view.officeapps.live.com Open in urlscan Pro
2620:1ec:a92::171 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fcha.com%2Fwp-content%2Fuploads%2F2021%2F09%2FNHSN-COVID-19-Module...
Submission: On October 06 via manual (October 6th 2022, 11:02:26 am UTC) from US — Scanned from DE

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 37 HTTP transactions. The main IP is 2620:1ec:a92::171, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is view.officeapps.live.com. The Cisco Umbrella rank of the primary domain is 49473.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on April 19th 2022. Valid for: a year.

This is the only time view.officeapps.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2a02:26f0:350... 2a02:26f0:3500:586::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	92.123.11.106 92.123.11.106	16625 (AKAMAI-AS) (AKAMAI-AS)
37	4

19 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pnl1-powerpoint.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:3500:586::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1-powerpoint-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1-officeapps-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.11.106 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-11-106.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	live.com view.officeapps.live.com — Cisco Umbrella Rank: 49473 pnl1-powerpoint.officeapps.live.com — Cisco Umbrella Rank: 299174	434 KB
11	office.net c1-powerpoint-15.cdn.office.net — Cisco Umbrella Rank: 13684 c1-officeapps-15.cdn.office.net — Cisco Umbrella Rank: 6530	663 KB
1	live.net js.live.net — Cisco Umbrella Rank: 21485	16 KB
37	3

	Domain	Requested by
18	pnl1-powerpoint.officeapps.live.com	pnl1-powerpoint.officeapps.live.com c1-powerpoint-15.cdn.office.net
10	c1-powerpoint-15.cdn.office.net	pnl1-powerpoint.officeapps.live.com c1-powerpoint-15.cdn.office.net
1	js.live.net	c1-powerpoint-15.cdn.office.net
1	c1-officeapps-15.cdn.office.net	pnl1-powerpoint.officeapps.live.com c1-powerpoint-15.cdn.office.net
1	view.officeapps.live.com
37	5

This site contains no links.

Subject Issuer	Validity	Valid
officeapps.live.com DigiCert Cloud Services CA-1	`2022-04-19` - `2023-04-18`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2022-08-12` - `2023-08-12`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fcha.com%2Fwp-content%2Fuploads%2F2021%2F09%2FNHSN-COVID-19-Module-Training.pptx&wdOrigin=BROWSELINK
Frame ID: D7DB30E448178191ED3AA0FA0448E611
Requests: 2 HTTP requests in this frame

Frame: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
Frame ID: 5369F80B524601191C1B86A62CA04181
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NHSN-COVID-19-Module-Training.pptx

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

Page Statistics

37
Requests

84 %
HTTPS

67 %
IPv6

3
Domains

5
Subdomains

4
IPs

3
Countries

1113 kB
Transfer

3496 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request view.aspx Show response
view.officeapps.live.com/op/ 4 KB
3 KB 162ms
70ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.officeapps.live.com/op/view.aspx?src=https%3A%2F%2Fcha.com%2Fwp-content%2Fuploads%2F2021%2F09%2FNHSN-COVID-19-Module-Training.pptx&wdOrigin=BROWSELINK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1b97cad88c71dbae5628ec1f0d1dffe72cc09763ae25eafce4563b1f116b7b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 06 Oct 2022 11:02:21 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: d8bb87c1-d244-4ed5-b5f0-a59b194f9820
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: DFDBBBADE9F2477A9D50E08BEE1F491E Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:21Z
x-officecluster: PNL1
x-officefd: AM4PEPF0001962D
x-officefe: AM4PEPF000069DF
x-officeversion: 16.0.15721.41013

GET
DATA 200
OK truncated
/ 695 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 PowerPointFrame.aspx Show response
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 89 KB
91 KB 90ms
56ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

879c0047948651fb642648870bbd5f672cafef260a02958908ca13b1f7b76a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://view.officeapps.live.com
Referer: https://view.officeapps.live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy-report-only: font-src data: c1-powerpoint-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com *.youtube.com s.ytimg.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com *.officeapps.live.com https:; object-src 'self' *.youtube.com s.ytimg.com https:; child-src blob: * https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /p/reportcsp.ashx
content-type: text/html; charset=utf-8
date: Thu, 06 Oct 2022 11:02:21 GMT
document-policy: js-profiling
expires: -1
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-correlationid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-ref: Ref A: E2E1AB82340F4E5D81DF15B3425824CC Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:22Z
x-officecluster: PNL1
x-officefd: AM4PEPF00010821
x-officefe: AM4PEPF00010821
x-officeversion: 16.0.15721.40508
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688

GET
H/1.1 200
OK stylesread.css
c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/ Frame 5369 287 KB
35 KB 295ms
23ms Stylesheet
text/css 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/stylesread.css

Requested by

Host: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

156fbf78bba8a15c43ae6c2dd95e50165167467f9e9efc8dac728d8939be0dd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
Date: Thu, 06 Oct 2022 11:02:22 GMT
X-OfficeVersion: 16.0.15631.40512
X-OfficeFE: AM4PEPF00006964
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 35077
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 26 Sep 2022 06:50:14 GMT
X-CorrelationId: b13c739d-5cc0-456b-b253-151632181fcf
X-UserSessionId: b13c739d-5cc0-456b-b253-151632181fcf
X-MSEdge-Ref: Ref A: 966B53CA471F423E9FC5C8129E67203A Ref B: AMS231032608035 Ref C: 2022-09-26T06:50:14Z
X-OfficeCluster: PNL1
ETag: W/"86beda3a74d1d81:0"
X-OFFICEFD: AM4PEPF00006964
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjax.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161572140508_App_Scripts/ Frame 5369 106 KB
28 KB 294ms
23ms Script
application/javascript 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_App_Scripts/MicrosoftAjax.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-powerpoint.officeapps.live.com/
Origin: https://pnl1-powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Date: Thu, 06 Oct 2022 11:02:22 GMT
X-OfficeVersion: 16.0.15631.40512
X-OfficeFE: AM4PEPF0001081C
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 27244
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 26 Sep 2022 06:46:39 GMT
X-CorrelationId: e78dbd4d-0d67-4482-b8f1-72764a54dcb7
X-UserSessionId: e78dbd4d-0d67-4482-b8f1-72764a54dcb7
X-MSEdge-Ref: Ref A: 712154537BA443A6B9AB5BAC18361766 Ref B: AMS231032605005 Ref C: 2022-09-26T06:46:39Z
X-OfficeCluster: PNL1
ETag: W/"8031a1ba73d1d81:0"
X-OFFICEFD: AM4PEPF0001081C
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK powerpointintl.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptScripts/1031/ Frame 5369 307 KB
63 KB 292ms
22ms Script
application/javascript 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptScripts/1031/powerpointintl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7aa999d7136342877b4d4a3c7eeff9e45d837f0e4d2a130ce2d20f66b1318f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-powerpoint.officeapps.live.com/
Origin: https://pnl1-powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
Date: Thu, 06 Oct 2022 11:02:22 GMT
X-OfficeVersion: 16.0.15631.40512
X-OfficeFE: AM4PEPF00006966
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 63277
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 26 Sep 2022 06:50:14 GMT
X-CorrelationId: c2fe557b-5978-4350-bd87-c66d0465f2c6
X-UserSessionId: c2fe557b-5978-4350-bd87-c66d0465f2c6
X-MSEdge-Ref: Ref A: D10C692BB3074B8FA7CBAD92A8AE9986 Ref B: AMS231032603029 Ref C: 2022-09-26T06:50:14Z
X-OfficeCluster: PNL1
ETag: W/"d751dd3a74d1d81:0"
X-OFFICEFD: AM4PEPF00006966
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK BootView.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptScripts/ Frame 5369 2 MB
380 KB 294ms
24ms Script
application/javascript 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptScripts/BootView.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

351f4b49d422d5aaab5bfc1fea4d74c54ee3e5a4dbff2b826e9225c3bde1e61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-powerpoint.officeapps.live.com/
Origin: https://pnl1-powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
Date: Thu, 06 Oct 2022 11:02:22 GMT
X-OfficeVersion: 16.0.15631.40512
X-OfficeFE: AM4PEPF00010823
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 387712
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 26 Sep 2022 06:53:28 GMT
X-CorrelationId: 99ebc119-ae16-406c-969c-f96ded3fe758
X-UserSessionId: 99ebc119-ae16-406c-969c-f96ded3fe758
X-MSEdge-Ref: Ref A: B9CC78107F1744FDA34D699D5EA48A38 Ref B: AMS231032608009 Ref C: 2022-09-26T06:53:28Z
X-OfficeCluster: PNL1
ETag: W/"fd68abae74d1d81:0"
X-OFFICEFD: AM4PEPF00010823
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/p/s/161572140508_resources/1031/ Frame 5369 695 B
2 KB 152ms
22ms Image
image/gif 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/161572140508_resources/1031/progress.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000, max-age=31536000
Date: Thu, 06 Oct 2022 11:02:22 GMT
X-OfficeVersion: 16.0.15631.40512
X-Powered-By: ARR/3.0
X-OfficeFE: DB5PEPF0000C879
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 26 Sep 2022 06:50:14 GMT
X-CorrelationId: f56402e3-5413-4184-9d6f-d58d0e6771a8, f56402e3-5413-4184-9d6f-d58d0e6771a8
X-UserSessionId: f56402e3-5413-4184-9d6f-d58d0e6771a8, f56402e3-5413-4184-9d6f-d58d0e6771a8
X-MSEdge-Ref: Ref A: 2E5B6B82235A40E9B3D886ADE929CF85 Ref B: AMS231032604037 Ref C: 2022-09-26T06:50:14Z
X-OfficeCluster: PIE1
ETag: W/"61ab13b74d1d81:0"
X-OFFICEFD: DB5PEPF0000F303
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK prt.png
c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/ Frame 5369 13 KB
14 KB 293ms
24ms Image
image/png 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/prt.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 06 Oct 2022 11:02:22 GMT
X-OfficeVersion: 16.0.15631.40512
X-OfficeFE: AM4PEPF0001081A
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 13611
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 26 Sep 2022 06:50:14 GMT
X-CorrelationId: ead83c5b-a164-4dc8-847d-3e11d0c51540
X-UserSessionId: ead83c5b-a164-4dc8-847d-3e11d0c51540
X-MSEdge-Ref: Ref A: E4DC3301C29749BCB67B9925C7AAAF78 Ref B: AMS231032609019 Ref C: 2022-09-26T06:50:14Z
X-OfficeCluster: PNL1
ETag: W/"ef3d63a74d1d81:0"
X-OFFICEFD: AM4PEPF0001081A
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 0
457 B 30ms
29ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15721.40508&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
X-UserSessionId: 07601800-811b-4c2a-a53b-8d5a85206688
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":1,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 11:02:21 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF00010824
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: fbff74ce-e4c8-4e6a-b5fe-822791bb170e
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: EB8A6035EF5345C3BC415CD951645537 Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:22Z
x-officefd: AM4PEPF00010824
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 0
349 B 31ms
30ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15721.40508&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
X-UserSessionId: 07601800-811b-4c2a-a53b-8d5a85206688
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":326,"Value":"https://c1-powerpoint-15.cdn.office.net:443/p/s/161572140508_PptResources/1031/stylesread.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 11:02:21 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF0000726A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 82407948-f36c-49cc-aaa1-72fbc9fe1a08
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: 63FFFBCA5DB643A3908334E6F3DE0D4A Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:22Z
x-officefd: AM4PEPF0000726A
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 0
441 B 30ms
29ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15721.40508&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
X-UserSessionId: 07601800-811b-4c2a-a53b-8d5a85206688
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":500,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 11:02:22 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF00010823
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_visioslice_control,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7efc143f-70c2-4221-b1f5-f0aa4450ea08
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: 26788A3B1DD34AEAB2BB812A66CDB83A Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:22Z
x-officefd: AM4PEPF00010823
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

GET
H/1.1 404
Not Found segoeui.woff
c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/ Frame 5369 0
0 167ms
167ms Font
text/html 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/segoeui.woff

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/stylesread.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/stylesread.css
Origin: https://pnl1-powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 06 Oct 2022 11:02:22 GMT
X-OfficeVersion: 16.0.15721.40508
X-OfficeFE: AM4PEPF00006965
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1245
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
X-CorrelationId: 9e007ab9-b1e1-4f9b-a0f5-1aa1e209ed98
X-OfficeCluster: PNL1
X-UserSessionId: 9e007ab9-b1e1-4f9b-a0f5-1aa1e209ed98
X-MSEdge-Ref: Ref A: 657D67138D544D78964B1687B0110AB7 Ref B: AMS231032606021 Ref C: 2022-10-06T11:02:22Z
X-OFFICEFD: AM4PEPF00006965
Content-Type: text/html
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *

POST
H2 200 GetPresentationWithSlideById Show response
pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 5369 8 KB
3 KB 956ms
956ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetPresentationWithSlideById

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bdee887aee205dc106dfd13f9aa604d374a45491a26c50ced0601d30613b49f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 1
X-UserSessionId: 07601800-811b-4c2a-a53b-8d5a85206688
X-AccessTokenTtl: 0
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15721.40508
X-Key: DoZbIVB5pH8BZ73kO8lPSBYOSBHxPd1082KHdSmwebE=,638006509421340989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 11:02:23 GMT
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF00010824
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2387
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: a7300f69-21a2-4d5d-8fd1-10a4af2cb2c9
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: 844E9555CCD54AF8AF108526DF3DC83F Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:22Z
x-officefd: AM4PEPF00010824
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
timing-allow-origin: *
expires: -1

GET
H/1.1 200
OK prt2.png
c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/ Frame 5369 38 KB
39 KB 24ms
24ms Image
image/png 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/prt2.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0c76d70e9992d863540c63932b0b04820c2ffb3c2f0b44d949af68cdb43fc95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 06 Oct 2022 11:02:22 GMT
X-OfficeVersion: 16.0.15631.40512
X-OfficeFE: AM4PEPF00007277
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 38870
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 26 Sep 2022 06:50:16 GMT
X-CorrelationId: d3ded857-df17-42d5-900c-0c611d591fe8
X-UserSessionId: d3ded857-df17-42d5-900c-0c611d591fe8
X-MSEdge-Ref: Ref A: 8F2C7181E89841A29BF351F5D0FDEDA3 Ref B: AMS231032605005 Ref C: 2022-09-26T06:50:16Z
X-OfficeCluster: PNL1
ETag: W/"f93f723c74d1d81:0"
X-OFFICEFD: AM4PEPF00007277
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
BLOB 200
OK ad9621ef-fcf7-4b94-abd5-80f07bb2ce34
https://pnl1-powerpoint.officeapps.live.com/ Frame 5369 183 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pnl1-powerpoint.officeapps.live.com/ad9621ef-fcf7-4b94-abd5-80f07bb2ce34
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92dcf2d6fbe378fecd28e26b852b0bbaefcc5f96b00586982191852881e1c23d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length: 183
Content-Type: application/javascript

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 5369 42 KB
16 KB 270ms
77ms Script
application/javascript 92.123.11.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptScripts/BootView.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 92.123.11.106 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-11-106.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://pnl1-powerpoint.officeapps.live.com/
Origin: https://pnl1-powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Thu, 06 Oct 2022 11:02:23 GMT
X-MSNServer: RD0003FF241B64
Content-Encoding: gzip
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
X-ODWebServer: westeurope1-odwebp
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=61626, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16199

GET
H/1.1 404
Not Found segoeui.ttf
c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/ Frame 5369 0
0 164ms
164ms Font
text/html 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/segoeui.ttf

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/stylesread.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/stylesread.css
Origin: https://pnl1-powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 06 Oct 2022 11:02:23 GMT
X-OfficeVersion: 16.0.15721.40508
X-OfficeFE: AM4PEPF00010822
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1245
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
X-CorrelationId: b7935152-1d55-4ec1-bc30-a35deec74ebc
X-OfficeCluster: PNL1
X-UserSessionId: b7935152-1d55-4ec1-bc30-a35deec74ebc
X-MSEdge-Ref: Ref A: 2D769EC0E74D47CFADE7B6F5C39FF1E9 Ref B: AMS231032601049 Ref C: 2022-10-06T11:02:22Z
X-OFFICEFD: AM4PEPF00010822
Content-Type: text/html
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *

GET
H2 202 imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 0
246 B 106ms
105ms Image
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pnl1-powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=0&PF=4&WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token=1&access_token_ttl=0&z=28dc70dbad521a6b71a01fc11418a85768d33f96f5362e2afbe47c0fa9233f49&usid=07601800%2D811b%2D4c2a%2Da53b%2D8d5a85206688&Rid=M10%5FBG%5F1504x846%2Ejpg&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 11:02:23 GMT
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF00006966
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: c920070a-fd18-4045-bec8-434efa11c55b
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: 96070EC05D3F4FF89BD3D7DDA8A0E1AE Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:23Z
x-officefd: AM4PEPF00006966
cache-control: private
timing-allow-origin: *

GET
H2 202 imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 0
214 B 80ms
79ms Image
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 11:02:23 GMT
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF00010823
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 848509ac-c62c-402c-83cc-e990336e744a
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: 6205F8BF244B40DCB2282A96866DE4A6 Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:23Z
x-officefd: AM4PEPF00010823
cache-control: private
timing-allow-origin: *

GET
H2 202 imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 0
262 B 358ms
357ms Image
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 11:02:23 GMT
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5fa45a14-337c-4847-91ad-32039e18f359
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: C778A8AC37C04999877DD496DFC6784E Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:23Z
x-officefd: AM4PEPF00006967
cache-control: private
timing-allow-origin: *

GET
H2 202 imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 0
273 B 60ms
59ms Image
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 11:02:23 GMT
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF00010821
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice_control,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 58c42e94-45a6-4e84-adf5-45621ab296ef
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: 1B8A6B7A65EF4C58BA241CBA38BE2789 Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:23Z
x-officefd: AM4PEPF00010821
cache-control: private
timing-allow-origin: *

GET
H2 202 imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 0
159 B 106ms
105ms Image
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 11:02:23 GMT
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF0000726A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 340154ec-865d-44df-8244-a0e410550d6d
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: 545DE8052EFF4AB791037A853D058719 Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:23Z
x-officefd: AM4PEPF0000726A
cache-control: private
timing-allow-origin: *

GET
H2 200 imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 138 KB
138 KB 37ms
37ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

94a96d32fcd42f621708baaa93c25ae8218da0bd0206554e09a3400afd04b5e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 11:02:23 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF00010823
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 140840
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 3cb03bb9-e4ea-4918-8b2a-d65406b8e7d8
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: 3E9E6273543844A7B90FB753EFD592D4 Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:24Z
x-officefd: AM4PEPF00010823
etag: WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token=1&access_token_ttl=0&z=28dc70dbad521a6b71a01fc11418a85768d33f96f5362e2afbe47c0fa9233f49S0_1_1504x846.png
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Fri, 06 Oct 2023 11:02:24 GMT

GET
H2 200 imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 502 B
1 KB 43ms
42ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0729e40d3a15d0c4f55fa29d43bc17082b1f8019e77911de58078f01f6035f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 11:02:25 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 502
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: a0b4f4ba-c015-4070-9707-0c00bd7bb2e0
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: 6C69A800CBB144B3911D664091E4E965 Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:25Z
x-officefd: AM4PEPF00006967
etag: WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token=1&access_token_ttl=0&z=28dc70dbad521a6b71a01fc11418a85768d33f96f5362e2afbe47c0fa9233f49M10_1_1504x846.png
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Fri, 06 Oct 2023 11:02:25 GMT

GET
H2 200 imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 27 KB
28 KB 36ms
35ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f38f8b9c83e6a890b4418d8b4a54fb9a6375b3f5c5b8c089a2ac366ab6760e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 11:02:25 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF00010824
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27637
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 3f92e5ca-8e7f-432a-91b8-40d2dcb5e376
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: 72E051AA62784396BEFDEC86DCC3DB85 Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:25Z
x-officefd: AM4PEPF00010824
etag: WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token=1&access_token_ttl=0&z=28dc70dbad521a6b71a01fc11418a85768d33f96f5362e2afbe47c0fa9233f49M10_BG_1504x846.jpg
x-download-options: noopen
content-type: image/jpeg
cache-control: private
timing-allow-origin: *
expires: Fri, 06 Oct 2023 11:02:25 GMT

GET
H2 200 imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 502 B
835 B 36ms
36ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 11:02:25 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF00010823
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 502
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: fff95c0b-0754-4bac-9e76-2a09cdb9b577
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: DF4648F58B2E4B2D9999DEE57E593FAA Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:26Z
x-officefd: AM4PEPF00010823
etag: WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token=1&access_token_ttl=0&z=28dc70dbad521a6b71a01fc11418a85768d33f96f5362e2afbe47c0fa9233f49M10_1_1504x846.png
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Fri, 06 Oct 2023 11:02:26 GMT

GET
H2 200 imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 138 KB
138 KB 37ms
37ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 11:02:25 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF00010824
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 140840
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: bdd13622-cce6-4673-95f8-26ce4f6baeaa
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: C88C466C34AF4CDDA3C9E68898536072 Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:26Z
x-officefd: AM4PEPF00010824
etag: WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token=1&access_token_ttl=0&z=28dc70dbad521a6b71a01fc11418a85768d33f96f5362e2afbe47c0fa9233f49S0_1_1504x846.png
x-download-options: noopen
content-type: image/png
cache-control: private
timing-allow-origin: *
expires: Fri, 06 Oct 2023 11:02:26 GMT

GET
H2 200 imagehandler.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 27 KB
27 KB 38ms
37ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 11:02:25 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF00006966
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 27637
x-msedge-features: typeheadertest,afd_waccluster,afd_powerpointslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 0f967024-b870-41e1-9c1b-329cabe0195f
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: A1CEE25708774D94A01693282D15AFD7 Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:26Z
x-officefd: AM4PEPF00006966
etag: WOPIsrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token=1&access_token_ttl=0&z=28dc70dbad521a6b71a01fc11418a85768d33f96f5362e2afbe47c0fa9233f49M10_BG_1504x846.jpg
x-download-options: noopen
content-type: image/jpeg
cache-control: private
timing-allow-origin: *
expires: Fri, 06 Oct 2023 11:02:26 GMT

GET
H/1.1 200
OK reader.calypso.js
c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptScripts/ Frame 5369 313 KB
64 KB 22ms
22ms Script
application/javascript 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptScripts/reader.calypso.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-powerpoint.officeapps.live.com/
Origin: https://pnl1-powerpoint.officeapps.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
Date: Thu, 06 Oct 2022 11:02:26 GMT
X-OfficeVersion: 16.0.15631.40512
X-OfficeFE: AM4PEPF0000726A
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 64542
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 26 Sep 2022 06:50:16 GMT
X-CorrelationId: 4c2b3d67-4495-40b9-9802-786ac125f337
X-UserSessionId: 4c2b3d67-4495-40b9-9802-786ac125f337
X-MSEdge-Ref: Ref A: 3FD971AF0DE94D178937089D1A7FC3DA Ref B: AMS231032604039 Ref C: 2022-09-26T06:50:16Z
X-OfficeCluster: PNL1
ETag: W/"5ea7713c74d1d81:0"
X-OFFICEFD: AM4PEPF0000726A
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET wacairspaceanimationlibrary.js
c1-officeapps-15.cdn.office.net/p/s/161572140508_App_Scripts/ Frame 5369 0
0

POST
H2 200 RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 0
416 B 30ms
29ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15721.40508&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
X-UserSessionId: 07601800-811b-4c2a-a53b-8d5a85206688
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":3980,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Oct 2022 11:02:25 GMT
x-content-type-options: nosniff
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF00010821
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: d1052184-8677-4a9f-adae-22daaf3444c9
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: BC0390F6EC3B4094AF985CB0808546CF Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:26Z
x-officefd: AM4PEPF00010821
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-powerpoint.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
timing-allow-origin: *

POST
H2 200 GetNotesHtmlServiceResult
pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 5369 804 B
774 B 35ms
34ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetNotesHtmlServiceResult

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 1
X-UserSessionId: 07601800-811b-4c2a-a53b-8d5a85206688
X-AccessTokenTtl: 0
accept-language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15721.40508
X-Key: DoZbIVB5pH8BZ73kO8lPSBYOSBHxPd1082KHdSmwebE=,638006509421340989
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://pnl1-powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fcha%252Ecom%253A443%252Fwp%252Dcontent%252Fuploads%252F2021%252F09%252FNHSN%252DCOVID%252D19%252DModule%252DTraining%252Epptx&access_token_ttl=0&wdOrigin=BROWSELINK&hid=d8bb87c1-d244-4ed5-b5f0-a59b194f9820
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 11:02:25 GMT
x-officeversion: 16.0.15721.40508
x-officefe: AM4PEPF00010823
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 428
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 51cb695b-25a9-49b8-bcd8-835b174c4590
x-officecluster: PNL1
x-usersessionid: 07601800-811b-4c2a-a53b-8d5a85206688
x-msedge-ref: Ref A: 16C8D090915146E2821A4F9B8C1DC53C Ref B: AMS231032601053 Ref C: 2022-10-06T11:02:26Z
x-officefd: AM4PEPF00010823
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
timing-allow-origin: *
expires: -1

GET
H/1.1 200
OK prt2.png
c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/ Frame 5369 38 KB
39 KB 27ms
27ms Image
image/png 2a02:26f0:3500:586::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/prt2.png

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:586::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pnl1-powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 06 Oct 2022 11:02:26 GMT
X-OfficeVersion: 16.0.15631.40512
X-OfficeFE: AM4PEPF00007277
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 38870
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 26 Sep 2022 06:50:16 GMT
X-CorrelationId: d3ded857-df17-42d5-900c-0c611d591fe8
X-UserSessionId: d3ded857-df17-42d5-900c-0c611d591fe8
X-MSEdge-Ref: Ref A: 8F2C7181E89841A29BF351F5D0FDEDA3 Ref B: AMS231032605005 Ref C: 2022-09-26T06:50:16Z
X-OfficeCluster: PNL1
ETag: W/"f93f723c74d1d81:0"
X-OFFICEFD: AM4PEPF00007277
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST GetSlide
pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 5369 0
0

POST RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 0
0

GET otelFull.min.js
c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptScripts/ Frame 5369 0
0

POST RemoteUls.ashx
pnl1-powerpoint.officeapps.live.com/p/ Frame 5369 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/161572140508_App_Scripts/wacairspaceanimationlibrary.js

Domain: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide

Domain: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15721.40508&waccluster=PNL1

Domain: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptScripts/otelFull.min.js

Domain: pnl1-powerpoint.officeapps.live.com
URL: https://pnl1-powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15721.40508&waccluster=PNL1

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.view.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: ce5f7fe80fefc172a07354fa6d473deaae8dfa198fba31bb571d230abdaa5dee
			pnl1-powerpoint.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/segoeui.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://c1-powerpoint-15.cdn.office.net/p/s/161572140508_PptResources/1031/segoeui.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c1-officeapps-15.cdn.office.net
c1-powerpoint-15.cdn.office.net
js.live.net
pnl1-powerpoint.officeapps.live.com
view.officeapps.live.com
c1-officeapps-15.cdn.office.net
c1-powerpoint-15.cdn.office.net
pnl1-powerpoint.officeapps.live.com
2620:1ec:a92::171
2a02:26f0:3500:586::4b36
92.123.11.106
0729e40d3a15d0c4f55fa29d43bc17082b1f8019e77911de58078f01f6035f6a
0c76d70e9992d863540c63932b0b04820c2ffb3c2f0b44d949af68cdb43fc95d
156fbf78bba8a15c43ae6c2dd95e50165167467f9e9efc8dac728d8939be0dd5
1b97cad88c71dbae5628ec1f0d1dffe72cc09763ae25eafce4563b1f116b7b0b
351f4b49d422d5aaab5bfc1fea4d74c54ee3e5a4dbff2b826e9225c3bde1e61f
4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171
7aa999d7136342877b4d4a3c7eeff9e45d837f0e4d2a130ce2d20f66b1318f19
879c0047948651fb642648870bbd5f672cafef260a02958908ca13b1f7b76a51
92dcf2d6fbe378fecd28e26b852b0bbaefcc5f96b00586982191852881e1c23d
94a96d32fcd42f621708baaa93c25ae8218da0bd0206554e09a3400afd04b5e9
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
bdee887aee205dc106dfd13f9aa604d374a45491a26c50ced0601d30613b49f3
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c
f38f8b9c83e6a890b4418d8b4a54fb9a6375b3f5c5b8c089a2ac366ab6760e92

view.officeapps.live.com Open in urlscan Pro 2620:1ec:a92::171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

37 Requests

84 %HTTPS

67 %IPv6

3 Domains

5 Subdomains

4 IPs

3 Countries

1113 kBTransfer

3496 kBSize

2 Cookies

0 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

view.officeapps.live.com Open in urlscan Pro
2620:1ec:a92::171 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

84 %
HTTPS

67 %
IPv6

3
Domains

5
Subdomains

4
IPs

3
Countries

1113 kB
Transfer

3496 kB
Size

2
Cookies

37 HTTP transactions
1 data transactions