zkp-girokonto-db.vermoegensberater-metzger.de Open in urlscan Pro
94.130.66.41 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zkp-girokonto-db.vermoegensberater-metzger.de/
Submission: On September 28 via automatic, source certstream-suspicious (September 28th 2021, 5:22:59 am UTC) — Scanned from DE

Summary HTTP 123 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 123 HTTP transactions. The main IP is 94.130.66.41, located in Reutlingen, Germany and belongs to HETZNER-AS, DE. The main domain is zkp-girokonto-db.vermoegensberater-metzger.de.
TLS certificate: Issued by R3 on September 28th 2021. Valid for: 3 months.

This is the only time zkp-girokonto-db.vermoegensberater-metzger.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	94.130.66.41 94.130.66.41	24940 (HETZNER-AS) (HETZNER-AS)
1	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
9	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
10	52.109.12.51 52.109.12.51	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
1 2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
1	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
1	142.250.186.150 142.250.186.150	15169 (GOOGLE) (GOOGLE)
2	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
69	104.111.239.56 104.111.239.56	16625 (AKAMAI-AS) (AKAMAI-AS)
123	13

26 94.130.66.41 (Reutlingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: www3.webnet-service.de

zkp-girokonto-db.vermoegensberater-metzger.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
impressum.vermoegensberater-metzger.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

chart.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.109.12.51 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sway.office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.150 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 104.111.239.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-56.deploy.static.akamaitechnologies.com

eus-www.sway-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sway-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	sway-cdn.com eus-www.sway-cdn.com www.sway-cdn.com	5 MB
26	vermoegensberater-metzger.de zkp-girokonto-db.vermoegensberater-metzger.de impressum.vermoegensberater-metzger.de	1 MB
10	office.com sway.office.com	159 KB
9	youtube.com www.youtube.com	682 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	1 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
1	ytimg.com i.ytimg.com	15 KB
1	ggpht.com yt3.ggpht.com	2 KB
1	google.com www.google.com	14 KB
1	googleapis.com chart.googleapis.com	2 KB
123	10

	Domain	Requested by
62	eus-www.sway-cdn.com	sway.office.com eus-www.sway-cdn.com
25	zkp-girokonto-db.vermoegensberater-metzger.de	zkp-girokonto-db.vermoegensberater-metzger.de
10	sway.office.com	zkp-girokonto-db.vermoegensberater-metzger.de sway.office.com eus-www.sway-cdn.com
9	www.youtube.com	zkp-girokonto-db.vermoegensberater-metzger.de www.youtube.com
7	www.sway-cdn.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	impressum.vermoegensberater-metzger.de	zkp-girokonto-db.vermoegensberater-metzger.de
1	chart.googleapis.com	zkp-girokonto-db.vermoegensberater-metzger.de
123	14

This site contains links to these domains. Also see Links.

Domain
www.dvag.de
www.deutsche-bank.de
termin.vermoegensberater-metzger.de
play.google.com
www.qrcode-generator.de
finanzielle-freiheit.vermoegensberater-metzger.de
zwei-konten-modell-strategie.vermoegensberater-metzger.de
ultimosparen.vermoegensberater-metzger.de
umbuchung-giro-guthaben.vermoegensberater-metzger.de
konto-umzug-service.vermoegensberater-metzger.de
tzp-geldanlage-db.vermoegensberater-metzger.de
ach-du-liebes-geld.vermoegensberater-metzger.de
champions.vermoegensberater-metzger.de
cost-average-effekt.vermoegensberater-metzger.de
geld-und-genuss.vermoegensberater-metzger.de
negativzins.vermoegensberater-metzger.de
www.cash.ch
rechner.vermoegensberater-metzger.de
impressum.vermoegensberater-metzger.de
datenschutz.vermoegensberater-metzger.de
risiko-und-warnhinweise.vermoegensberater-metzger.de
coole-landingpages.de
wordpress.org
themezee.com

Subject Issuer	Validity	Valid
zkp-girokonto-db.vermoegensberater-metzger.de R3	`2021-09-28` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
sway.office.com Microsoft RSA TLS CA 01	`2020-09-28` - `2021-09-28`	a year	crt.sh
impressum.vermoegensberater-metzger.de R3	`2021-09-15` - `2021-12-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.sway-cdn.com Microsoft RSA TLS CA 01	`2021-09-15` - `2022-09-15`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Frame ID: 32A58D6D61FFCF952ADF25288EF81FD1
Requests: 30 HTTP requests in this frame

Frame: https://www.youtube.com/embed/pq9lYXH7tLE
Frame ID: 608982B1404B9DBCF351827217C7BA18
Requests: 18 HTTP requests in this frame

Frame: https://sway.office.com/s/JhQ7QLlF074itt95/embed
Frame ID: 89873BB62A063EB335640FD267D5A2C1
Requests: 37 HTTP requests in this frame

Frame: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed
Frame ID: C4551134A2C5428AD1ABF900C7EE877B
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kennst du das BESTE Girokonto Deutschlands?

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jquery[.-]([\d.]*\d)[^/]*\.js

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

123
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

13
IPs

2
Countries

7067 kB
Transfer

18072 kB
Size

5
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dvag.de/thomas.metzger/wichtig-fuer-sie/finanzen/kontowechsel-einfach-gemacht.html
Title: <<< Kontowechsel einfach gemacht – Hier weitere Hinweise >>>

Search URL Search Domain Scan URL

URL: http://www.deutsche-bank.de/digital-dvag
Title: <<< Digitales Postfach und eSafe – Hier klicken>>>

Search URL Search Domain Scan URL

URL: https://www.deutsche-bank.de/opra/pbc/internet/process/internet_kartenumtausch/start.do
Title: <<< Internet Kartenumtausch – Hier Klicken >>>

Search URL Search Domain Scan URL

URL: https://termin.vermoegensberater-metzger.de/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=vermoegensberater_metzger.de

Search URL Search Domain Scan URL

URL: https://www.qrcode-generator.de/a1/?ut_source=google_c&ut_medium=cpc&ut_campaign=dach_solutions_features&ut_content=qr_kontakt&ut_term=qr%20code_e&gclid=EAIaIQobChMI3rL5trCD6AIVGJzVCh1A8AezEAAYASAAEgJx6fD_BwE

Search URL Search Domain Scan URL

URL: https://finanzielle-freiheit.vermoegensberater-metzger.de/
Title: Finanzielle Freiheit

Search URL Search Domain Scan URL

URL: https://zwei-konten-modell-strategie.vermoegensberater-metzger.de/
Title: Zwei Konten Modell Strategie

Search URL Search Domain Scan URL

URL: https://ultimosparen.vermoegensberater-metzger.de/
Title: Ultimosparen

Search URL Search Domain Scan URL

URL: https://umbuchung-giro-guthaben.vermoegensberater-metzger.de/
Title: Umbuchung Giro Guthaben

Search URL Search Domain Scan URL

URL: https://konto-umzug-service.vermoegensberater-metzger.de/
Title: Konto Umzug Service

Search URL Search Domain Scan URL

URL: https://tzp-geldanlage-db.vermoegensberater-metzger.de/
Title: TZP Geldanlage Deutsche Bank

Search URL Search Domain Scan URL

URL: https://ach-du-liebes-geld.vermoegensberater-metzger.de/
Title: Ach du liebes Geld

Search URL Search Domain Scan URL

URL: https://champions.vermoegensberater-metzger.de/
Title: Champions

Search URL Search Domain Scan URL

URL: https://cost-average-effekt.vermoegensberater-metzger.de/
Title: Cost Average Effekt

Search URL Search Domain Scan URL

URL: https://geld-und-genuss.vermoegensberater-metzger.de/
Title: Geld und Genuss

Search URL Search Domain Scan URL

URL: https://negativzins.vermoegensberater-metzger.de/
Title: Negativzins

Search URL Search Domain Scan URL

URL: https://www.cash.ch/news/politik/studie-immer-mehr-deutsche-lehnen-ezb-niedrigzinspolitik-ab-1478599
Title: Immer mehr Deutsche lehnen EZB-Niedrigzinspolitik ab

Search URL Search Domain Scan URL

URL: https://rechner.vermoegensberater-metzger.de/rechner/
Title: Rechner

Search URL Search Domain Scan URL

URL: https://impressum.vermoegensberater-metzger.de/impressum
Title: Impressum

Search URL Search Domain Scan URL

URL: https://datenschutz.vermoegensberater-metzger.de/
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://risiko-und-warnhinweise.vermoegensberater-metzger.de/
Title: Risiko-und Warnhinweise

Search URL Search Domain Scan URL

URL: https://coole-landingpages.de/
Title: Copyright ©

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://themezee.com/themes/smartline/
Title: Smartline

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

123 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
zkp-girokonto-db.vermoegensberater-metzger.de/ 25 KB
7 KB 259ms
79ms Document
text/html 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 2f943845b13401a84fd03f33440729a3df0c31cd4ac27f57875626ea7b25fed2

Request headers

Host: zkp-girokonto-db.vermoegensberater-metzger.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Server: Apache
Link: <https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-json/>; rel="https://api.w.org/", <https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-json/wp/v2/pages/23>; rel="alternate"; type="application/json", <https://zkp-girokonto-db.vermoegensberater-metzger.de/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6212
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK custom-fonts.css
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/css/ 3 KB
862 B 20ms
19ms Stylesheet
text/css 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 7cd87977600ea28d634350b9c2fb2189c084ec3cc00675f0893e5b3421a0ce22

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2019 12:35:04 GMT
Server: Apache
ETag: "cb7-58cb1f95bc755-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 543

GET
H/1.1 200
OK style.min.css
zkp-girokonto-db.vermoegensberater-metzger.de/wp-includes/css/dist/block-library/ 57 KB
9 KB 63ms
42ms Stylesheet
text/css 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-includes/css/dist/block-library/style.min.css?ver=5.7.3
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 May 2021 19:12:16 GMT
Server: Apache
ETag: "e33b-5c29f7cfe4551-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8685

GET
H/1.1 200
OK themezee-social-sharing.css
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/plugins/themezee-social-sharing/assets/css/ 12 KB
5 KB 85ms
61ms Stylesheet
text/css 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/plugins/themezee-social-sharing/assets/css/themezee-social-sharing.css?ver=1.0.1
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: bf61b2fc0d0992cf254f87ef4c58277a5afba5114efac3defe3854f3062253da

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2019 12:34:15 GMT
Server: Apache
ETag: "2ee6-58cb1f676af68-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4796

GET
H/1.1 200
OK style.css
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/ 47 KB
9 KB 104ms
81ms Stylesheet
text/css 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/style.css?ver=1.6
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: a948cb05b49413e26a0613908e55f02413d756c3b078934a239f03e8b094ca44

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2019 12:35:04 GMT
Server: Apache
ETag: "baf2-58cb1f95bb7b5-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9219

GET
H/1.1 200
OK genericons.css
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/css/genericons/ 28 KB
16 KB 95ms
72ms Stylesheet
text/css 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/css/genericons/genericons.css?ver=3.4.1
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2019 12:35:04 GMT
Server: Apache
ETag: "6e6a-58cb1f95bc755-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 16441

GET
H/1.1 200
OK smartline-pro.css
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/plugins/smartline-pro/css/ 2 KB
1 KB 85ms
62ms Stylesheet
text/css 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/plugins/smartline-pro/css/smartline-pro.css?ver=1.2
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 1d6f58c0806515d17276af6bd050c328b87181f460ce15d07fd0052779241dc5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2019 12:33:55 GMT
Server: Apache
ETag: "828-58cb1f54af08e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 715

GET
H/1.1 200
OK jquery.min.js Show response
zkp-girokonto-db.vermoegensberater-metzger.de/wp-includes/js/jquery/ 87 KB
31 KB 139ms
116ms Script
application/javascript 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Feb 2021 11:23:39 GMT
Server: Apache
ETag: "15d98-5bb5e37b33f26-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 30916

GET
H/1.1 200
OK jquery-migrate.min.js Show response
zkp-girokonto-db.vermoegensberater-metzger.de/wp-includes/js/jquery/ 11 KB
4 KB 89ms
27ms Script
application/javascript 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Feb 2021 11:23:39 GMT
Server: Apache
ETag: "2bd8-5bb5e37b07066-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4169

GET
H/1.1 200
OK themezee-social-sharing.js Show response
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/plugins/themezee-social-sharing/assets/js/ 610 B
691 B 111ms
25ms Script
application/javascript 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/plugins/themezee-social-sharing/assets/js/themezee-social-sharing.js?ver=1.0.1
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: fd9a6ae5f5c3493aa48d2ffc8a58bbd39f75a52ef461e0d9cd828f298d58bd40

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2019 12:34:15 GMT
Server: Apache
ETag: "262-58cb1f676af68-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 358

GET
H/1.1 200
OK navigation.js Show response
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/js/ 4 KB
1 KB 136ms
51ms Script
application/javascript 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/js/navigation.js?ver=20160719
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 4c9305d5158406ce6fc1ef1209af8188d0995b04a52ebeb247f6ab86693ddb0f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2019 12:35:04 GMT
Server: Apache
ETag: "e60-58cb1f95c1575-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1139

GET
H/1.1 200
OK cropped-IMG_0609-70x80-1.png
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2020/01/ 7 KB
8 KB 83ms
83ms Image
image/png 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2020/01/cropped-IMG_0609-70x80-1.png
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: efc2ccc1423ff8f228703e1ac416fbfaa6566d24bd9d1121324638f53e0b3fa2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Last-Modified: Thu, 09 Jan 2020 13:49:26 GMT
Server: Apache
ETag: "1d62-59bb546fed462"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7522

GET
H2 200 chart
chart.googleapis.com/ 2 KB
2 KB 325ms
229ms Image
image/png 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.googleapis.com/chart?cht=qr&chl=https%3A%2F%2Fzkp-girokonto-db.vermoegensberater-metzger.de%2F&chs=300x300&choe=UTF-8&chld=L|2

Requested by

Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

GoogleChartAPI/1.0 /

Resource Hash

fb364636b03d8f57d9d538b0e39d6158fca8b05789242e5caeac25e0a5a4e3c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 05:22:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 02-May-2018 18:35:04 GMT
server: GoogleChartAPI/1.0
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1619
x-xss-protection: 1; mode=block
expires: Wed, 29 Sep 2021 05:22:52 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
zkp-girokonto-db.vermoegensberater-metzger.de/wp-includes/js/ 1 KB
1 KB 29ms
28ms Script
application/javascript 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-includes/js/wp-embed.min.js?ver=5.7.3
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Feb 2021 11:23:39 GMT
Server: Apache
ETag: "592-5bb5e37af0905-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 765

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
zkp-girokonto-db.vermoegensberater-metzger.de/wp-includes/js/ 14 KB
5 KB 109ms
109ms Script
application/javascript 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-includes/js/wp-emoji-release.min.js?ver=5.7.3
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Feb 2021 11:23:39 GMT
Server: Apache
ETag: "3795-5bb5e37b9e646-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4662

GET
H/1.1 200
OK wuerfel.jpeg
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2019/07/ 37 KB
37 KB 25ms
25ms Image
image/jpeg 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2019/07/wuerfel.jpeg
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: ae3f09a635c62fd08fa054c4c7197397055b253c9f9ac4561afedceca2cb3d80

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Last-Modified: Tue, 02 Jul 2019 12:39:07 GMT
Server: Apache
ETag: "935b-58cb207d667d4"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 37723

GET
DATA 200
OK truncated
/ 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK bitter-v12-latin-ext_latin-700.woff2
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/fonts/ 10 KB
10 KB 42ms
41ms Font
application/octet-stream 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/fonts/bitter-v12-latin-ext_latin-700.woff2
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 7e6537ea312b530bc7790d19a283e1baa54fa2c1cfa61f17c8d5794bff159e9a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413
Connection: keep-alive
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413
Origin: https://zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Last-Modified: Tue, 02 Jul 2019 12:35:04 GMT
Server: Apache
ETag: "2688-58cb1f95bd6f5"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9864

GET
H/1.1 200
OK raleway-v12-latin-ext_latin-700.woff2
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/fonts/ 32 KB
32 KB 53ms
53ms Font
application/octet-stream 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/fonts/raleway-v12-latin-ext_latin-700.woff2
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: b2b6ba4b6ceeeae0efb23f67b9ae53bdc72ffb7bd149e0f63104d855712a506c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413
Connection: keep-alive
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413
Origin: https://zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Last-Modified: Tue, 02 Jul 2019 12:35:04 GMT
Server: Apache
ETag: "7f24-58cb1f95bd6f5"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 32548

GET
H/1.1 200
OK raleway-v12-latin-ext_latin-regular.woff2
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/fonts/ 31 KB
32 KB 105ms
105ms Font
application/octet-stream 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/fonts/raleway-v12-latin-ext_latin-regular.woff2
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 704d418b7b3efa6f1870d409134b9c6b80fc5f5f38b46a68aee496388a6bbd48

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413
Connection: keep-alive
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/themes/smartline-lite/css/custom-fonts.css?ver=20180413
Origin: https://zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Last-Modified: Tue, 02 Jul 2019 12:35:04 GMT
Server: Apache
ETag: "7d64-58cb1f95bd6f5"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 32100

GET
H2 200 pq9lYXH7tLE Show response
www.youtube.com/embed/ Frame 6089 56 KB
24 KB 152ms
89ms Document
text/html 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/pq9lYXH7tLE

Requested by

Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

5e3666ee35a36488c6779dae6d0f44101c45f5310bf480c988795dc9c7b00d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/pq9lYXH7tLE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 28 Sep 2021 05:22:52 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=P17884QsPwQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=cEiQakjhHik; Domain=.youtube.com; Expires=Sun, 27-Mar-2022 05:22:52 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+216; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 embed Show response
sway.office.com/s/JhQ7QLlF074itt95/ Frame 8987 39 KB
12 KB 523ms
297ms Document
text/html 52.109.12.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sway.office.com/s/JhQ7QLlF074itt95/embed

Requested by

Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.12.51 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

d93c7c708517c92369db63a507370b4023740656cd31c09222d6ab03de4ef951

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: sway.office.com
:scheme: https
:path: /s/JhQ7QLlF074itt95/embed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: pagerequesttime=deleted; path=/; Max-Age=0; expires=Sat, 1 Jan 2000 00:00:00 UTC; Version=1; Secure pagerequesttarget=deleted; path=/; Max-Age=0; expires=Sat, 1 Jan 2000 00:00:00 UTC; Version=1; Secure pagerequestoperation=deleted; path=/; Max-Age=0; expires=Sat, 1 Jan 2000 00:00:00 UTC; Version=1; Secure AuthSess=6b5aa680-6c4a-446d-a549-e5925f6f07de; domain=sway.office.com; path=/; samesite=none; secure; HttpOnly AADNonce=d2e23020-e8dd-439c-8388-7a2200e4224c.637684033730597295; domain=office.com; path=/; samesite=none; secure; HttpOnly cookieblocked=; path=/; secure
x-correlationid: af77a9b7-cf41-46d5-b336-f1f994992e54
x-usersessionid: af77a9b7-cf41-46d5-b336-f1f994992e54
x-officefe: SwayFrontEnd_IN_26
x-officeversion: 16.0.14513.40101
x-officecluster: eus-002.www.sway.com
anonuserid: a45f32af-85b1-400f-8621-3483a69cae7c
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-requestid: 15717dcd-ac2e-4005-bba5-3e81d31a2b3e
x-trackingid: 4673880b-867a-4b0e-a3b3-2116cbf9e5b5
x-key: uqxkXnhFLVcg6bC88APfNVcHxvuP5+ZoDjoMPEqrUlE=,637684033729972392
x-ua-compatible: IE=edge
x-html-minification-powered-by: WebMarkupMin
x-powered-by: ARR/3.0
date: Tue, 28 Sep 2021 05:22:52 GMT
content-length: 11487

GET
H/1.1 200
OK GIROKONTO-ZKP-1-1024x496.jpg
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2021/05/ 41 KB
42 KB 13ms
13ms Image
image/jpeg 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2021/05/GIROKONTO-ZKP-1-1024x496.jpg
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: afb5ebee59a0bb8d2868b162dfc945c82338ac7155374e29a48e066de620c18c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Last-Modified: Tue, 18 May 2021 19:21:17 GMT
Server: Apache
ETag: "a5b9-5c29f9d3d67eb"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 42425

GET
H/1.1 200
OK GIROKONTO-ZKP-2-DAS-ZWEI-KONTEN-MODEL--1024x463.jpg
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2021/05/ 28 KB
29 KB 22ms
11ms Image
image/jpeg 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2021/05/GIROKONTO-ZKP-2-DAS-ZWEI-KONTEN-MODEL--1024x463.jpg
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 9dd6c6964f62745369055626cefbcca56f89bcd89bced8f4f3ae9163a5aba033

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Last-Modified: Tue, 18 May 2021 19:21:52 GMT
Server: Apache
ETag: "71c5-5c29f9f5ed10f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 29125

GET
H/1.1 200
OK banner-blau-jetzt-termin-vereinbaren.png
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2020/09/ 2 KB
3 KB 31ms
31ms Image
image/png 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2020/09/banner-blau-jetzt-termin-vereinbaren.png
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 3422aa9a6369c1dc81d4a5d14f5e6601c2e489e0bce6592488a384048faee9ae

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Last-Modified: Sun, 27 Sep 2020 16:46:05 GMT
Server: Apache
ETag: "9a3-5b04e492a9184"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2467

GET
H/1.1 200
OK 2017-05-BBZ-CHEMNITZ-PASSBILD-THOMAS-8940490-Brustbild-300x200.jpg
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2020/09/ 29 KB
29 KB 83ms
83ms Image
image/jpeg 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2020/09/2017-05-BBZ-CHEMNITZ-PASSBILD-THOMAS-8940490-Brustbild-300x200.jpg
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 421c4f1404df307e48f2d24b91e1888d5b73a70cd5388663a401bb2de52972f7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Last-Modified: Sun, 27 Sep 2020 16:47:14 GMT
Server: Apache
ETag: "749e-5b04e4d5076c8"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 29854

GET
H/1.1 200
OK unterschrift_neu-removebg-preview-300x114.png
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2020/09/ 21 KB
21 KB 53ms
53ms Image
image/png 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2020/09/unterschrift_neu-removebg-preview-300x114.png
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 49989502b5088cee119ea0201a0fbb9730480b265d1f2a38c048fb529f111362

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Last-Modified: Sun, 27 Sep 2020 16:47:51 GMT
Server: Apache
ETag: "526e-5b04e4f84dbf5"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 21102

GET
H/1.1 200
OK google-store.png
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2020/01/ 5 KB
5 KB 102ms
76ms Image
image/png 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2020/01/google-store.png
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 02b92e08d651fc279a7785c6bd439a9fb4a1eb31d7ed8e8153a96905e7de7f24

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Last-Modified: Thu, 09 Jan 2020 11:22:44 GMT
Server: Apache
ETag: "13e5-59bb33a66fc13"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5093

GET
H/1.1 200
OK 2018-10-THOMAS-METZGER-STEHEND-GOLD-DUNKEL-683x1024.jpg
zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2019/12/ 59 KB
60 KB 36ms
26ms Image
image/jpeg 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/wp-content/uploads/2019/12/2018-10-THOMAS-METZGER-STEHEND-GOLD-DUNKEL-683x1024.jpg
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: 69faaa72e4b6598dcae3dd78e6e0134b66e520f7f6805df7ffc56bd27ef2e60b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: zkp-girokonto-db.vermoegensberater-metzger.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Last-Modified: Fri, 13 Dec 2019 13:30:17 GMT
Server: Apache
ETag: "ed8c-59995dcd686f9"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 60812

GET
H2 200 embed Show response
sway.office.com/s/ZkPQU1PpWEVSHiWU/ Frame C455 39 KB
12 KB 432ms
207ms Document
text/html 52.109.12.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed

Requested by

Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.12.51 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e45b33343448299e79eac4cf57dcc81be801ea5d411b5008395d1b76da3d3e79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: sway.office.com
:scheme: https
:path: /s/ZkPQU1PpWEVSHiWU/embed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: pagerequesttime=deleted; path=/; Max-Age=0; expires=Sat, 1 Jan 2000 00:00:00 UTC; Version=1; Secure pagerequesttarget=deleted; path=/; Max-Age=0; expires=Sat, 1 Jan 2000 00:00:00 UTC; Version=1; Secure pagerequestoperation=deleted; path=/; Max-Age=0; expires=Sat, 1 Jan 2000 00:00:00 UTC; Version=1; Secure AuthSess=da65bd60-afec-4bdb-a72c-b3cc611e5433; domain=sway.office.com; path=/; samesite=none; secure; HttpOnly AADNonce=3854e9b3-df5e-47ca-917c-9f83652633d6.637684033730697656; domain=office.com; path=/; samesite=none; secure; HttpOnly cookieblocked=; path=/; secure
x-correlationid: 646d2f80-6a1e-40f4-91f6-15efe4848568
x-usersessionid: 646d2f80-6a1e-40f4-91f6-15efe4848568
x-officefe: SwayFrontEnd_IN_19
x-officeversion: 16.0.14524.40100
x-officecluster: eus-000.www.sway.com
anonuserid: 0f8dc3df-5eac-45f4-9b6f-e021be728d34
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains; preload
timing-allow-origin: *
x-requestid: 1f08c890-b58d-49c6-ae01-c03af6b4155c
x-trackingid: ef5c547a-5f96-4818-9c78-e04160203977
x-key: yQViny9eAY/nAGwlIABuAlqPDgGiNYTCfIMGjejEk4Q=,637684033730072668
x-ua-compatible: IE=edge
x-html-minification-powered-by: WebMarkupMin
x-powered-by: ARR/3.0
date: Tue, 28 Sep 2021 05:22:52 GMT
content-length: 11487

GET
H/1.1 206
Partial Content AUDIO%20Vorstellung%20Verm%C3%B6gensberater%20Thomas%20J.%20Metzger.mp3
impressum.vermoegensberater-metzger.de/ 881 KB
881 KB 241ms
11ms Media
audio/mpeg 94.130.66.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://impressum.vermoegensberater-metzger.de/AUDIO%20Vorstellung%20Verm%C3%B6gensberater%20Thomas%20J.%20Metzger.mp3
Requested by: Host: zkp-girokonto-db.vermoegensberater-metzger.de
URL: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.41 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www3.webnet-service.de
Software: Apache /
Resource Hash: dea1c812be07d0500fd65a4f35214cad6c210c487404e99bbc457b8d6564a7b2

Request headers

Referer: https://zkp-girokonto-db.vermoegensberater-metzger.de/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 28 Sep 2021 05:22:52 GMT
Last-Modified: Thu, 30 Jan 2020 13:50:56 GMT
Server: Apache
ETag: "dc2f1-59d5bbf0ebb0c"
Content-Type: audio/mpeg
Content-Range: bytes 0-901872/901873
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 901873

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 354 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/d82ca80e/ Frame 6089 330 KB
46 KB 24ms
24ms Stylesheet
text/css 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d82ca80e/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pq9lYXH7tLE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

98246f79b1495fa4d547fc6bdff6a3de6cf8064d5cb9e5d877adee9171a7f99d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/pq9lYXH7tLE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:14:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46472
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 00:00:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 27 Sep 2022 18:14:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6089 15 KB
15 KB 60ms
18ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pq9lYXH7tLE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 33879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 19:58:13 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/ Frame 6089 201 KB
66 KB 44ms
44ms Script
text/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pq9lYXH7tLE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

045fd4ce57343257588e028026d314db88e7cc03aa84ec98ead1197bafe8c598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/pq9lYXH7tLE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67318
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 00:00:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 27 Sep 2022 10:37:53 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/ Frame 6089 2 MB
506 KB 66ms
65ms Script
text/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pq9lYXH7tLE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

8ac79395ad2c8c0efaf5a734544089eab4a8dce163f3b97f86d08921df5faafb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/pq9lYXH7tLE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 01:30:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 273149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 518228
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 00:00:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 25 Sep 2022 01:30:23 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d82ca80e/fetch-polyfill.vflset/ Frame 6089 8 KB
3 KB 71ms
71ms Script
text/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d82ca80e/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pq9lYXH7tLE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/pq9lYXH7tLE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:44:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 00:00:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 27 Sep 2022 20:44:14 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 6089
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

82ms
49ms

XHR
application/json

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pq9lYXH7tLE

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

fcb530f1b934b39f9ea7a58982bfc9fac44b831ab5744ba0fd304fe8abe42c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 05:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 28 Sep 2021 05:22:53 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 6089 29 B
424 B 72ms
23ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 05:12:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 596
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Tue, 28 Sep 2021 05:27:57 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/ Frame 6089 95 KB
29 KB 25ms
24ms Script
text/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

62b97aca219dc9aa7b073a1871afc7e9af2f5beea5df283c94841f53a264042c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/pq9lYXH7tLE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 01:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 273144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29952
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 00:00:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 25 Sep 2022 01:30:29 GMT

GET
H2 200 rIOgB3Dr0zVzUSVnc6eaOuQRY5FnasxpvjH3SncfJjk.js Show response
www.google.com/js/th/ Frame 6089 35 KB
14 KB 72ms
23ms Script
text/javascript 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/rIOgB3Dr0zVzUSVnc6eaOuQRY5FnasxpvjH3SncfJjk.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

sffe /

Resource Hash

ac83a00770ebd3357351256773a79a3ae4116391676acc69be31f74a771f2639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 05:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 518967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13394
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 22 Sep 2022 05:13:26 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/ Frame 6089 25 KB
7 KB 26ms
26ms Script
text/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

5cf2d602e6a7b16bf2a0b1866e945e014d8d08ecb9603a36943b8da90499a96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/pq9lYXH7tLE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 01:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 273144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7358
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 00:00:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 25 Sep 2022 01:30:29 GMT

GET
DATA 200
OK truncated
/ Frame 6089 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRa1R0h39pU0AUS6G77c1aQm7lOSDlfZlynDgeqfQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 6089 2 KB
2 KB 85ms
33ms Image
image/jpeg 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRa1R0h39pU0AUS6G77c1aQm7lOSDlfZlynDgeqfQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pq9lYXH7tLE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

fife /

Resource Hash

745ee85d2a6428ee40bb445f121fedd1d7d60c820d8c130405b06eb5f3930233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 05:22:53 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2094
x-xss-protection: 0
server: fife
etag: "v8f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 21 Sep 2021 11:50:18 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/pq9lYXH7tLE/ Frame 6089 14 KB
15 KB 87ms
36ms Image
image/jpeg 142.250.186.150
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/pq9lYXH7tLE/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/pq9lYXH7tLE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.150 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f22.1e100.net

Software

sffe /

Resource Hash

5693a3e120bd59af704bf97c09d42fdab7456d98089c91e22b4b0b3788eaa0aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 05:22:53 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14551
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Sep 2021 07:22:53 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 6089 4 KB
3 KB 66ms
24ms Script
text/javascript 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 05:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Tue, 28 Sep 2021 05:22:53 GMT

GET
H/1.1 200
OK Preload.css
eus-www.sway-cdn.com/161452440100_Content/ Frame C455 84 KB
12 KB 102ms
7ms Stylesheet
text/css 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/Preload.css

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

f6e1d03fdba5449350e855511cddc851e1cfe746de5244202a04cb4585e9a8f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=49650
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 11735

GET
H/1.1 200
OK jquery-2.2.4-custom-1.js Show response
eus-www.sway-cdn.com/Content/ Frame C455 83 KB
30 KB 102ms
8ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

5e170e2cb452c3504ff9af148cc6c4aea661178c9fc93ecdcb32bcd856d76d9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 29703
ETag: "0d14bf3b8a8d71:0"
Last-Modified: Mon, 13 Sep 2021 16:03:54 GMT
Date: Tue, 28 Sep 2021 05:22:53 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=69722
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK jquery-ui-1.11.4-custom.js Show response
eus-www.sway-cdn.com/Content/ Frame C455 64 KB
18 KB 101ms
7ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/jquery-ui-1.11.4-custom.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

3da8fc98318eeaf2ba8d02e79455d3d6f8f509bda7882c4c3c807b7197c24a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 17891
ETag: "0cace540b1d71:0"
Last-Modified: Fri, 24 Sep 2021 12:37:12 GMT
Date: Tue, 28 Sep 2021 05:22:53 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=69722
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK modernizr-3.3.1-custom.js Show response
eus-www.sway-cdn.com/Content/ Frame C455 8 KB
4 KB 103ms
8ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/modernizr-3.3.1-custom.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

160daca799b276d8ce387e0187d972d715abead1399795bff9ec2a64b494527c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 3210
ETag: "0d14bf3b8a8d71:0"
Last-Modified: Mon, 13 Sep 2021 16:03:54 GMT
Date: Tue, 28 Sep 2021 05:22:53 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=71674
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Preload.js Show response
eus-www.sway-cdn.com/161452440100_Content/ Frame C455 18 KB
5 KB 103ms
9ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/Preload.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

2f5deb75ea8a55d2119c56e4e3bcc0bde3516b838a088e28df1553824fe619ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=49650
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 4168

GET
H/1.1 200
OK tdb.js Show response
eus-www.sway-cdn.com/161452440100_Content/ Frame C455 141 KB
32 KB 103ms
8ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/tdb.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

daef54c828406aaba2db8f22758177351ed4d3ce40b848bb93f45f8b253fcdfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=49650
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 32326

GET
H/1.1 200
OK CommonDiagnostics-Sway-1.0.0.js Show response
eus-www.sway-cdn.com/Content/ Frame C455 59 KB
14 KB 102ms
8ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

c0b9213606d02d7590db737b84b82c499aed306985fa41a846339944b2618351

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 13381
ETag: "0d14bf3b8a8d71:0"
Last-Modified: Mon, 13 Sep 2021 16:03:54 GMT
Date: Tue, 28 Sep 2021 05:22:53 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=69722
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Common.js Show response
eus-www.sway-cdn.com/161452440100_Content/ Frame C455 1 MB
197 KB 113ms
8ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/Common.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

f92bd0a6ef6def2e4d0baa5a15a0bf81ff454687e81cdd0dd987e128532d2285

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=49650
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 201193

GET
H/1.1 200
OK Resources.js Show response
eus-www.sway-cdn.com/161452440100_Content/de/ Frame C455 140 KB
44 KB 113ms
8ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/de/Resources.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

060cb1212c2377a9a9b736afb14afdb93121518c7392859a4fc5e088a5bac891

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 44486
ETag: "0cace540b1d71:0"
Last-Modified: Fri, 24 Sep 2021 12:37:12 GMT
Date: Tue, 28 Sep 2021 05:22:53 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=73781
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK StoryPage.js Show response
eus-www.sway-cdn.com/161452440100_Content/ Frame C455 1 MB
256 KB 114ms
8ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/StoryPage.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

9cba22d72eb8ae568a49875f871b5205a52453c18ce821734f17c1fc870c7ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=49658
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 262052

POST
H2 200 get Show response
sway.office.com/s/ZkPQU1PpWEVSHiWU/ Frame C455 666 KB
77 KB 548ms
548ms XHR
application/json 52.109.12.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sway.office.com/s/ZkPQU1PpWEVSHiWU/get?currentClientVersion=201

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.12.51 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

5e0693c249c7f060ca8aa4e22dba2aa91d1d37c1fe18d13efd20a8978e027c04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

X-WebClientVersion: 201
X-UserSessionId: 646d2f80-6a1e-40f4-91f6-15efe4848568
Accept-Language: de-DE,de;q=0.9
X-Key: yQViny9eAY/nAGwlIABuAlqPDgGiNYTCfIMGjejEk4Q=,637684033730072668
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-LookupId: ZkPQU1PpWEVSHiWU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed
anonuserid: 0f8dc3df-5eac-45f4-9b6f-e021be728d34
X-StoryId: 4FHBQXyrdXEhDNxRby78

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-requestid: 6065527f-abb3-432e-bd1c-489705019a43
x-officeversion: 16.0.14513.40101
x-officefe: SwayFrontEnd_IN_6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length: 78385
cache-control: no-cache, no-store, must-revalidate
x-payload-size: 79099
pragma: no-cache
x-trackingid: 9335b830-2a30-4694-b0d4-c70e37c73d87
x-correlationid: bee7d06f-451c-4538-a450-d8dbebc25043
x-officecluster: eus-002.www.sway.com
x-usersessionid: 646d2f80-6a1e-40f4-91f6-15efe4848568
x-powered-by: ARR/3.0
date: Tue, 28 Sep 2021 05:22:53 GMT
x-frame-options: SAMEORIGIN
content-type: application/json
x-lookupid: ZkPQU1PpWEVSHiWU
x-storyid: 4FHBQXyrdXEhDNxRby78
anonuserid: 0f8dc3df-5eac-45f4-9b6f-e021be728d34
timing-allow-origin: *
x-server-time-elapsed: 359
expires: -1

GET
H3 204 generate_204
www.youtube.com/ Frame 6089 0
9 B 26ms
24ms Image
text/plain 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?RUW2ZA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/pq9lYXH7tLE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/pq9lYXH7tLE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 05:22:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/93/ Frame 6089 52 KB
15 KB 36ms
13ms Script
text/javascript 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/93/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f3.1e100.net

Software

sffe /

Resource Hash

66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:27:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15346
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 17:05:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Tue, 28 Sep 2021 17:27:37 GMT

GET
H/1.1 200
OK Preload.css
eus-www.sway-cdn.com/161451340101_Content/ Frame 8987 84 KB
12 KB 25ms
8ms Stylesheet
text/css 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/Preload.css

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/JhQ7QLlF074itt95/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

f6e1d03fdba5449350e855511cddc851e1cfe746de5244202a04cb4585e9a8f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=33576
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 11735

GET
H/1.1 200
OK jquery-2.2.4-custom-1.js Show response
eus-www.sway-cdn.com/Content/ Frame 8987 83 KB
30 KB 25ms
8ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/JhQ7QLlF074itt95/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

5e170e2cb452c3504ff9af148cc6c4aea661178c9fc93ecdcb32bcd856d76d9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 29703
ETag: "0d14bf3b8a8d71:0"
Last-Modified: Mon, 13 Sep 2021 16:03:54 GMT
Date: Tue, 28 Sep 2021 05:22:53 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=69722
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK jquery-ui-1.11.4-custom.js Show response
eus-www.sway-cdn.com/Content/ Frame 8987 64 KB
18 KB 27ms
7ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/jquery-ui-1.11.4-custom.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/JhQ7QLlF074itt95/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

3da8fc98318eeaf2ba8d02e79455d3d6f8f509bda7882c4c3c807b7197c24a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 17891
ETag: "0cace540b1d71:0"
Last-Modified: Fri, 24 Sep 2021 12:37:12 GMT
Date: Tue, 28 Sep 2021 05:22:53 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=69722
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK modernizr-3.3.1-custom.js Show response
eus-www.sway-cdn.com/Content/ Frame 8987 8 KB
4 KB 27ms
7ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/modernizr-3.3.1-custom.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/JhQ7QLlF074itt95/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

160daca799b276d8ce387e0187d972d715abead1399795bff9ec2a64b494527c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 3210
ETag: "0d14bf3b8a8d71:0"
Last-Modified: Mon, 13 Sep 2021 16:03:54 GMT
Date: Tue, 28 Sep 2021 05:22:53 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=71674
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Preload.js Show response
eus-www.sway-cdn.com/161451340101_Content/ Frame 8987 18 KB
5 KB 33ms
7ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/Preload.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/JhQ7QLlF074itt95/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

2f5deb75ea8a55d2119c56e4e3bcc0bde3516b838a088e28df1553824fe619ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=33618
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 4168

GET
H/1.1 200
OK tdb.js Show response
eus-www.sway-cdn.com/161451340101_Content/ Frame 8987 141 KB
32 KB 34ms
7ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/tdb.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/JhQ7QLlF074itt95/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

daef54c828406aaba2db8f22758177351ed4d3ce40b848bb93f45f8b253fcdfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=33618
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 32326

GET
H/1.1 200
OK CommonDiagnostics-Sway-1.0.0.js Show response
eus-www.sway-cdn.com/Content/ Frame 8987 59 KB
14 KB 35ms
7ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/JhQ7QLlF074itt95/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

c0b9213606d02d7590db737b84b82c499aed306985fa41a846339944b2618351

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 13381
ETag: "0d14bf3b8a8d71:0"
Last-Modified: Mon, 13 Sep 2021 16:03:54 GMT
Date: Tue, 28 Sep 2021 05:22:53 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=69722
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK Common.js Show response
eus-www.sway-cdn.com/161451340101_Content/ Frame 8987 1 MB
197 KB 36ms
7ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/Common.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/JhQ7QLlF074itt95/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

f92bd0a6ef6def2e4d0baa5a15a0bf81ff454687e81cdd0dd987e128532d2285

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=33586
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 201193

GET
H/1.1 200
OK Resources.js Show response
eus-www.sway-cdn.com/161451340101_Content/de/ Frame 8987 140 KB
44 KB 41ms
8ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/de/Resources.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/JhQ7QLlF074itt95/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

a277d0de3c649c1ddf9d0a4e57309b0d7a06e72399996ee9d2006e8d67ca3e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=60435
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 44240

GET
H/1.1 200
OK StoryPage.js Show response
eus-www.sway-cdn.com/161451340101_Content/ Frame 8987 1 MB
256 KB 46ms
8ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/StoryPage.js

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/JhQ7QLlF074itt95/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

9cba22d72eb8ae568a49875f871b5205a52453c18ce821734f17c1fc870c7ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=34568
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 262052

POST
H2 200 get Show response
sway.office.com/s/JhQ7QLlF074itt95/ Frame 8987 457 KB
57 KB 366ms
366ms XHR
application/json 52.109.12.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sway.office.com/s/JhQ7QLlF074itt95/get?currentClientVersion=201

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/JhQ7QLlF074itt95/embed

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.12.51 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

96ddb306e7e38dcfb4e19a4023e5193e5fc35f2c8c9a4c32cfc655dad16536ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

X-WebClientVersion: 201
X-UserSessionId: af77a9b7-cf41-46d5-b336-f1f994992e54
Accept-Language: de-DE,de;q=0.9
X-Key: uqxkXnhFLVcg6bC88APfNVcHxvuP5+ZoDjoMPEqrUlE=,637684033729972392
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-LookupId: JhQ7QLlF074itt95
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://sway.office.com/s/JhQ7QLlF074itt95/embed
anonuserid: a45f32af-85b1-400f-8621-3483a69cae7c
X-StoryId: GnDvtbgbFeZkjzuXxPxb

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-requestid: 4cf73529-6de0-4854-a31b-eb938977d6a8
x-officeversion: 16.0.14524.40100
x-officefe: SwayFrontEnd_IN_15
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length: 58242
cache-control: no-cache, no-store, must-revalidate
x-payload-size: 58957
pragma: no-cache
x-trackingid: f863d6b7-db67-4f9f-953d-fd8a6cce0464
x-correlationid: 0307b46a-bbc7-472a-953d-1a79a0f33c91
x-officecluster: eus-000.www.sway.com
x-usersessionid: af77a9b7-cf41-46d5-b336-f1f994992e54
x-powered-by: ARR/3.0
date: Tue, 28 Sep 2021 05:22:53 GMT
x-frame-options: SAMEORIGIN
content-type: application/json
x-lookupid: JhQ7QLlF074itt95
x-storyid: GnDvtbgbFeZkjzuXxPxb
anonuserid: a45f32af-85b1-400f-8621-3483a69cae7c
timing-allow-origin: *
x-server-time-elapsed: 249
expires: -1

GET
DATA 200
OK truncated
/ Frame C455 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f87a803dcaa9a3c75ec3b8f670c76709d494f3086d8c8d279ec7da52abf4380

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK segoeui.woff
eus-www.sway-cdn.com/Content/ Frame C455 74 KB
74 KB 8ms
8ms Font
application/font-woff 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/segoeui.woff

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/font-woff
Content-Length: 75464

GET
H/1.1 200
OK Common.css
eus-www.sway-cdn.com/161452440100_Content/ Frame C455 247 KB
28 KB 8ms
8ms Stylesheet
text/css 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/Common.css

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161452440100_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

8cdf539fb15c76b15158d70b463ae3d21e98fd2aef8b677f035da12f73b4d345

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=49650
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 27698

GET
H/1.1 200
OK Home.css
eus-www.sway-cdn.com/161452440100_Content/ Frame C455 365 KB
32 KB 7ms
7ms Stylesheet
text/css 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/Home.css

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161452440100_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

e9953b779c2ece580417ede06340103e3f18f563d31d095f8e45771b8c47cb42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=49657
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 31952

GET
H/1.1 200
OK StoryPage.css
eus-www.sway-cdn.com/161452440100_Content/ Frame C455 826 KB
78 KB 18ms
9ms Stylesheet
text/css 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/StoryPage.css

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161452440100_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

69233075edf7ae5edf9f191df75577de4b3d988d3f2b77d4a7a1b944d3278df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=49657
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 79070

GET
H/1.1 200
OK story_cluster.css
eus-www.sway-cdn.com/161452440100_Content/ Frame C455 3 KB
1 KB 20ms
7ms Stylesheet
text/css 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/story_cluster.css

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161452440100_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

583f54c663c161e490dd8991d9e9101a3ca54822f458e73dcfc4885ce0efe34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=49650
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 930

GET
DATA 200
OK truncated
/ Frame 8987 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f87a803dcaa9a3c75ec3b8f670c76709d494f3086d8c8d279ec7da52abf4380

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK segoeui.woff
eus-www.sway-cdn.com/Content/ Frame 8987 74 KB
74 KB 9ms
8ms Font
application/font-woff 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/segoeui.woff

Requested by

Host: sway.office.com
URL: https://sway.office.com/s/JhQ7QLlF074itt95/embed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/font-woff
Content-Length: 75464

GET
H/1.1 200
OK Common.css
eus-www.sway-cdn.com/161451340101_Content/ Frame 8987 247 KB
28 KB 16ms
16ms Stylesheet
text/css 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/Common.css

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161451340101_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

8cdf539fb15c76b15158d70b463ae3d21e98fd2aef8b677f035da12f73b4d345

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=33572
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 27698

GET
H/1.1 200
OK Home.css
eus-www.sway-cdn.com/161451340101_Content/ Frame 8987 365 KB
32 KB 8ms
7ms Stylesheet
text/css 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/Home.css

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161451340101_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

e9953b779c2ece580417ede06340103e3f18f563d31d095f8e45771b8c47cb42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=34569
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 31952

GET
H/1.1 200
OK StoryPage.css
eus-www.sway-cdn.com/161451340101_Content/ Frame 8987 826 KB
78 KB 7ms
7ms Stylesheet
text/css 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/StoryPage.css

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161451340101_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

69233075edf7ae5edf9f191df75577de4b3d988d3f2b77d4a7a1b944d3278df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=34569
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 79070

GET
H/1.1 200
OK story_cluster.css
eus-www.sway-cdn.com/161451340101_Content/ Frame 8987 3 KB
1 KB 23ms
6ms Stylesheet
text/css 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/story_cluster.css

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161451340101_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

583f54c663c161e490dd8991d9e9101a3ca54822f458e73dcfc4885ce0efe34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=33849
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 930

GET
H/1.1 200
OK common_raw.js Show response
eus-www.sway-cdn.com/161452440100_Content/ Frame C455 23 KB
7 KB 7ms
7ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/common_raw.js

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161452440100_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

aa26cfe55e8cd183738f42180aae291dd666f4d39062e8a44c97b0be021946ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=49650
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 6432

GET
H/1.1 200
OK Hammer-2.0.4.js Show response
eus-www.sway-cdn.com/Content/ Frame C455 18 KB
7 KB 8ms
8ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/Hammer-2.0.4.js

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161452440100_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

f2bfc0b2ffa4e26071e6d6d8b73d750f6e9f8eb4e021a8ffdb18b84af0b919a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=71722
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 6449

POST
H2 200 RemoteUls.ashx Show response
sway.office.com/ Frame C455 0
243 B 109ms
108ms XHR
text/plain 52.109.12.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sway.office.com/RemoteUls.ashx

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.12.51 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff

Request headers

X-WebClientVersion: 201
X-UserSessionId: 646d2f80-6a1e-40f4-91f6-15efe4848568
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-LookupId: ZkPQU1PpWEVSHiWU
Referer: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed
anonuserid: 0f8dc3df-5eac-45f4-9b6f-e021be728d34
X-StoryId: 4FHBQXyrdXEhDNxRby78

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
x-requestid: f5077bb8-9324-426c-9608-a3320bb82c2a
x-officeversion: 16.0.14513.40101
x-officefe: SwayFrontEnd_IN_10
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: N/A
content-disposition: attachment
x-buls-suppressedtags
content-length: 0
x-storyid: 4FHBQXyrdXEhDNxRby78
x-trackingid: 6f55d3f8-bf0b-4275-a2fc-d6e69753d966
x-correlationid: 396cb1eb-e599-4a2d-9b74-b7491149892f
x-officecluster: eus-003.www.sway.com
x-usersessionid: 646d2f80-6a1e-40f4-91f6-15efe4848568
x-powered-by: ARR/3.0
date: Tue, 28 Sep 2021 05:22:53 GMT
x-download-options: noopen
content-type: text/plain
x-lookupid: ZkPQU1PpWEVSHiWU
cache-control: private
anonuserid: 0f8dc3df-5eac-45f4-9b6f-e021be728d34
timing-allow-origin: *

GET
H/1.1 200
OK common_raw.js Show response
eus-www.sway-cdn.com/161451340101_Content/ Frame 8987 23 KB
7 KB 7ms
7ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/common_raw.js

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161451340101_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

aa26cfe55e8cd183738f42180aae291dd666f4d39062e8a44c97b0be021946ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=33850
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 6432

GET
H/1.1 200
OK Hammer-2.0.4.js Show response
eus-www.sway-cdn.com/Content/ Frame 8987 18 KB
7 KB 7ms
7ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/Content/Hammer-2.0.4.js

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161451340101_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

f2bfc0b2ffa4e26071e6d6d8b73d750f6e9f8eb4e021a8ffdb18b84af0b919a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=71722
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 6449

POST
H2 200 RemoteUls.ashx Show response
sway.office.com/ Frame 8987 0
263 B 103ms
103ms XHR
text/plain 52.109.12.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sway.office.com/RemoteUls.ashx

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.12.51 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff

Request headers

X-WebClientVersion: 201
X-UserSessionId: af77a9b7-cf41-46d5-b336-f1f994992e54
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-LookupId: JhQ7QLlF074itt95
Referer: https://sway.office.com/s/JhQ7QLlF074itt95/embed
anonuserid: a45f32af-85b1-400f-8621-3483a69cae7c
X-StoryId: GnDvtbgbFeZkjzuXxPxb

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
x-requestid: 10f78670-a7e5-45b7-a876-db0e766b22d7
x-officeversion: 16.0.14524.40100
x-officefe: SwayFrontEnd_IN_23
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: N/A
content-disposition: attachment
x-buls-suppressedtags
content-length: 0
x-storyid: GnDvtbgbFeZkjzuXxPxb
x-trackingid: 1daf102e-8482-4ecc-b6a2-5cbf45922b58
x-correlationid: ddf59b29-8a25-4fc5-9658-f6727c4c23f8
x-officecluster: eus-000.www.sway.com
x-usersessionid: af77a9b7-cf41-46d5-b336-f1f994992e54
x-powered-by: ARR/3.0
date: Tue, 28 Sep 2021 05:22:53 GMT
x-download-options: noopen
content-type: text/plain
x-lookupid: JhQ7QLlF074itt95
cache-control: private
anonuserid: a45f32af-85b1-400f-8621-3483a69cae7c
timing-allow-origin: *

GET
H/1.1 200
OK swayicon.woff
eus-www.sway-cdn.com/161451340101_Content/ Frame 8987 22 KB
22 KB 33ms
33ms Font
application/font-woff 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/swayicon.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

e27855ef831cd10eb0fe2153d1b169d24a148e0b81d3dea001fd2637e7244238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/font-woff
Content-Length: 22140

GET
H/1.1 200
OK Benton_Modern-Roman_WebTT.woff
www.sway-cdn.com/Content/ Frame 8987 55 KB
55 KB 81ms
7ms Font
application/font-woff 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sway-cdn.com/Content/Benton_Modern-Roman_WebTT.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

7d994d23401ef1689a9d7d8689016cac6b18cdcd80636ba659537c7c422cff7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/font-woff
Content-Length: 56140

GET
H/1.1 200
OK Benton_Modern-Bold_WebTT.woff
www.sway-cdn.com/Content/ Frame 8987 56 KB
57 KB 84ms
11ms Font
application/font-woff 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sway-cdn.com/Content/Benton_Modern-Bold_WebTT.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

5b66a7c74f4f28ace673cce7a00c5410bf560de72e3ed421474f4a2a3a4877a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/font-woff
Content-Length: 57684

GET
H/1.1 200
OK Benton_Modern-Italic_WebTT.woff
www.sway-cdn.com/Content/ Frame 8987 61 KB
61 KB 84ms
11ms Font
application/font-woff 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sway-cdn.com/Content/Benton_Modern-Italic_WebTT.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

71bc180dc24b0afe4fdfb6200189f17eb5af01d17930c8416e73517d341d2c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 24 Sep 2021 12:37:12 GMT
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
X-Powered-By: ARR/3.0
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 62332
ETag: "0cace540b1d71:0"

POST
H2 202 analytics Show response
sway.office.com/sway/v1.0/JhQ7QLlF074itt95/ Frame 8987 2 B
196 B 232ms
232ms XHR
application/json 52.109.12.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sway.office.com/sway/v1.0/JhQ7QLlF074itt95/analytics?timeSpent=0&scrollDepth=0&readRatioGrade=0

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.12.51 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

X-WebClientVersion: 201
X-UserSessionId: af77a9b7-cf41-46d5-b336-f1f994992e54
Accept-Language: de-DE,de;q=0.9
X-Key: uqxkXnhFLVcg6bC88APfNVcHxvuP5+ZoDjoMPEqrUlE=,637684033729972392
Content-Type: application/json; charset=utf-8
X-LookupId: JhQ7QLlF074itt95
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sway.office.com/s/JhQ7QLlF074itt95/embed
X-Requested-With: XMLHttpRequest
anonuserid: a45f32af-85b1-400f-8621-3483a69cae7c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-StoryId: GnDvtbgbFeZkjzuXxPxb

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
x-content-type-options: nosniff
x-requestid: 0f5ec82d-0128-4bb2-bbc6-197efb688f77
x-officeversion: 16.0.14513.40101
x-officefe: SwayFrontEnd_IN_4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length: 2
x-storyid: GnDvtbgbFeZkjzuXxPxb
x-trackingid: 470e4165-5b28-4698-93d7-5b72d900f25b
x-correlationid: eb3c2ce2-9a4e-433f-aa51-a87f7586b42a
x-officecluster: eus-001.www.sway.com
x-usersessionid: af77a9b7-cf41-46d5-b336-f1f994992e54
x-powered-by: ARR/3.0
date: Tue, 28 Sep 2021 05:22:53 GMT
x-frame-options: SAMEORIGIN
content-type: application/json
x-lookupid: JhQ7QLlF074itt95
cache-control: private
anonuserid: a45f32af-85b1-400f-8621-3483a69cae7c
timing-allow-origin: *

GET
H/1.1 200
OK swayiconsb.woff
eus-www.sway-cdn.com/161451340101_Content/ Frame 8987 23 KB
24 KB 7ms
7ms Font
application/font-woff 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/swayiconsb.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

56c3f81e1fcada437f327ca47a70acbce01c7b3a8de0bc93081698ad039a7c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Tue, 28 Sep 2021 05:22:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/font-woff
Content-Length: 23704

GET
H/1.1 200
OK story.png
eus-www.sway-cdn.com/161451340101_Content/ Frame 8987 10 KB
11 KB 13ms
12ms Image
image/png 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/story.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

d46375075d66174f88ad9834c0695792c9afdd0f20456231fa4a873280a2c434

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: dd93f164-81bf-4034-8bd9-c4e83ac111ee
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_27
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 10721
ETag: "0d14bf3b8a8d71:0"
X-TrackingId: a9d70d0e-75ba-4d5a-a798-b95e47a3c69a
Last-Modified: Mon, 13 Sep 2021 16:03:54 GMT
X-OfficeCluster: eus-002.www.sway.com
X-UserSessionId: 78c7d9b9-6f00-446d-85fb-c3402e82daae
Date: Tue, 28 Sep 2021 05:22:53 GMT
anonuserid: cc5fca3c-f682-4fe8-9a9d-9215b4428ceb
Content-Type: image/png
X-CorrelationId: 78c7d9b9-6f00-446d-85fb-c3402e82daae
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14413.40100

GET
H/1.1 200
OK traveling_dots1color_shorter_white.gif
eus-www.sway-cdn.com/161451340101_Content/ Frame 8987 7 KB
8 KB 8ms
7ms Image
image/gif 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/traveling_dots1color_shorter_white.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

2e237d89d57788e810720fd97bcc0992e159044281956ecba83efd3a4f4b56cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: 35ee4ef5-a91f-42b3-920a-be66c26309d3
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_10
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 6828
ETag: "0d14bf3b8a8d71:0"
X-TrackingId: 97140d08-b4b5-47c4-ae46-66118e84bbc4
Last-Modified: Mon, 13 Sep 2021 16:03:54 GMT
X-OfficeCluster: eus-003.www.sway.com
X-UserSessionId: f4b99710-6e9c-4180-8282-e9dae1dcfbaf
Date: Tue, 28 Sep 2021 05:22:53 GMT
anonuserid: 81ec686a-ab18-489c-8dc5-0c733679ba7b
Content-Type: image/gif
X-CorrelationId: f4b99710-6e9c-4180-8282-e9dae1dcfbaf
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14413.40100

GET
H/1.1 200
OK whitespinner.32x32.gif
eus-www.sway-cdn.com/161451340101_Content/ Frame 8987 1 KB
2 KB 8ms
7ms Image
image/gif 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/whitespinner.32x32.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

11572f274d092466b9249659cfd382a0cfb640b23df4d4a1071c1b8d70147415

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: bd0c3667-5382-4d7f-b6b1-30f9a7c57327
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_29
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1278
ETag: "0d14bf3b8a8d71:0"
X-TrackingId: f372fd8d-0305-4754-9262-c90e72936fa1
Last-Modified: Mon, 13 Sep 2021 16:03:54 GMT
X-OfficeCluster: eus-002.www.sway.com
X-UserSessionId: 367ae23b-f13b-4bc1-8201-051a6343b292
Date: Tue, 28 Sep 2021 05:22:53 GMT
anonuserid: e3922411-dabe-4351-8cc8-17132f088e70
Content-Type: image/gif
X-CorrelationId: 367ae23b-f13b-4bc1-8201-051a6343b292
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14413.40100

GET
H/1.1 200
OK mz57WdnsDiL02D
eus-www.sway-cdn.com/s/JhQ7QLlF074itt95/images/ Frame 8987 59 KB
60 KB 502ms
501ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/JhQ7QLlF074itt95/images/mz57WdnsDiL02D?quality=640&allowAnimation=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

d88395dd356b31829ca54db03d8d20b6c57963b26bef85af6bbc92a5fa3499a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: 398d9af3-1a2f-47ae-aee2-3c01187e46b8
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_5
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 60352
X-TrackingId: 3b5464bf-9802-475f-aa7c-d7d306dbff5c
X-CorrelationId: 2e25c25b-7a61-4f63-944a-903867bbe0ca
X-OfficeCluster: eus-002.www.sway.com
X-UserSessionId: 2e25c25b-7a61-4f63-944a-903867bbe0ca
Date: Tue, 28 Sep 2021 05:22:54 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: cc60ef2e-8d04-4ad6-b4fb-ea0496a172ef
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14513.40101

GET
H/1.1 200
OK uj17jIuzXRzPNe
eus-www.sway-cdn.com/s/JhQ7QLlF074itt95/images/ Frame 8987 29 KB
30 KB 186ms
185ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/JhQ7QLlF074itt95/images/uj17jIuzXRzPNe?quality=676&allowAnimation=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

b18516d2ad30fd4e3cb1dbfd229b0af251ec287a762390f04eb3398315f84aa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: ba15c1ca-30dd-4b71-9c02-ac88fbc7d4b3
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_6
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 29897
X-TrackingId: 6523d437-e08f-4679-be2d-3e27b174d7d2
X-CorrelationId: 1779e89e-ec72-4eef-bc3f-9193368464cb
X-OfficeCluster: eus-003.www.sway.com
X-UserSessionId: 1779e89e-ec72-4eef-bc3f-9193368464cb
Date: Tue, 28 Sep 2021 05:22:54 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: 66ddf9ce-7006-4bf3-bb4a-031357a62550
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14513.40101

GET
H/1.1 200
OK pRfJujIYT6A8dQ
eus-www.sway-cdn.com/s/JhQ7QLlF074itt95/images/ Frame 8987 41 KB
42 KB 487ms
481ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/JhQ7QLlF074itt95/images/pRfJujIYT6A8dQ?quality=810&allowAnimation=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

070141f7a443db7ec3638392cea01e804a2f0330d39d798de710336166c3ec77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: 342f488f-c79a-4c0b-93a7-8b2cdbe41f50
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_25
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 41770
X-TrackingId: f4ea723e-bebd-4df5-a76d-2de74a682c2b
X-CorrelationId: bef4f70a-5188-42cb-b371-fc87113cfc1c
X-OfficeCluster: eus-001.www.sway.com
X-UserSessionId: bef4f70a-5188-42cb-b371-fc87113cfc1c
Date: Tue, 28 Sep 2021 05:22:54 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: 9cbfb1da-c6e3-46e9-a7a4-ef3542913e94
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14513.40101

GET
H/1.1 200
OK mz57WdnsDiL02D
eus-www.sway-cdn.com/s/JhQ7QLlF074itt95/images/ Frame 8987 180 KB
181 KB 474ms
474ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/JhQ7QLlF074itt95/images/mz57WdnsDiL02D?quality=1280&allowAnimation=true&embeddedHost=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

1452e4e47e359e89a4ba8abf675ca4199f69c4433620fdfeb93bc1cd3771ad7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: fbbadd47-c5d2-41e2-92c2-8d9bd913c6fc
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_26
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 184427
X-TrackingId: 6c607915-abc9-423b-a55f-f3666c58da50
X-CorrelationId: a808a90d-bc55-46d6-8d98-f12296e3eb34
X-OfficeCluster: eus-001.www.sway.com
X-UserSessionId: a808a90d-bc55-46d6-8d98-f12296e3eb34
Date: Tue, 28 Sep 2021 05:22:54 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: fa9732aa-0929-42ef-a289-b1d078b23d50
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14513.40101

GET
H/1.1 200
OK vsH23Ps-yOsk9R
eus-www.sway-cdn.com/s/JhQ7QLlF074itt95/images/ Frame 8987 12 KB
13 KB 484ms
482ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/JhQ7QLlF074itt95/images/vsH23Ps-yOsk9R?quality=360&allowAnimation=true&embeddedHost=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

04d74f8d779ce7f12532bfdf3a0a5057f639a4b075cccf99c6ebe3419fe4c000

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: 5297c378-b4fd-496f-9056-9afc43654f0e
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_10
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 12254
X-TrackingId: d97929c3-94c6-422a-a2a0-b963cdb535c4
X-CorrelationId: 678bda7d-1881-4d92-adb9-e5eb630e15c2
X-OfficeCluster: eus-002.www.sway.com
X-UserSessionId: 678bda7d-1881-4d92-adb9-e5eb630e15c2
Date: Tue, 28 Sep 2021 05:22:54 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: fbd2abca-e82e-4219-85dc-64951d0203aa
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14513.40101

GET
H/1.1 200
OK swayicon.woff
eus-www.sway-cdn.com/161452440100_Content/ Frame C455 22 KB
22 KB 7ms
7ms Font
application/font-woff 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/swayicon.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

e27855ef831cd10eb0fe2153d1b169d24a148e0b81d3dea001fd2637e7244238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Tue, 28 Sep 2021 05:22:54 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/font-woff
Content-Length: 22140

GET
H/1.1 200
OK KairosDistressed.woff
www.sway-cdn.com/Content/ Frame C455 401 KB
402 KB 8ms
8ms Font
application/font-woff 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sway-cdn.com/Content/KairosDistressed.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

4c10096ecb564fe8565fbefe17a376a38235f8d1c6c7ae1101d1ebcce78dff03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: application/font-woff
Last-Modified: Mon, 13 Sep 2021 16:03:54 GMT
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Tue, 28 Sep 2021 05:22:54 GMT
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 410704
ETag: "0d14bf3b8a8d71:0"

GET
H/1.1 200
OK KairosDistressed-Bold.woff
www.sway-cdn.com/Content/ Frame C455 532 KB
532 KB 10ms
9ms Font
application/font-woff 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sway-cdn.com/Content/KairosDistressed-Bold.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

4753c30c7a20f09023d3a70ddfce87da5aee432dd1144b16bce16475f854e050

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: application/font-woff
Last-Modified: Mon, 13 Sep 2021 16:03:54 GMT
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Tue, 28 Sep 2021 05:22:54 GMT
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 544304
ETag: "0d14bf3b8a8d71:0"

GET
H/1.1 200
OK KairosDistressed-Italic.woff
www.sway-cdn.com/Content/ Frame C455 401 KB
402 KB 416ms
415ms Font
application/font-woff 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sway-cdn.com/Content/KairosDistressed-Italic.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

6c633100a58098ae5d81f1dc4cc3b6937188fb32be8695d71aa6b609625dc557

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: application/font-woff
Last-Modified: Mon, 13 Sep 2021 16:03:54 GMT
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Tue, 28 Sep 2021 05:22:54 GMT
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 410852
ETag: "0d14bf3b8a8d71:0"

GET
H/1.1 200
OK GeorgiaPro-Regular.woff
www.sway-cdn.com/Content/ Frame C455 96 KB
96 KB 20ms
7ms Font
application/font-woff 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sway-cdn.com/Content/GeorgiaPro-Regular.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

12777afa00290300347daac7dc485c0a42529225b9d96c356dc667e56b595ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Tue, 28 Sep 2021 05:22:54 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/font-woff
Content-Length: 98188

POST
H2 202 analytics Show response
sway.office.com/sway/v1.0/ZkPQU1PpWEVSHiWU/ Frame C455 2 B
278 B 408ms
408ms XHR
application/json 52.109.12.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sway.office.com/sway/v1.0/ZkPQU1PpWEVSHiWU/analytics?timeSpent=0&scrollDepth=0&readRatioGrade=0

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/Content/jquery-2.2.4-custom-1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.12.51 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

X-WebClientVersion: 201
X-UserSessionId: 646d2f80-6a1e-40f4-91f6-15efe4848568
Accept-Language: de-DE,de;q=0.9
X-Key: yQViny9eAY/nAGwlIABuAlqPDgGiNYTCfIMGjejEk4Q=,637684033730072668
Content-Type: application/json; charset=utf-8
X-LookupId: ZkPQU1PpWEVSHiWU
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed
X-Requested-With: XMLHttpRequest
anonuserid: 0f8dc3df-5eac-45f4-9b6f-e021be728d34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-StoryId: 4FHBQXyrdXEhDNxRby78

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
x-content-type-options: nosniff
x-requestid: 192923c2-6e23-4e2b-a7d5-4213646a3c6c
x-officeversion: 16.0.14513.40101
x-officefe: SwayFrontEnd_IN_22
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length: 2
x-storyid: 4FHBQXyrdXEhDNxRby78
x-trackingid: 77f7c6ca-7347-4e0e-b4a1-716f9cf00203
x-correlationid: a6d85ab5-790a-450c-b19b-15c71640b97d
x-officecluster: eus-002.www.sway.com
x-usersessionid: 646d2f80-6a1e-40f4-91f6-15efe4848568
x-powered-by: ARR/3.0
date: Tue, 28 Sep 2021 05:22:54 GMT
x-frame-options: SAMEORIGIN
content-type: application/json
x-lookupid: ZkPQU1PpWEVSHiWU
cache-control: private
anonuserid: 0f8dc3df-5eac-45f4-9b6f-e021be728d34
timing-allow-origin: *

GET
H/1.1 200
OK swayiconsb.woff
eus-www.sway-cdn.com/161452440100_Content/ Frame C455 23 KB
24 KB 7ms
7ms Font
application/font-woff 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/swayiconsb.woff

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

56c3f81e1fcada437f327ca47a70acbce01c7b3a8de0bc93081698ad039a7c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sway.office.com/
Origin: https://sway.office.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Tue, 28 Sep 2021 05:22:54 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/font-woff
Content-Length: 23704

GET
H/1.1 200
OK story.png
eus-www.sway-cdn.com/161452440100_Content/ Frame C455 10 KB
11 KB 8ms
7ms Image
image/png 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/story.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

d46375075d66174f88ad9834c0695792c9afdd0f20456231fa4a873280a2c434

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: 1514f85b-7c45-4c87-89b2-ef2b27f284ad
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_17
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 10721
ETag: "0cace540b1d71:0"
X-TrackingId: 2fae8dba-a909-4926-9a51-3b2db473ce5f
Last-Modified: Fri, 24 Sep 2021 12:37:12 GMT
X-OfficeCluster: eus-000.www.sway.com
X-UserSessionId: df9c75b3-c0aa-4d5b-849e-d365c6e1f60a
Date: Tue, 28 Sep 2021 05:22:54 GMT
anonuserid: ec2fcd0a-aa85-43f5-ba33-a7cebed92ff0
Content-Type: image/png
X-CorrelationId: df9c75b3-c0aa-4d5b-849e-d365c6e1f60a
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14513.40101

GET
H/1.1 200
OK traveling_dots1color_shorter_white.gif
eus-www.sway-cdn.com/161452440100_Content/ Frame C455 7 KB
8 KB 7ms
7ms Image
image/gif 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/traveling_dots1color_shorter_white.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

2e237d89d57788e810720fd97bcc0992e159044281956ecba83efd3a4f4b56cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: eef423f0-81d0-4a3c-9c80-6469947fc746
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_5
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 6828
ETag: "0cace540b1d71:0"
X-TrackingId: 1f897f48-f6dd-438a-bd32-01338e3e434e
Last-Modified: Fri, 24 Sep 2021 12:37:12 GMT
X-OfficeCluster: eus-000.www.sway.com
X-UserSessionId: e7f908f2-9bd0-412b-96f0-7ffa54b43d10
Date: Tue, 28 Sep 2021 05:22:54 GMT
anonuserid: d44443f2-6f16-458b-a134-1afd7edf32bf
Content-Type: image/gif
X-CorrelationId: e7f908f2-9bd0-412b-96f0-7ffa54b43d10
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14524.40100

GET
H/1.1 200
OK whitespinner.32x32.gif
eus-www.sway-cdn.com/161452440100_Content/ Frame C455 1 KB
2 KB 15ms
7ms Image
image/gif 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/whitespinner.32x32.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

11572f274d092466b9249659cfd382a0cfb640b23df4d4a1071c1b8d70147415

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: a55e6a88-4f02-41aa-bada-ae073be26b60
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_29
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1278
ETag: "0cace540b1d71:0"
X-TrackingId: a380c736-8d31-45db-a009-5218340da607
Last-Modified: Fri, 24 Sep 2021 12:37:12 GMT
X-OfficeCluster: eus-001.www.sway.com
X-UserSessionId: fbf9a06e-dd00-4265-8055-24a73bf9a5b7
Date: Tue, 28 Sep 2021 05:22:54 GMT
anonuserid: 07f49435-80b3-40b2-aa23-6f13bb00eafc
Content-Type: image/gif
X-CorrelationId: fbf9a06e-dd00-4265-8055-24a73bf9a5b7
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14513.40101

GET
H/1.1 200
OK XfxFUtaHsE8SFo
eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/ Frame C455 161 KB
161 KB 247ms
238ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/XfxFUtaHsE8SFo?quality=960&allowAnimation=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

290fe097f1406391f131d6bf901e483f0c0000fead104f38f46f77c890f06d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: 07d5e878-6cf9-457b-a74c-07e7a04b1c94
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_23
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 164505
X-TrackingId: 7a21284f-48eb-4335-9320-136436fe94d9
X-CorrelationId: 570ee273-6d39-44c5-9eeb-359122ff05a5
X-OfficeCluster: eus-003.www.sway.com
X-UserSessionId: 570ee273-6d39-44c5-9eeb-359122ff05a5
Date: Tue, 28 Sep 2021 05:22:54 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: 0b908a56-e733-48af-b6e4-1604a800f48a
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14513.40101

GET
H/1.1 200
OK NWrvK_ICYPbpvR
eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/ Frame C455 75 KB
76 KB 488ms
473ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/NWrvK_ICYPbpvR?quality=960&allowAnimation=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

769e07a0ca49f4ed5b6577b40f4a2b19a4e0f62c38caf95b39117dd82a58f7c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: 4835671b-5742-4f45-8708-17f824df272a
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_12
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 76587
X-TrackingId: 0f1b3346-8b9f-4e11-a4b1-d985f9e4b871
X-CorrelationId: d3ca7362-cdc1-4eda-8535-e00e09e06959
X-OfficeCluster: eus-000.www.sway.com
X-UserSessionId: d3ca7362-cdc1-4eda-8535-e00e09e06959
Date: Tue, 28 Sep 2021 05:22:54 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: b7f344c7-64e1-414e-ba92-d7d820295cc4
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14524.40100

GET
H/1.1 200
OK AZhl4wcdciDy6V
eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/ Frame C455 111 KB
112 KB 485ms
226ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/AZhl4wcdciDy6V?quality=960&allowAnimation=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

72e0fb37a5c5da883f1e976474e5f7534e4ada01454351a477ceb9a95bc87db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: d8eece7a-1c44-4b17-bdeb-4eb577c38602
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_13
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 113350
X-TrackingId: 31656049-aacc-4d59-8c30-af57af1b51cb
X-CorrelationId: 82e75084-afb8-4ed9-81ee-f481c8b08db4
X-OfficeCluster: eus-000.www.sway.com
X-UserSessionId: 82e75084-afb8-4ed9-81ee-f481c8b08db4
Date: Tue, 28 Sep 2021 05:22:54 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: 4f48fbfc-fcea-4388-b3d1-5f01dd383fa3
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14524.40100

GET
H/1.1 200
OK hBFNZUHMyKcU_F
eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/ Frame C455 97 KB
98 KB 516ms
205ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/hBFNZUHMyKcU_F?quality=960&allowAnimation=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

5f95fa313c588f3a3007cd3f72323b2dde666b372fac8e79215967d5875135ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: f2ce0601-6e43-4abe-bf26-0f632895d635
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_28
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 99539
X-TrackingId: e7e048bb-e301-485d-b677-b4c7a91d7c8c
X-CorrelationId: 8ee73257-0e3e-4d05-9a8f-1be2f67e4c75
X-OfficeCluster: eus-003.www.sway.com
X-UserSessionId: 8ee73257-0e3e-4d05-9a8f-1be2f67e4c75
Date: Tue, 28 Sep 2021 05:22:54 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: 504376bc-6b00-47c6-8ba4-75b021f676f1
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14513.40101

GET
H/1.1 200
OK tDbyI3A1djzu3u
eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/ Frame C455 95 KB
96 KB 637ms
222ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/tDbyI3A1djzu3u?quality=960&allowAnimation=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

7b1676d538b39cc6c7d87842ec7fdc374d0c07323579e1605f57f44d3faab126

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: 3f547741-2f53-4fff-a821-41a2af2b5682
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_16
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 97755
X-TrackingId: c3014480-2d62-4e8c-bef1-780fc9423239
X-CorrelationId: 4fee6d8b-a287-4d91-a15f-555f883d9792
X-OfficeCluster: eus-000.www.sway.com
X-UserSessionId: 4fee6d8b-a287-4d91-a15f-555f883d9792
Date: Tue, 28 Sep 2021 05:22:54 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: 6d171a6d-f73d-4bdf-843c-4d0696cd6274
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14524.40100

GET
H/1.1 200
OK uj17jIuzXRzPNe
eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/ Frame C455 29 KB
30 KB 669ms
193ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/uj17jIuzXRzPNe?quality=676&allowAnimation=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

b18516d2ad30fd4e3cb1dbfd229b0af251ec287a762390f04eb3398315f84aa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: 7bca431f-e7c0-4c8d-aa76-e0203f2c60ae
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_7
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 29897
X-TrackingId: dc589b1b-4d8a-42e3-b102-3fb3e2eb852a
X-CorrelationId: d2a675b3-8205-415d-807f-34d35dc28f06
X-OfficeCluster: eus-001.www.sway.com
X-UserSessionId: d2a675b3-8205-415d-807f-34d35dc28f06
Date: Tue, 28 Sep 2021 05:22:54 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: 15bfd363-71d9-4b9f-8d85-21359f501f35
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14513.40101

GET
H/1.1 200
OK J69j30yk2-V56q
eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/ Frame C455 133 KB
134 KB 318ms
222ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/J69j30yk2-V56q?quality=960&allowAnimation=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

3c585f5a90494aff50a396d615bbc1e86e1c4d732ddd56d929baeb97c5d8ea69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: b8171486-fb74-411f-8e6e-c0dad6630528
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_11
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 136608
X-TrackingId: 93b7d4be-5a6d-4d2f-a87c-b88a6ba8ce73
X-CorrelationId: 167c99de-5b84-48d3-82f2-cff4172c8a7d
X-OfficeCluster: eus-002.www.sway.com
X-UserSessionId: 167c99de-5b84-48d3-82f2-cff4172c8a7d
Date: Tue, 28 Sep 2021 05:22:55 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: e9973ccf-167d-4626-9123-2a8a7cf73106
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14513.40101

GET
H/1.1 200
OK h9YPp4CJKIAYRG
eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/ Frame C455 43 KB
44 KB 219ms
219ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/h9YPp4CJKIAYRG?quality=960&allowAnimation=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

ae3767725464eee15fbac3ca137a8f10b86bb8c0aa10ae53c5f3b13bf97ede51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: 6c7ffc4a-7bd8-45ae-982b-05ced8b30420
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_20
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 44359
X-TrackingId: e3312e36-bd5d-4dd6-a76f-81821d97c435
X-CorrelationId: d64dc585-1ce3-48a5-b5a2-68d79336c219
X-OfficeCluster: eus-000.www.sway.com
X-UserSessionId: d64dc585-1ce3-48a5-b5a2-68d79336c219
Date: Tue, 28 Sep 2021 05:22:55 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: 6fafe492-faf6-4185-87c2-e41d2b5c944d
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14524.40100

GET
H/1.1 200
OK frU187M-aZP8RK
eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/ Frame C455 178 KB
179 KB 255ms
255ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/frU187M-aZP8RK?quality=960&allowAnimation=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

090d594264b0be4f3b5d0f1ee5d65937d70494a3cf76ff57ecbe1dd3dca06ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: 624921a9-14a4-4351-823a-1c92637959f1
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_4
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 181986
X-TrackingId: 0a1f0517-1681-435b-9ca9-424179950f06
X-CorrelationId: f457a497-f2e9-4a6f-9040-5bcca3710ca4
X-OfficeCluster: eus-002.www.sway.com
X-UserSessionId: f457a497-f2e9-4a6f-9040-5bcca3710ca4
Date: Tue, 28 Sep 2021 05:22:55 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: 283d921e-3a13-4d58-95c5-0c1790d655ca
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14513.40101

GET
H/1.1 200
OK jnD3WW32u-aATd
eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/ Frame C455 40 KB
41 KB 317ms
317ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/jnD3WW32u-aATd?quality=640&allowAnimation=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

d2bf4649bd99c5f77d041e7b180648f6c8d557109ad3d59efa46f762b57af473

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: 9b1560e7-3dff-48da-97f0-04d32ded1ab5
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_5
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 41368
X-TrackingId: a0a8b0f3-a0fe-4616-9cef-2ff428bb2929
X-CorrelationId: dc738c42-c884-4932-92c3-c658bc66019d
X-OfficeCluster: eus-002.www.sway.com
X-UserSessionId: dc738c42-c884-4932-92c3-c658bc66019d
Date: Tue, 28 Sep 2021 05:22:55 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: e4ccf644-c5ec-4844-9072-201603e87c48
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14513.40101

GET
H/1.1 200
OK e6dglazpph9wLF
eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/ Frame C455 81 KB
82 KB 422ms
262ms Image
image/jpeg 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eus-www.sway-cdn.com/s/ZkPQU1PpWEVSHiWU/images/e6dglazpph9wLF?quality=960&allowAnimation=true&embeddedHost=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

a6a55c25d28ddcb3e69c59f4bb1a3278e39606e6e7294d20dd30f310a96cfb33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-RequestId: 81cfdc42-5678-4c25-b1c9-3eb59eb04ebb
X-Powered-By: ARR/3.0
X-OfficeFE: SwayFrontEnd_IN_10
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 82845
X-TrackingId: e555b4a2-fda5-4ab1-b847-bdd4b6ea1db1
X-CorrelationId: 7332cd77-afde-4505-af64-2b84f1278bb4
X-OfficeCluster: eus-002.www.sway.com
X-UserSessionId: 7332cd77-afde-4505-af64-2b84f1278bb4
Date: Tue, 28 Sep 2021 05:22:54 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=3600
anonuserid: 9f0de9cc-4e90-48ca-b1e5-585280de6e2e
Timing-Allow-Origin: *
X-OfficeVersion: 16.0.14513.40101

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 6089 28 B
54 B 41ms
40ms XHR
application/json 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d82ca80e/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/pq9lYXH7tLE
X-YouTube-Client-Version: 1.20210922.1.1
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtjRWlRYWtqaEhpayiszcqKBg%3D%3D
X-YouTube-Ad-Signals: dt=1632806572955&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKrsV95i4HeXrpy3NY0vETCg10dT9C3FrDfdteULLmLH_y7r7XrEWGSxXlYi-Ly2LRzWA3ydrHD1w2kS_iHuduitfV8Wtw

Response headers

date: Tue, 28 Sep 2021 05:22:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 28 Sep 2021 05:22:55 GMT

GET
H/1.1 200
OK OfficeBrowserFeedback.js Show response
eus-www.sway-cdn.com/161452440100_Content/feedback/ Frame C455 158 KB
45 KB 17ms
16ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161452440100_Content/feedback/OfficeBrowserFeedback.js

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161452440100_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

4f2d6301347a2fbf30fed521f2d319e78cffd90713336dcc9c0a2676dc3fb37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=49650
Date: Tue, 28 Sep 2021 05:22:55 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 45168

POST
H2 200 RemoteUls.ashx Show response
sway.office.com/ Frame C455 0
151 B 103ms
103ms XHR
text/plain 52.109.12.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sway.office.com/RemoteUls.ashx

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.12.51 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff

Request headers

X-WebClientVersion: 201
X-UserSessionId: 646d2f80-6a1e-40f4-91f6-15efe4848568
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-LookupId: ZkPQU1PpWEVSHiWU
Referer: https://sway.office.com/s/ZkPQU1PpWEVSHiWU/embed
anonuserid: 0f8dc3df-5eac-45f4-9b6f-e021be728d34
X-StoryId: 4FHBQXyrdXEhDNxRby78

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
x-requestid: f7d9f586-3309-4e2e-ae42-71175a110c92
x-officeversion: 16.0.14513.40101
x-officefe: SwayFrontEnd_IN_6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: N/A
content-disposition: attachment
x-buls-suppressedtags
content-length: 0
x-storyid: 4FHBQXyrdXEhDNxRby78
x-trackingid: 74e9554a-6ed9-448b-bcb4-a12b626921db
x-correlationid: d5bf1d51-718b-4bb4-bdf7-f49bdf53b4a1
x-officecluster: eus-002.www.sway.com
x-usersessionid: 646d2f80-6a1e-40f4-91f6-15efe4848568
x-powered-by: ARR/3.0
date: Tue, 28 Sep 2021 05:22:55 GMT
x-download-options: noopen
content-type: text/plain
x-lookupid: ZkPQU1PpWEVSHiWU
cache-control: private
anonuserid: 0f8dc3df-5eac-45f4-9b6f-e021be728d34
timing-allow-origin: *

GET
H/1.1 200
OK OfficeBrowserFeedback.js Show response
eus-www.sway-cdn.com/161451340101_Content/feedback/ Frame 8987 158 KB
45 KB 8ms
8ms Script
application/javascript 104.111.239.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eus-www.sway-cdn.com/161451340101_Content/feedback/OfficeBrowserFeedback.js

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/161451340101_Content/Preload.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-56.deploy.static.akamaitechnologies.com

Software

/ ARR/3.0

Resource Hash

4f2d6301347a2fbf30fed521f2d319e78cffd90713336dcc9c0a2676dc3fb37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sway.office.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
Vary: Accept-Encoding
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=33850
Date: Tue, 28 Sep 2021 05:22:55 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 45168

POST
H2 200 RemoteUls.ashx Show response
sway.office.com/ Frame 8987 0
233 B 179ms
178ms XHR
text/plain 52.109.12.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sway.office.com/RemoteUls.ashx

Requested by

Host: eus-www.sway-cdn.com
URL: https://eus-www.sway-cdn.com/Content/CommonDiagnostics-Sway-1.0.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.109.12.51 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff

Request headers

X-WebClientVersion: 201
X-UserSessionId: af77a9b7-cf41-46d5-b336-f1f994992e54
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-LookupId: JhQ7QLlF074itt95
Referer: https://sway.office.com/s/JhQ7QLlF074itt95/embed
anonuserid: a45f32af-85b1-400f-8621-3483a69cae7c
X-StoryId: GnDvtbgbFeZkjzuXxPxb

Response headers

strict-transport-security: max-age=15724800; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
x-requestid: c4ed73bc-eddf-4dff-bb17-e5a85833f71c
x-officeversion: 16.0.14513.40101
x-officefe: SwayFrontEnd_IN_8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: N/A
content-disposition: attachment
x-buls-suppressedtags
content-length: 0
x-storyid: GnDvtbgbFeZkjzuXxPxb
x-trackingid: 73e44ae1-b7c6-49b3-a8e9-81e2a71f4ceb
x-correlationid: ac21b29c-8683-490b-9604-8e11bae1128b
x-officecluster: eus-001.www.sway.com
x-usersessionid: af77a9b7-cf41-46d5-b336-f1f994992e54
x-powered-by: ARR/3.0
date: Tue, 28 Sep 2021 05:22:55 GMT
x-download-options: noopen
content-type: text/plain
x-lookupid: JhQ7QLlF074itt95
cache-control: private
anonuserid: a45f32af-85b1-400f-8621-3483a69cae7c
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: P17884QsPwQ
.youtube.com/	1970-01-20 01:52:38	Name: VISITOR_INFO1_LIVE Value: cEiQakjhHik
.sway.office.com/	1969-12-31 23:59:59	Name: AuthSess Value: 6b5aa680-6c4a-446d-a549-e5925f6f07de
.office.com/	1969-12-31 23:59:59	Name: AADNonce Value: d2e23020-e8dd-439c-8388-7a2200e4224c.637684033730597295
.doubleclick.net/	1970-01-20 06:55:02	Name: IDE Value: AHWqTUklYWCYL9vvsdAKAlZS9BjG5s0Vd-s3_RShVb6LLfjPLsYm4uFW7NE8Moq_

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chart.googleapis.com
eus-www.sway-cdn.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
impressum.vermoegensberater-metzger.de
static.doubleclick.net
sway.office.com
www.google.com
www.gstatic.com
www.sway-cdn.com
www.youtube.com
yt3.ggpht.com
zkp-girokonto-db.vermoegensberater-metzger.de
104.111.239.56
142.250.181.225
142.250.184.196
142.250.184.206
142.250.184.226
142.250.185.234
142.250.186.150
142.250.186.166
172.217.16.131
172.217.23.99
52.109.12.51
94.130.66.41
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02b92e08d651fc279a7785c6bd439a9fb4a1eb31d7ed8e8153a96905e7de7f24
045fd4ce57343257588e028026d314db88e7cc03aa84ec98ead1197bafe8c598
04d74f8d779ce7f12532bfdf3a0a5057f639a4b075cccf99c6ebe3419fe4c000
060cb1212c2377a9a9b736afb14afdb93121518c7392859a4fc5e088a5bac891
070141f7a443db7ec3638392cea01e804a2f0330d39d798de710336166c3ec77
090d594264b0be4f3b5d0f1ee5d65937d70494a3cf76ff57ecbe1dd3dca06ddb
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
11572f274d092466b9249659cfd382a0cfb640b23df4d4a1071c1b8d70147415
12777afa00290300347daac7dc485c0a42529225b9d96c356dc667e56b595ded
1452e4e47e359e89a4ba8abf675ca4199f69c4433620fdfeb93bc1cd3771ad7f
160daca799b276d8ce387e0187d972d715abead1399795bff9ec2a64b494527c
1d6f58c0806515d17276af6bd050c328b87181f460ce15d07fd0052779241dc5
290fe097f1406391f131d6bf901e483f0c0000fead104f38f46f77c890f06d34
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2e237d89d57788e810720fd97bcc0992e159044281956ecba83efd3a4f4b56cf
2f5deb75ea8a55d2119c56e4e3bcc0bde3516b838a088e28df1553824fe619ad
2f943845b13401a84fd03f33440729a3df0c31cd4ac27f57875626ea7b25fed2
3422aa9a6369c1dc81d4a5d14f5e6601c2e489e0bce6592488a384048faee9ae
3c585f5a90494aff50a396d615bbc1e86e1c4d732ddd56d929baeb97c5d8ea69
3da8fc98318eeaf2ba8d02e79455d3d6f8f509bda7882c4c3c807b7197c24a1d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
421c4f1404df307e48f2d24b91e1888d5b73a70cd5388663a401bb2de52972f7
4753c30c7a20f09023d3a70ddfce87da5aee432dd1144b16bce16475f854e050
49989502b5088cee119ea0201a0fbb9730480b265d1f2a38c048fb529f111362
4c10096ecb564fe8565fbefe17a376a38235f8d1c6c7ae1101d1ebcce78dff03
4c9305d5158406ce6fc1ef1209af8188d0995b04a52ebeb247f6ab86693ddb0f
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4f2d6301347a2fbf30fed521f2d319e78cffd90713336dcc9c0a2676dc3fb37c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5693a3e120bd59af704bf97c09d42fdab7456d98089c91e22b4b0b3788eaa0aa
56c3f81e1fcada437f327ca47a70acbce01c7b3a8de0bc93081698ad039a7c42
583f54c663c161e490dd8991d9e9101a3ca54822f458e73dcfc4885ce0efe34f
5b6231040840aed34ffe299d3f352814c3e24c517eb687cec06293e7eacecb1f
5b66a7c74f4f28ace673cce7a00c5410bf560de72e3ed421474f4a2a3a4877a7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cf2d602e6a7b16bf2a0b1866e945e014d8d08ecb9603a36943b8da90499a96e
5e0693c249c7f060ca8aa4e22dba2aa91d1d37c1fe18d13efd20a8978e027c04
5e170e2cb452c3504ff9af148cc6c4aea661178c9fc93ecdcb32bcd856d76d9b
5e3666ee35a36488c6779dae6d0f44101c45f5310bf480c988795dc9c7b00d3f
5f95fa313c588f3a3007cd3f72323b2dde666b372fac8e79215967d5875135ea
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
62b97aca219dc9aa7b073a1871afc7e9af2f5beea5df283c94841f53a264042c
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69233075edf7ae5edf9f191df75577de4b3d988d3f2b77d4a7a1b944d3278df8
69faaa72e4b6598dcae3dd78e6e0134b66e520f7f6805df7ffc56bd27ef2e60b
6c633100a58098ae5d81f1dc4cc3b6937188fb32be8695d71aa6b609625dc557
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
704d418b7b3efa6f1870d409134b9c6b80fc5f5f38b46a68aee496388a6bbd48
71bc180dc24b0afe4fdfb6200189f17eb5af01d17930c8416e73517d341d2c74
72e0fb37a5c5da883f1e976474e5f7534e4ada01454351a477ceb9a95bc87db9
745ee85d2a6428ee40bb445f121fedd1d7d60c820d8c130405b06eb5f3930233
769e07a0ca49f4ed5b6577b40f4a2b19a4e0f62c38caf95b39117dd82a58f7c9
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
7b1676d538b39cc6c7d87842ec7fdc374d0c07323579e1605f57f44d3faab126
7cd87977600ea28d634350b9c2fb2189c084ec3cc00675f0893e5b3421a0ce22
7d994d23401ef1689a9d7d8689016cac6b18cdcd80636ba659537c7c422cff7d
7e6537ea312b530bc7790d19a283e1baa54fa2c1cfa61f17c8d5794bff159e9a
7f87a803dcaa9a3c75ec3b8f670c76709d494f3086d8c8d279ec7da52abf4380
8ac79395ad2c8c0efaf5a734544089eab4a8dce163f3b97f86d08921df5faafb
8cdf539fb15c76b15158d70b463ae3d21e98fd2aef8b677f035da12f73b4d345
96ddb306e7e38dcfb4e19a4023e5193e5fc35f2c8c9a4c32cfc655dad16536ab
98246f79b1495fa4d547fc6bdff6a3de6cf8064d5cb9e5d877adee9171a7f99d
9cba22d72eb8ae568a49875f871b5205a52453c18ce821734f17c1fc870c7ade
9dd6c6964f62745369055626cefbcca56f89bcd89bced8f4f3ae9163a5aba033
a277d0de3c649c1ddf9d0a4e57309b0d7a06e72399996ee9d2006e8d67ca3e56
a6a55c25d28ddcb3e69c59f4bb1a3278e39606e6e7294d20dd30f310a96cfb33
a948cb05b49413e26a0613908e55f02413d756c3b078934a239f03e8b094ca44
aa26cfe55e8cd183738f42180aae291dd666f4d39062e8a44c97b0be021946ef
ac83a00770ebd3357351256773a79a3ae4116391676acc69be31f74a771f2639
ae3767725464eee15fbac3ca137a8f10b86bb8c0aa10ae53c5f3b13bf97ede51
ae3f09a635c62fd08fa054c4c7197397055b253c9f9ac4561afedceca2cb3d80
afb5ebee59a0bb8d2868b162dfc945c82338ac7155374e29a48e066de620c18c
b18516d2ad30fd4e3cb1dbfd229b0af251ec287a762390f04eb3398315f84aa7
b2b6ba4b6ceeeae0efb23f67b9ae53bdc72ffb7bd149e0f63104d855712a506c
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
bf61b2fc0d0992cf254f87ef4c58277a5afba5114efac3defe3854f3062253da
c0b9213606d02d7590db737b84b82c499aed306985fa41a846339944b2618351
d2bf4649bd99c5f77d041e7b180648f6c8d557109ad3d59efa46f762b57af473
d46375075d66174f88ad9834c0695792c9afdd0f20456231fa4a873280a2c434
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d88395dd356b31829ca54db03d8d20b6c57963b26bef85af6bbc92a5fa3499a6
d93c7c708517c92369db63a507370b4023740656cd31c09222d6ab03de4ef951
daef54c828406aaba2db8f22758177351ed4d3ce40b848bb93f45f8b253fcdfd
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dea1c812be07d0500fd65a4f35214cad6c210c487404e99bbc457b8d6564a7b2
e27855ef831cd10eb0fe2153d1b169d24a148e0b81d3dea001fd2637e7244238
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45b33343448299e79eac4cf57dcc81be801ea5d411b5008395d1b76da3d3e79
e9953b779c2ece580417ede06340103e3f18f563d31d095f8e45771b8c47cb42
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
efc2ccc1423ff8f228703e1ac416fbfaa6566d24bd9d1121324638f53e0b3fa2
f2bfc0b2ffa4e26071e6d6d8b73d750f6e9f8eb4e021a8ffdb18b84af0b919a3
f6e1d03fdba5449350e855511cddc851e1cfe746de5244202a04cb4585e9a8f6
f92bd0a6ef6def2e4d0baa5a15a0bf81ff454687e81cdd0dd987e128532d2285
fb364636b03d8f57d9d538b0e39d6158fca8b05789242e5caeac25e0a5a4e3c7
fcb530f1b934b39f9ea7a58982bfc9fac44b831ab5744ba0fd304fe8abe42c0f
fd9a6ae5f5c3493aa48d2ffc8a58bbd39f75a52ef461e0d9cd828f298d58bd40

zkp-girokonto-db.vermoegensberater-metzger.de Open in urlscan Pro 94.130.66.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

123 Requests

100 %HTTPS

0 %IPv6

10 Domains

14 Subdomains

13 IPs

2 Countries

7067 kBTransfer

18072 kBSize

5 Cookies

25 Outgoing links

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zkp-girokonto-db.vermoegensberater-metzger.de Open in urlscan Pro
94.130.66.41 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

13
IPs

2
Countries

7067 kB
Transfer

18072 kB
Size

5
Cookies

123 HTTP transactions
6 data transactions