y%2DfFQ&access_token_ttl=1670274595488&z=aNENDQzVFNzY1MjdFNzMwMyExMTguOAS0_1_608x342.png
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Tue, 14 Nov 2023 21:09:58 GMT

GET
H/1.1 404
Not Found segoeui.ttf
c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/ Frame 4242 0
0 172ms
172ms Font
text/html 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/segoeui.ttf

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/styleschromeless.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/styleschromeless.css
Origin: https://powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 14 Nov 2022 21:09:56 GMT
X-OfficeVersion: 16.0.15825.40515
X-OfficeFE: AM4PEPF000103EE
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1245
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
X-CorrelationId: a93c3d1e-8583-432d-9ab1-04962604158a
X-OfficeCluster: PNL1
X-UserSessionId: a93c3d1e-8583-432d-9ab1-04962604158a
X-MSEdge-Ref: Ref A: 567E8F2F38D9441EA8DDEF92F21CB0BE Ref B: AMS231032608009 Ref C: 2022-11-14T21:09:56Z
X-OFFICEFD: AM4PEPF000103EE
Content-Type: text/html
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 4242 12 KB
13 KB 204ms
203ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3805d972bdfbdbce691871bf53862b72fe69d20f5285ab43c8bf29d60fcd668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 21:09:58 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15825.40515
x-officefe: AM4PEPF00006963
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 12735
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 48c3148f-1d61-46fe-b0d0-afd3ea3a1449
x-officecluster: PNL1
x-usersessionid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
x-msedge-ref: Ref A: 0DC2FCAC5CE244B6B477E2F5BCFF77C9 Ref B: AMS231032609029 Ref C: 2022-11-14T21:09:58Z
x-officefd: AM4PEPF00006963
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&access_token=4w9v1e7G9Bvmj%5FSWcwVxPtl0ksOMk1Mu70JjAjTN78INadj%5FU9NPh8sAkyq1MOEXrtdp%2DlWNmpjjttEbRo7AKTm5MwvJY7%2Dl%2DVFnoOXryhzF5NARR%2Dk22yk3T%2DokYNylNew4lAknwXuQYwWOQc6Y%2DfFQ&access_token_ttl=1670274595488&z=aNENDQzVFNzY1MjdFNzMwMyExMTguOAM87_1_608x342.png
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Tue, 14 Nov 2023 21:09:59 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 4242 147 KB
148 KB 226ms
225ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d4b3ad1b274a1394ff38d0e046d6e325232dc7b9e0c0e11f2bea7ecf9c2932b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 21:09:58 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15825.40515
x-officefe: AM4PEPF00010824
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 150913
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 778b50e0-f47e-4e3f-b0e4-698de0b76ccb
x-officecluster: PNL1
x-usersessionid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
x-msedge-ref: Ref A: 3BDD23D00D5F4B489D3C1BE80CCC1A92 Ref B: AMS231032609029 Ref C: 2022-11-14T21:09:58Z
x-officefd: AM4PEPF00010824
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&access_token=4w9v1e7G9Bvmj%5FSWcwVxPtl0ksOMk1Mu70JjAjTN78INadj%5FU9NPh8sAkyq1MOEXrtdp%2DlWNmpjjttEbRo7AKTm5MwvJY7%2Dl%2DVFnoOXryhzF5NARR%2Dk22yk3T%2DokYNylNew4lAknwXuQYwWOQc6Y%2DfFQ&access_token_ttl=1670274595488&z=aNENDQzVFNzY1MjdFNzMwMyExMTguOAS0_1_608x342.png
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Tue, 14 Nov 2023 21:09:59 GMT

GET
H/1.1 200
OK reader.calypso.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/ Frame 4242 313 KB
64 KB 8ms
7ms Script
application/javascript 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/reader.calypso.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8811006b5bb38f42869c29abecd8d5adf645d0e3279eaaeddceb86e7ad6e72d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
Date: Mon, 14 Nov 2022 21:09:58 GMT
X-OfficeVersion: 16.0.15825.40515
X-OfficeFE: AM4PEPF0001081D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 64495
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 28 Oct 2022 10:26:41 GMT
X-CorrelationId: 6e55f6a1-09cb-4631-ae09-6c572fec9b19
X-UserSessionId: 6e55f6a1-09cb-4631-ae09-6c572fec9b19
X-MSEdge-Ref: Ref A: D21C0356FDF041CE87BF29180124F3FB Ref B: AMS231032606037 Ref C: 2022-11-09T15:19:22Z
X-OfficeCluster: PNL1
ETag: "9786dc5b7ead81:0"
X-OFFICEFD: AM4PEPF0001081D
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
c1-officeapps-15.cdn.office.net/p/s/161582540515_App_Scripts/ Frame 4242 41 KB
7 KB 27ms
7ms Script
application/javascript 2a02:26f0:480:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/161582540515_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dd4039f8afac6fd76b462c4fd4f90374b18db762719108491ac2e365196d71ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
Date: Mon, 14 Nov 2022 21:09:58 GMT
X-OfficeVersion: 16.0.15825.40515
X-OfficeFE: AM4PEPF00006F87
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 6113
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Nov 2022 04:24:36 GMT
X-CorrelationId: e0bfb0f7-d2b4-4ef1-850b-ff7a43e56d16
X-UserSessionId: e0bfb0f7-d2b4-4ef1-850b-ff7a43e56d16
X-MSEdge-Ref: Ref A: 5006B4B5738B486F99C83F3EC6A50749 Ref B: AMS231032604053 Ref C: 2022-11-14T17:17:15Z
X-OfficeCluster: PNL1
ETag: "f488f42cf3f3d81:0"
X-OFFICEFD: AM4PEPF000068BF
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 4242 0
649 B 134ms
134ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15825.40515&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":2770,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 21:09:58 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.15825.40515
x-officefe: SN3PEPF0000C0BC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-ms-server-duration: 0.5579
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 9535f7bb-b16d-4d8f-a1a0-696f2d70e444
x-officecluster: PGTUS5
x-usersessionid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
x-msedge-ref: Ref A: 71F973C60BD74A5DBE3CD708BEDD16BC Ref B: AMS231032609029 Ref C: 2022-11-14T21:09:58Z
x-officefd: SN3PEPF0000C0BC
x-download-options: noopen
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://powerpointonline.nelsdf.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PGTUS5"}]}
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
x-ms-request-id: be997a40-b6b3-42ad-bfb3-02f193b6ae42
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, IsIntentional, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 4242 4 KB
2 KB 213ms
212ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3b6c6473803e6fdcee8006c2f9b136287203c520a6008c2f71b5afe67aa97853

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w9v1e7G9Bvmj_SWcwVxPtl0ksOMk1Mu70JjAjTN78INadj_U9NPh8sAkyq1MOEXrtdp-lWNmpjjttEbRo7AKTm5MwvJY7-l-VFnoOXryhzF5NARR-k22yk3T-okYNylNew4lAknwXuQYwWOQc6Y-fFQ
X-UserSessionId: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
X-AccessTokenTtl: 1670274595488
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15825.40515
X-Key: pBdXxC8RZrJIgiCA/HFSY7H2OiD66HHEWKKxLcvgB2o=,638040569958615093
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Nov 2022 21:09:58 GMT
x-officeversion: 16.0.15825.40515
x-officefe: AM4PEPF00010825
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1530
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 8d5c14c0-339d-4a33-b98a-67951061ec42
x-officecluster: PNL1
x-usersessionid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
x-msedge-ref: Ref A: 6D9E29897DE840D48CA360E155809FDD Ref B: AMS231032609029 Ref C: 2022-11-14T21:09:58Z
x-officefd: AM4PEPF00010825
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 4242 0
885 B 104ms
103ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15825.40515&waccluster=PNL1

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w9v1e7G9Bvmj_SWcwVxPtl0ksOMk1Mu70JjAjTN78INadj_U9NPh8sAkyq1MOEXrtdp-lWNmpjjttEbRo7AKTm5MwvJY7-l-VFnoOXryhzF5NARR-k22yk3T-okYNylNew4lAknwXuQYwWOQc6Y-fFQ
X-UserSessionId: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
X-AccessTokenTtl: 1670274595488
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15825.40515
X-Key: pBdXxC8RZrJIgiCA/HFSY7H2OiD66HHEWKKxLcvgB2o=,638040569958615093
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-bULS-SuppressionETag: 799F89FDF4916AF2516D39691235B16683DD11DB
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 21:09:58 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.15901.40521
x-officefe: BL6PEPF0000BB63
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 799F89FDF4916AF2516D39691235B16683DD11DB
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-ms-server-duration: 2.1038
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: c7b3736c-05da-433e-80f8-2edf2668befa
x-officecluster: PGTUS6
x-usersessionid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
x-msedge-ref: Ref A: 1B966454A5294DC6A2EDF1A64DF1E3FE Ref B: AMS231032609029 Ref C: 2022-11-14T21:09:58Z
x-officefd: BL6PEPF0000BB63
x-download-options: noopen
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://powerpointonline.nelsdf.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PGTUS6"}]}
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
x-ms-request-id: 92741aa0-de09-4b89-8f08-4dca370d0004
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, IsIntentional, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

GET
H/1.1 200
OK otelFull.min.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/ Frame 4242 99 KB
29 KB 8ms
8ms Script
application/javascript 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/otelFull.min.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
Date: Mon, 14 Nov 2022 21:09:58 GMT
X-OfficeVersion: 16.0.15825.40515
X-OfficeFE: AM4PEPF00010823
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 28874
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 28 Oct 2022 07:46:48 GMT
X-CorrelationId: 9e05ade9-df6a-4549-b509-696e0ee8c4d2
X-UserSessionId: 9e05ade9-df6a-4549-b509-696e0ee8c4d2
X-MSEdge-Ref: Ref A: 9F5DFCD35C1B4CB79462696EB43C737C Ref B: AMS231032604051 Ref C: 2022-11-09T15:38:06Z
X-OfficeCluster: PNL1
ETag: "b057536fa1ead81:0"
X-OFFICEFD: AM4PEPF00010823
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK prt.png
c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/ Frame 4242 13 KB
14 KB 8ms
8ms Image
image/png 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/prt.png

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/reader.calypso.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 14 Nov 2022 21:09:58 GMT
X-OfficeVersion: 16.0.15901.40521
X-OfficeFE: DM3PEPF00012EA4
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 13611
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 07 Nov 2022 06:13:32 GMT
X-CorrelationId: 15114e81-6406-453c-bf3c-02577d4ef24c
X-UserSessionId: 15114e81-6406-453c-bf3c-02577d4ef24c
X-MSEdge-Ref: Ref A: 77EC2B955BC9443083B6FA453CC7EB9D Ref B: AMS231032609047 Ref C: 2022-11-07T06:13:31Z
X-OfficeCluster: US4C
ETag: W/"fb82b2f70f2d81:0"
X-OFFICEFD: DM3PEPF000132AC
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 4242 4 B
379 B 846ms
251ms XHR
application/json 20.189.173.7

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/ping

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptScripts/otelFull.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.7 -, , ASN (),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 14 Nov 2022 21:09:59 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://powerpoint.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 4242 0
1 KB 106ms
106ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15825.40515&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem
X-UserSessionId: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":2771,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 21:09:58 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
x-officeversion: 16.0.15901.40521
x-officefe: BL6PEPF0000BB71
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-ms-server-duration: 0.5398
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: e8ab84bf-a923-4a03-a353-a51408213a22
x-officecluster: PGTUS6
x-usersessionid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
x-msedge-ref: Ref A: 79147D7309234CC8A661DD6432948E83 Ref B: AMS231032609029 Ref C: 2022-11-14T21:09:59Z
x-officefd: BL6PEPF0000BB71
x-download-options: noopen
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://powerpointonline.nelsdf.measure.office.net/api/report?FrontEnd=NoAFD&DestinationEndpoint=None&DC=PGTUS6"}]}
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
x-ms-request-id: 4c2f840b-f399-4ebc-9e4f-98226a7f2e2d
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, IsIntentional, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 4242 2 KB
3 KB 331ms
331ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e8f54b33ea6efd6da11560b79b0ba47634db0c3e75fc44230450a183fb9fc8ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 21:09:59 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15825.40515
x-officefe: AM4PEPF00006964
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2014
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 9fef0705-048a-4011-a247-334e84d731af
x-officecluster: PNL1
x-usersessionid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
x-msedge-ref: Ref A: 8BCD5CDDC32840DEB88C9AFBA282053C Ref B: AMS231032609029 Ref C: 2022-11-14T21:09:59Z
x-officefd: AM4PEPF00006964
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&access_token=4w9v1e7G9Bvmj%5FSWcwVxPtl0ksOMk1Mu70JjAjTN78INadj%5FU9NPh8sAkyq1MOEXrtdp%2DlWNmpjjttEbRo7AKTm5MwvJY7%2Dl%2DVFnoOXryhzF5NARR%2Dk22yk3T%2DokYNylNew4lAknwXuQYwWOQc6Y%2DfFQ&access_token_ttl=1670274595488&z=aNENDQzVFNzY1MjdFNzMwMyExMTguOAM8E_1_608x342.png
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Tue, 14 Nov 2023 21:09:59 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 4242 64 KB
65 KB 1673ms
1673ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

636791d50da7a88b97e4dd4fb69d2a8372652906300b83307e8825000350d6a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=de-DE&rs=en-US&hid=nHdATrlxWUK6ttIDKRBI0A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&sc=host%3D%26qt%3DDefault%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 21:10:00 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15825.40515
x-officefe: AM4PEPF00006023
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 65896
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: c683eeef-3676-46ea-853f-76bee95b4882
x-officecluster: PNL1
x-usersessionid: d405ae8d-8c87-4b51-8a69-68ebaa3cdce4
x-msedge-ref: Ref A: 8B60C1D9D155484FA5ED0BC074039C37 Ref B: AMS231032609029 Ref C: 2022-11-14T21:09:59Z
x-officefd: AM4PEPF00006023
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F4CCC5E76527E7303%21118&access_token=4w9v1e7G9Bvmj%5FSWcwVxPtl0ksOMk1Mu70JjAjTN78INadj%5FU9NPh8sAkyq1MOEXrtdp%2DlWNmpjjttEbRo7AKTm5MwvJY7%2Dl%2DVFnoOXryhzF5NARR%2Dk22yk3T%2DokYNylNew4lAknwXuQYwWOQc6Y%2DfFQ&access_token_ttl=1670274595488&z=aNENDQzVFNzY1MjdFNzMwMyExMTguOAS1_1_608x342.png
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Tue, 14 Nov 2023 21:10:00 GMT

POST GetSlide
powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 4242 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 11:46:52	Name: _GRECAPTCHA Value: 09AHrz1vYrwStC7Tx-pGrHYXCRIfuNTUXgdIUIYHjU7vvt9rzEgEtMOb_iQjZvnEwLo6SbckNxZx7xLYaFpyx7w_A
.linderlake.com/	1970-01-20 09:37:16	Name: _gcl_au Value: 1.1.1039426747.1668460195
.linderlake.com/	1970-01-20 17:03:40	Name: _ga Value: GA1.2.1991997091.1668460195
.linderlake.com/	1970-01-20 07:29:06	Name: _gid Value: GA1.2.720452085.1668460195
.linderlake.com/	1970-01-20 07:27:40	Name: _gat_gtag_UA_175559692_1 Value: 1
.doubleclick.net/	1970-01-20 07:27:41	Name: test_cookie Value: CheckForPermission
powerpoint.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
.live.com/	1970-01-20 16:49:16	Name: MUID Value: 304F74E6A5A162B712ED66BAA1A166C5
.bing.com/	1970-01-20 16:49:16	Name: MUID Value: 304F74E6A5A162B712ED66BAA1A166C5
.c.bing.com/	1970-01-20 16:49:16	Name: SRM_B Value: 304F74E6A5A162B712ED66BAA1A166C5
.c.bing.com/	1970-01-20 16:49:16	Name: SRM_L Value: 304F74E6A5A162B712ED66BAA1A166C5
.c.live.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.live.com/	1970-01-20 07:27:40	Name: ANONCHK Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/segoeui.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://c1-powerpoint-15.cdn.office.net/p/s/161582540515_PptResources/1031/segoeui.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c.bing.com
c.live.com
c1-officeapps-15.cdn.office.net
c1-powerpoint-15.cdn.office.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.live.net
linderlake.com
onedrive.live.com
powerpoint.officeapps.live.com
res-1.cdn.office.net
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
powerpoint.officeapps.live.com
13.107.43.13
20.189.173.7
20.234.93.27
200.225.41.249
23.205.236.6
2620:1ec:a92::171
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c0d::9b
2a02:26f0:3500:586::4b36
2a02:26f0:3500:c::5c7b:683d
2a02:26f0:480:294::4b36
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0311641381d6d7a0f8eb102f0b325da238c696ce6b945540cdde66bb5d82504e
074d9505d547acdfced56ba7203b153958881abceb7a19326029f652acb75191
07ff0b2426887067673b4e02fe2f57aeb33ea937183b8f6790065921209d59e0
0859da458d81f0c0b688f2577152589b812cd4c55630b31b3f87089d6f5b93b1
095ff0aab53ffc451b8f8efc1683a4229d7460be8a09ee811b88e470be0c0441
134b024fd753ce50172273c732e43fc9872d9e92398b0ef939412e55d6b90476
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
13b0a34ceb46a2eafb004037bccb4c907c7fed41475b0779f511b4ab60f2e1ca
14c110085d8e0ec3560f9794b9a998106dd5e3ccee24ac74d1b41a4a47997ff2
1858c50ebbd701613656980065ad2126cf62d2a6649f35cfd3a76e93f97aef01
187af6783dd59cd3b9dd90e77b3daa1509c1c3c18f5ce5d6fe2133f9bc3828df
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1c4c71986546b48ec53d695236c90f972084a72f4646793c0e6cc14bf26f13b3
1c6f23e99f260b2119c71f79c4f9dc0f257e0aa8bb1c9fe4bc8c874da45aaa9c
1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d
1cdfe8a8c95a5a93f441830b2a18dbe884016235e11b55dc7955505f5992ab5b
20738b92edeadb89e1191cc6ff1ce4b424fce38ce9e391142ef8947c612d75aa
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
23f6736649eaf600d1741d64ab10b7baa9c976b864847caaa40c469879f9c81c
24a1d530f47847a53c5d016e452ef4d2e9eb89eb97b6e8d8907d1f4e3216d556
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3b6c6473803e6fdcee8006c2f9b136287203c520a6008c2f71b5afe67aa97853
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171
506c514ead1999b7f1f051d87f26995f8bac2798c0ca83ce3f55f5b6fc63480f
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d
5d80f13fd7524318f81eb1301170d4d0fbee242c12403c01f3a06c9f681192c7
5f0c557a33e6392c05e873114204f5d36b35cb585e6bd6e658ba6aebe38d28b9
636791d50da7a88b97e4dd4fb69d2a8372652906300b83307e8825000350d6a4
689cd339b9de5d18314f13848a05a7ede4548ae9e30673035d1302da6d139ba1
69a4082e274467bfd5cce7a601b3ed79ef9acac4d6f6e54125880c7268a92a49
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6ba5e1470a4bf5fe6a71bd94a88f1fe8c2a8e13d990accacaf8ab473b8927c61
75dcdbaa57164aae681c6b0f7a4678aad106039d0a9d04f510aacb89bdf8d20a
7664fbce0f54b49f0cc633e76c50919ee1cfd241b42f077a9c23bfef3fc0a475
81ec2620ff4ba849e3839257a84455b351aa24c1b5a542bd53b3a5f57dbaf25d
83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8811006b5bb38f42869c29abecd8d5adf645d0e3279eaaeddceb86e7ad6e72d3
89119c28107e8082f4070fd189be04f4d52773986d54e9f5428946ce5698996b
8d13e5f190e4c0f968ed033233598e278d294737abc5a46c5e0505b1f88320cb
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
98787f386b0e484a7cb1fe76f22916c03bcccccd5d9b37a57025d5b4cf6ac92f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d3e7367ff42d0dca6d56396310d972010238597faa8d2a7869ff5fa0e1bae7
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a99036457a6272598cad9367b204d3cfe4b22af9aa17d212b3f765c4fc1649d6
b091fb04aeb43da4cec3392a4de451d0f6b97a91235e0dc68560bc271c2b83c8
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b2eee71d7b678cc620402a947d6d1620bdc8a3235a602360542bb7bdf9fc419a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe
ba7876c74da46163c2b68486c9f13051a08e653cc14d28ca144d05dfe897da31
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
bebee2d55b1641e7b16ba986128936cf7318aa01388f748ee4e5ee4083cff529
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
c6cf450ce7bf6e1b6ee27c5d06d58ad0c1016c2d2515865c15d5cb6d36d604ca
c72a9fcf0cb9f411f85f710d0450a462da7a5ee5b92684102b8635af11323f74
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cce073f327be66a527e0d259088bd5ac77653cef03c0c11e115389f42768d734
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d4b3ad1b274a1394ff38d0e046d6e325232dc7b9e0c0e11f2bea7ecf9c2932b4
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d599b8e67a4aa97149614ec5b439f91d6bbd2e3716aee08f88ea9474e21a68ca
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
d752ca7d092ed89cefda8ffb94ff88fe44410f820cd037a096fc5ad45a19437a
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
d84a1a047b4e7898fb0fb94ba68b519ec8d5c3bffabb6634e20e03baeff99f7a
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
dd4039f8afac6fd76b462c4fd4f90374b18db762719108491ac2e365196d71ac
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df23f6d11d3992b687a5c0a1a24787648606df94dd6251c0d000a49f01318638
e2ea3e01b3fc952312e4aa1cf24784574e62a3802c77095a7be05ea0ae521506
e3805d972bdfbdbce691871bf53862b72fe69d20f5285ab43c8bf29d60fcd668
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c
e8f54b33ea6efd6da11560b79b0ba47634db0c3e75fc44230450a183fb9fc8ec
ea14d1b1233e6cbc9b1a156ac532f076f7adafc309726fca7bf8833f882ac872
ebc2778821dd7ab9a9d6eb372f2d848e5750da68a4b319f1c170b7ae9df0156e
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11874e5240e27e89dc7d484a5791e6d9c432c2f1b42d76ff4a808a759b512a8
f197ff63bcea0dc2e572e72f231ac1b493800866a21428eccd6e0a0fac1081e2
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f6af97fac9cbea2fee9b8b1d066599c64377b5a4e6e57a6239dfd08e0a92bd22
f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb
fc61703e1ce27b748ad533e812e2b242334ff3eee6dff91b2cc13d1ca35227bf
fde0d5a578eb6673d38d66dff152e36b610384b19954f0723e07f4302305592f
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

linderlake.com Open in urlscan Pro 200.225.41.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

124 Requests

98 %HTTPS

74 %IPv6

13 Domains

19 Subdomains

19 IPs

4 Countries

7099 kBTransfer

11160 kBSize

13 Cookies

4 Outgoing links

Page URL History

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

linderlake.com Open in urlscan Pro
200.225.41.249 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

98 %
HTTPS

74 %
IPv6

13
Domains

19
Subdomains

19
IPs

4
Countries

7099 kB
Transfer

11160 kB
Size

13
Cookies

124 HTTP transactions
0 data transactions