urlscan.io logo urlscan.io
SecurityTrails logo

onedrive.live.com Open in urlscan Pro
13.107.137.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.pkx.ovi.mybluehost.me/
Effective URL: https://onedrive.live.com/personal/ade802bda063b0f3/_layouts/15/Doc.aspx?sourcedoc=%7Bfa6d7225-d709-4168-b6c5-273ba78ee1ec...
Submission: On January 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 13.107.137.11, located in Redmond, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com. The Cisco Umbrella rank of the primary domain is 1635.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on November 2nd 2024. Valid for: 6 months.
This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.241.253.105 46606 (UNIFIEDLA...)
1 1 13.107.42.12 8068 (MICROSOFT...)
1 2 13.107.137.11 8068 (MICROSOFT...)
13 2a02:26f0:278... 20940 (AKAMAI-AS...)
2 2620:1ec:8fa::10 8075 (MICROSOFT...)
1 2a02:26f0:278... 20940 (AKAMAI-AS...)
2 2a02:26f0:710... 20940 (AKAMAI-AS...)
1 2603:1063:200... 8075 (MICROSOFT...)
3 20.42.73.31 8075 (MICROSOFT...)
24 8
1    162.241.253.105 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5785.bluehost.com
www.pkx.ovi.mybluehost.me
1    13.107.42.12 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: 1drv.ms
1drv.ms
2    13.107.137.11 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
onedrive.live.com
13    2a02:26f0:2780:66::217:e3d1 (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
res-1.cdn.office.net
2    2620:1ec:8fa::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
api-badgerp.svc.ms
1    2a02:26f0:2780:68::217:e34e (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
wise-m.public.cdn.office.net
2    2a02:26f0:7100::687e:2531 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
wise.public.cdn.office.net
1    2603:1063:2000::12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
powerpoint.officeapps.live.com
3    20.42.73.31 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
16 office.net
res-1.cdn.office.net — Cisco Umbrella Rank: 270
wise-m.public.cdn.office.net — Cisco Umbrella Rank: 635
wise.public.cdn.office.net — Cisco Umbrella Rank: 2555
433 KB
3 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 94
762 B
3 live.com
onedrive.live.com — Cisco Umbrella Rank: 1635
powerpoint.officeapps.live.com — Cisco Umbrella Rank: 6536
104 KB
2 svc.ms
api-badgerp.svc.ms — Cisco Umbrella Rank: 139163
1 KB
1 1drv.ms
1drv.ms — Cisco Umbrella Rank: 34778
527 B
1 mybluehost.me
www.pkx.ovi.mybluehost.me
457 B
24 6
Domain Requested by
13 res-1.cdn.office.net onedrive.live.com
res-1.cdn.office.net
3 browser.events.data.microsoft.com res-1.cdn.office.net
2 wise.public.cdn.office.net wise-m.public.cdn.office.net
res-1.cdn.office.net
2 api-badgerp.svc.ms res-1.cdn.office.net
2 onedrive.live.com 1 redirects
1 powerpoint.officeapps.live.com
1 wise-m.public.cdn.office.net res-1.cdn.office.net
1 1drv.ms 1 redirects
1 www.pkx.ovi.mybluehost.me 1 redirects
24 9

This site contains no links.

Subject Issuer Validity Valid
onedrive.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-11-02 -
2025-05-01		 6 months crt.sh
*.res.outlook.com
DigiCert SHA2 Secure Server CA		 2024-10-28 -
2025-10-28		 a year crt.sh
svc.ms
Microsoft Azure RSA TLS Issuing CA 04		 2024-08-27 -
2025-08-22		 a year crt.sh
officeapps.live.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-10-10 -
2025-10-05		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-12-27 -
2025-06-25		 6 months crt.sh

This page contains 2 frames:

Primary Page: https://onedrive.live.com/personal/ade802bda063b0f3/_layouts/15/Doc.aspx?sourcedoc=%7Bfa6d7225-d709-4168-b6c5-273ba78ee1ec%7D&action=default&redeem=aHR0cHM6Ly8xZHJ2Lm1zL3AvYy9hZGU4MDJiZGEwNjNiMGYzL0VTVnliZm9KMTJoQnRzVW5PNmVPNGV3QjYwVURmejB3NDc4ZFZqNkRjSDYtckE_ZT1kUmZGNWw&slrid=a75575a1-504c-7000-73f7-3c5bfd610d7b&originalPath=aHR0cHM6Ly8xZHJ2Lm1zL3AvYy9hZGU4MDJiZGEwNjNiMGYzL0VTVnliZm9KMTJoQnRzVW5PNmVPNGV3QjYwVURmejB3NDc4ZFZqNkRjSDYtckE_cnRpbWU9ZUNxVkhYWXYzVWc&CID=82a15e37-b3c1-4ea5-a43c-cf0c19693392&_SRM=0:G:52&file=Ranch_Lake_Association_Webpage.pptx
Frame ID: 49F5C0C4BBD119611C8F0ABDF7C9A68E
Requests: 20 HTTP requests in this frame

Frame: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de-DE&rs=de-DE&WOPISrc=https%3A%2F%2Fmy.microsoftpersonalcontent.com%2Fpersonal%2Fade802bda063b0f3%2F_vti_bin%2Fwopi.ashx%2Ffiles%2Ffa6d7225d7094168b6c5273ba78ee1ec&sc=%7B%22pmo%22%3A%22https%3A%2F%2Fonedrive.live.com%22%2C%22pmshare%22%3Atrue%2C%22redeem%22%3A%22aHR0cHM6Ly8xZHJ2Lm1zL3AvYy9hZGU4MDJiZGEwNjNiMGYzL0VTVnliZm9KMTJoQnRzVW5PNmVPNGV3QjYwVURmejB3NDc4ZFZqNkRjSDYtckE_ZT1kUmZGNWw%22%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=a75575a1-b067-7000-73f7-325a602002fb
Frame ID: 87207021A28B6325A0D6F92BDD2F2AA1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ranch_Lake_Association_Webpage.pptx

Page URL History Show full URLs

  1. https://www.pkx.ovi.mybluehost.me/ HTTP 301
    https://1drv.ms/p/c/ade802bda063b0f3/ESVybfoJ12hBtsUnO6eO4ewB60UDfz0w478dVj6DcH6-rA?e=dRfF5l HTTP 301
    https://onedrive.live.com/:p:/g/personal/ADE802BDA063B0F3/ESVybfoJ12hBtsUnO6eO4ewB60UDfz0w478dVj6DcH6-... HTTP 302
    https://onedrive.live.com/personal/ade802bda063b0f3/_layouts/15/Doc.aspx?sourcedoc=%7Bfa6d7225-d709-41... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • require.*\.js

Page Statistics

24
Requests

96 %
HTTPS

56 %
IPv6

6
Domains

9
Subdomains

8
IPs

3
Countries

536 kB
Transfer

1778 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.pkx.ovi.mybluehost.me/ HTTP 301
    https://1drv.ms/p/c/ade802bda063b0f3/ESVybfoJ12hBtsUnO6eO4ewB60UDfz0w478dVj6DcH6-rA?e=dRfF5l HTTP 301
    https://onedrive.live.com/:p:/g/personal/ADE802BDA063B0F3/ESVybfoJ12hBtsUnO6eO4ewB60UDfz0w478dVj6DcH6-rA?resid=ADE802BDA063B0F3!sfa6d7225d7094168b6c5273ba78ee1ec&ithint=file%2cpptx&e=dRfF5l&migratedtospo=true&redeem=aHR0cHM6Ly8xZHJ2Lm1zL3AvYy9hZGU4MDJiZGEwNjNiMGYzL0VTVnliZm9KMTJoQnRzVW5PNmVPNGV3QjYwVURmejB3NDc4ZFZqNkRjSDYtckE_ZT1kUmZGNWw HTTP 302
    https://onedrive.live.com/personal/ade802bda063b0f3/_layouts/15/Doc.aspx?sourcedoc=%7Bfa6d7225-d709-4168-b6c5-273ba78ee1ec%7D&action=default&redeem=aHR0cHM6Ly8xZHJ2Lm1zL3AvYy9hZGU4MDJiZGEwNjNiMGYzL0VTVnliZm9KMTJoQnRzVW5PNmVPNGV3QjYwVURmejB3NDc4ZFZqNkRjSDYtckE_ZT1kUmZGNWw&slrid=a75575a1-504c-7000-73f7-3c5bfd610d7b&originalPath=aHR0cHM6Ly8xZHJ2Lm1zL3AvYy9hZGU4MDJiZGEwNjNiMGYzL0VTVnliZm9KMTJoQnRzVW5PNmVPNGV3QjYwVURmejB3NDc4ZFZqNkRjSDYtckE_cnRpbWU9ZUNxVkhYWXYzVWc&CID=82a15e37-b3c1-4ea5-a43c-cf0c19693392&_SRM=0:G:52&file=Ranch_Lake_Association_Webpage.pptx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Doc.aspx
onedrive.live.com/personal/ade802bda063b0f3/_layouts/15/
Redirect Chain
  • https://www.pkx.ovi.mybluehost.me/
  • https://1drv.ms/p/c/ade802bda063b0f3/ESVybfoJ12hBtsUnO6eO4ewB60UDfz0w478dVj6DcH6-rA?e=dRfF5l
  • https://onedrive.live.com/:p:/g/personal/ADE802BDA063B0F3/ESVybfoJ12hBtsUnO6eO4ewB60UDfz0w478dVj6DcH6-rA?resid=ADE802BDA063B0F3!sfa6d7225d7094168b6c5273ba78ee1ec&ithint=file%2cpptx&e=dRfF5l&migrate...
  • https://onedrive.live.com/personal/ade802bda063b0f3/_layouts/15/Doc.aspx?sourcedoc=%7Bfa6d7225-d709-4168-b6c5-273ba78ee1ec%7D&action=default&redeem=aHR0cHM6Ly8xZHJ2Lm1zL3AvYy9hZGU4MDJiZGEwNjNiMGYzL...
142 KB
100 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onedrive.live.com/personal/ade802bda063b0f3/_layouts/15/Doc.aspx?sourcedoc=%7Bfa6d7225-d709-4168-b6c5-273ba78ee1ec%7D&action=default&redeem=aHR0cHM6Ly8xZHJ2Lm1zL3AvYy9hZGU4MDJiZGEwNjNiMGYzL0VTVnliZm9KMTJoQnRzVW5PNmVPNGV3QjYwVURmejB3NDc4ZFZqNkRjSDYtckE_ZT1kUmZGNWw&slrid=a75575a1-504c-7000-73f7-3c5bfd610d7b&originalPath=aHR0cHM6Ly8xZHJ2Lm1zL3AvYy9hZGU4MDJiZGEwNjNiMGYzL0VTVnliZm9KMTJoQnRzVW5PNmVPNGV3QjYwVURmejB3NDc4ZFZqNkRjSDYtckE_cnRpbWU9ZUNxVkhYWXYzVWc&CID=82a15e37-b3c1-4ea5-a43c-cf0c19693392&_SRM=0:G:52&file=Ranch_Lake_Association_Webpage.pptx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.137.11 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
dc0c566122feb5cbd9f5e3586d7604e634968f32b7d017ad7900acca478f0ec4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com app.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443";ma=86400
cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com app.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
content-type
text/html; charset=utf-8
date
Tue, 07 Jan 2025 23:50:50 GMT
expires
-1
microsoftsharepointteamservices
16.0.0.25506
ms-cv
oXVVp2ewAHBz9zJaYCAC+w.0
nel
{"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
pragma
no-cache
referrer-policy
no-referrer, strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=9188040d-6c67-4c5b-b112-36a304b66dad&destinationEndpoint=Edge-Prod-LON21r5i&frontEnd=AFD&RemoteIP=217.114.215.0"}]}
request-id
a75575a1-b067-7000-73f7-325a602002fb
server-timing
LT; desc=0, RS; desc=G, RD; dur=52
sprequestguid
a75575a1-b067-7000-73f7-325a602002fb
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-1dscollectorurl
https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl
https://browser.pipe.aria.microsoft.com/Collector/3.0/
x-aspnet-version
4.0.30319
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-databoundary
NONE
x-frame-options
SAMEORIGIN
x-ms-invokeapp
1; RequireReadOnly
x-msedge-ref
Ref A: ED27C297EE3D41D2AC760584121EF6E8 Ref B: LON21EDGE2607 Ref C: 2025-01-07T23:50:50Z
x-networkstatistics
0,525568,0,0,169795,0,42092,103
x-powered-by
ASP.NET
x-sharepointhealthscore
0

Redirect headers

alt-svc
h3=":443";ma=86400
cache-control
private
content-length
702
content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com app.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
content-type
text/html; charset=utf-8
date
Tue, 07 Jan 2025 23:50:50 GMT
location
https://onedrive.live.com/personal/ade802bda063b0f3/_layouts/15/Doc.aspx?sourcedoc=%7Bfa6d7225-d709-4168-b6c5-273ba78ee1ec%7D&action=default&redeem=aHR0cHM6Ly8xZHJ2Lm1zL3AvYy9hZGU4MDJiZGEwNjNiMGYzL0VTVnliZm9KMTJoQnRzVW5PNmVPNGV3QjYwVURmejB3NDc4ZFZqNkRjSDYtckE_ZT1kUmZGNWw&slrid=a75575a1-504c-7000-73f7-3c5bfd610d7b&originalPath=aHR0cHM6Ly8xZHJ2Lm1zL3AvYy9hZGU4MDJiZGEwNjNiMGYzL0VTVnliZm9KMTJoQnRzVW5PNmVPNGV3QjYwVURmejB3NDc4ZFZqNkRjSDYtckE_cnRpbWU9ZUNxVkhYWXYzVWc&CID=82a15e37-b3c1-4ea5-a43c-cf0c19693392&_SRM=0:G:52&file=Ranch_Lake_Association_Webpage.pptx
microsoftsharepointteamservices
16.0.0.25506
ms-cv
oXVVp0xQAHBz9zxb/WENew.0
nel
{"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
report-to
{"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=9188040d-6c67-4c5b-b112-36a304b66dad&destinationEndpoint=Edge-Prod-LON21r5i&frontEnd=AFD&RemoteIP=217.114.215.0"}]}
request-id
a75575a1-504c-7000-73f7-3c5bfd610d7b
spiislatency
7
sprequestduration
254
sprequestguid
a75575a1-504c-7000-73f7-3c5bfd610d7b
strict-transport-security
max-age=31536000
x-1dscollectorurl
https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl
https://browser.pipe.aria.microsoft.com/Collector/3.0/
x-aspnet-version
4.0.30319
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-databoundary
NONE
x-frame-options
SAMEORIGIN
x-ms-invokeapp
1; RequireReadOnly
x-ms-spo-cookievalidator
G20Ik2ggZ7vDnKvgLaR3L7E8yEIdWFLRvVMrEVp8v3cpBkle0B1/KjihXx8M2heaSGhcy3BM2DNTImlfYBNCYdm3thXJXze1I1W630S2h5axYnomjmDGcrfu6IukSVMCBZCFkwI/PxS5gju2GeVNcQS3r1Ll/mNjR+aH4XrodL6j7zORHY1VCLsU2Jec8PFyF75QEyoShjK7zsbD/x8XqBDIU2fLFjzbbl03W1UGUpFUcdNI5WkUWYzU+rNTm9rTd4lmBVyQIRpuOj71tgZ6/i3KJ4jEnYVfct7q/Sab6ilsWiJstHtCtoMaplWJm2PHWkbRR9rOsURLULEM9YhcQA==
x-msedge-ref
Ref A: 3DF7D78A4522464DA72F10FCA8DE0BAE Ref B: LON21EDGE2607 Ref C: 2025-01-07T23:50:50Z
x-networkstatistics
0,525568,0,0,169361,0,37294,103
x-powered-by
ASP.NET
x-sharepointhealthscore
0
require.js
res-1.cdn.office.net/bld/_layouts/15/16.0.25506.12021/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/bld/_layouts/15/16.0.25506.12021/require.js
Requested by
Host: onedrive.live.com
URL: https://onedrive.live.com/personal/ade802bda063b0f3/_layouts/15/Doc.aspx?sourcedoc=%7Bfa6d7225-d709-4168-b6c5-273ba78ee1ec%7D&action=default&redeem=aHR0cHM6Ly8xZHJ2Lm1zL3AvYy9hZGU4MDJiZGEwNjNiMGYzL0VTVnliZm9KMTJoQnRzVW5PNmVPNGV3QjYwVURmejB3NDc4ZFZqNkRjSDYtckE_ZT1kUmZGNWw&slrid=a75575a1-504c-7000-73f7-3c5bfd610d7b&originalPath=aHR0cHM6Ly8xZHJ2Lm1zL3AvYy9hZGU4MDJiZGEwNjNiMGYzL0VTVnliZm9KMTJoQnRzVW5PNmVPNGV3QjYwVURmejB3NDc4ZFZqNkRjSDYtckE_cnRpbWU9ZUNxVkhYWXYzVWc&CID=82a15e37-b3c1-4ea5-a43c-cf0c19693392&_SRM=0:G:52&file=Ranch_Lake_Association_Webpage.pptx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:66::217:e3d1 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
2d92f0ce8491d2f9a27ea16d261a15089c4a9be879d1eedcb6f4a3859e7f1999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
gzip
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.cbc41402.1736293851.513c91f0&TotalRTCDNTime=23&CompressionType=gzip&FileSize=6643"}],"include_subdomains ":true}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=23, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Tue, 07 Jan 2025 23:50:51 GMT
last-modified
Sat, 21 Dec 2024 05:45:23 GMT
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=630720000
ak-network
ESSL
timing-allow-origin
*
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
akamai-request-bc
[a=2.20.196.203,b=1362924016,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
435741d5-001e-000c-509c-53689f000000
access-control-allow-origin
*
content-length
6643
FavIcon_Ppt.ico
res-1.cdn.office.net/officeonline/pods/s/h25FD28BFF140E152_resources/1033/ 		8 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/pods/s/h25FD28BFF140E152_resources/1033/FavIcon_Ppt.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:66::217:e3d1 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
25fd28bff140e1521f3d4cdd797ecd5519d726d8bc825b7fd5516c2fe7a12405
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.cbc41402.1736293851.513c921c&TotalRTCDNTime=24&CompressionType=&FileSize=7886"}],"include_subdomains ":true}
server-timing
clientrtt; dur=24, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status
Hit from child
x-cdn-provider
Akamai
date
Tue, 07 Jan 2025 23:50:51 GMT
content-type
image/x-icon
last-modified
Fri, 03 Jan 2025 13:32:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=630720000
ak-network
ESSL
timing-allow-origin
*
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
akamai-request-bc
[a=2.20.196.203,b=1362924060,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
5ddf2087-501e-0011-37f0-5d6523000000
access-control-allow-origin
*
content-length
7886
initial.resx.js
res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/de/ 		980 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/de/initial.resx.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/bld/_layouts/15/16.0.25506.12021/require.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:2780:66::217:e3d1 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
a8ee7e71e59b5aa1bbb1a7942a9af29809b6123a6a4bb7c0772d71b0359f7ead
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.d1c41402.1736293851.528623c5&TotalRTCDNTime=24&CompressionType=br&FileSize=436"}],"include_subdomains ":true}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=24, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Tue, 07 Jan 2025 23:50:51 GMT
last-modified
Wed, 11 Dec 2024 07:23:47 GMT
x-ms-meta-sourceid
D48045319A538B3FD07053D5A92E34C53E41EFEBDA88C98435564C7E8D2410DB00
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-meta-sourcebuild
odsp-web-prod_2024-12-06.011
cache-control
public, max-age=630720000
ak-network
ESSL
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
akamai-request-bc
[a=2.20.196.209,b=1384522693,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
cc0482e0-e01e-0059-0345-4c7814000000
quic-version
0x00000001
access-control-allow-origin
*
content-length
436
wacodcowlhostwebpack.js
res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/ 		776 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/wacodcowlhostwebpack.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/bld/_layouts/15/16.0.25506.12021/require.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:2780:66::217:e3d1 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
68d53a6847a5a90e2346f9c5e77db18f9f01e850c42a370255eb6b007d1edd9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.d1c41402.1736293851.528623c6&TotalRTCDNTime=24&CompressionType=br&FileSize=199640"}],"include_subdomains ":true}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=24, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Tue, 07 Jan 2025 23:50:51 GMT
last-modified
Wed, 11 Dec 2024 07:23:46 GMT
x-ms-meta-sourceid
64B088C8DC4748CF140B87E9625FB08E54192BA5D0C091FB52A07EE467049BDB00
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-meta-sourcebuild
odsp-web-prod_2024-12-06.011
cache-control
public, max-age=630720000
ak-network
ESSL
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
akamai-request-bc
[a=2.20.196.209,b=1384522694,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
86e6d9fc-501e-004c-693b-4c6fa7000000
quic-version
0x00000001
access-control-allow-origin
*
content-length
199640
13.js
res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/ 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/13.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/wacodcowlhostwebpack.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:2780:66::217:e3d1 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
502602b6934e59554d7d2f3e75b0c90e0d85cbfee3cb201f2db8d38d57daa6fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.d1c41402.1736293851.5286246b&TotalRTCDNTime=24&CompressionType=br&FileSize=39226"}],"include_subdomains ":true}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=24, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Tue, 07 Jan 2025 23:50:51 GMT
last-modified
Wed, 11 Dec 2024 07:23:38 GMT
x-ms-meta-sourceid
AAE8786583FB462101321135417E11B7E1E935E5824ED37E78FC516C6BCEF82D00
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-meta-sourcebuild
odsp-web-prod_2024-12-06.011
cache-control
public, max-age=630720000
ak-network
ESSL
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
akamai-request-bc
[a=2.20.196.209,b=1384522859,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
6fc067e2-901e-001e-713b-4c134f000000
quic-version
0x00000001
access-control-allow-origin
*
content-length
39226
token
api-badgerp.svc.ms/v1.0/ 		990 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-badgerp.svc.ms/v1.0/token
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/wacodcowlhostwebpack.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:8fa::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
ad20635d51a5bba011e5a09f3966dcb29a950c9b8bda7b665775a70baa1aa3fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://onedrive.live.com/

Response headers

cache-control
no-cache
x-aspnet-version
4.0.30319
pragma
no-cache
x-msedge-ref
Ref A: 8FBD67E1771246638FC1AD81DFA16264 Ref B: FRA231050412053 Ref C: 2025-01-07T23:50:51Z
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
expires
-1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
990
date
Tue, 07 Jan 2025 23:50:51 GMT
content-type
application/json; charset=utf-8
x-powered-by
ASP.NET
access-control-allow-headers
appid,cache-control,canary,content-type,x-forcecache,authorization
token
api-badgerp.svc.ms/v1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-badgerp.svc.ms/v1.0/token
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:8fa::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://onedrive.live.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
appid,cache-control,canary,content-type,x-forcecache,authorization
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
allow
OPTIONS, TRACE, GET, HEAD, POST
content-length
0
date
Tue, 07 Jan 2025 23:50:51 GMT
public
OPTIONS, TRACE, GET, HEAD, POST
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 67CCBECBE6D9464BA259CD4E0835345A Ref B: FRA231050412053 Ref C: 2025-01-07T23:50:51Z
x-powered-by
ASP.NET
manifest.js
wise-m.public.cdn.office.net/wise-m/owl/5mttl/production/50/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wise-m.public.cdn.office.net/wise-m/owl/5mttl/production/50/manifest.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/wacodcowlhostwebpack.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:68::217:e34e , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
f36f9289dd120295002977786309e79417e580dbb5c1b3e265c8ea1a3c960086
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.56c41402.1736293852.383f1e71&TotalRTCDNTime=24&CompressionType=br&FileSize=2587"}],"include_subdomains ":true}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=24, clienttt; dur=2, origin; dur=0 , cdntime; dur=2
x-cdn-provider
Akamai
akamai-cache-status
RefreshHit from child, Hit from parent
date
Tue, 07 Jan 2025 23:50:52 GMT
last-modified
Fri, 20 Dec 2024 07:46:11 GMT
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=300
ak-network
ESSL
timing-allow-origin
*
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
akamai-request-bc
[a=2.20.196.86,b=943660657,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
cafc688b-101e-005d-42b3-52f513000000
access-control-allow-origin
*
content-length
2587
FavIcon_Ppt.ico
res-1.cdn.office.net/officeonline/pods/s/h25FD28BFF140E152_resources/1033/ 		8 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/officeonline/pods/s/h25FD28BFF140E152_resources/1033/FavIcon_Ppt.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2780:66::217:e3d1 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
25fd28bff140e1521f3d4cdd797ecd5519d726d8bc825b7fd5516c2fe7a12405

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.cbc41402.1736293851.513c921c&TotalRTCDNTime=24&CompressionType=&FileSize=7886"}],"include_subdomains ":true}
server-timing
clientrtt; dur=24, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Tue, 07 Jan 2025 23:50:51 GMT
content-type
image/x-icon
last-modified
Fri, 03 Jan 2025 13:32:23 GMT
cache-control
max-age=630720000
ak-network
ESSL
timing-allow-origin
*
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
akamai-request-bc
[a=2.20.196.203,b=1362924060,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
5ddf2087-501e-0011-37f0-5d6523000000
access-control-allow-origin
*
content-length
7886
owl.slim.8ee466e4c2214560a61c.js
wise.public.cdn.office.net/wise/owl/ 		176 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wise.public.cdn.office.net/wise/owl/owl.slim.8ee466e4c2214560a61c.js
Requested by
Host: wise-m.public.cdn.office.net
URL: https://wise-m.public.cdn.office.net/wise-m/owl/5mttl/production/50/manifest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:2531 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
7f2404e6a676960c6b9c5899e868e7bc80615788a98aa1d11202a406626194c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.2d257e68.1736293852.1fddaf54&TotalRTCDNTime=24&CompressionType=br&FileSize=47821"}],"include_subdomains ":true}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=24, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Tue, 07 Jan 2025 23:50:52 GMT
last-modified
Wed, 11 Dec 2024 18:06:59 GMT
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=630720000
ak-network
ESSL
timing-allow-origin
*
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
akamai-request-bc
[a=104.126.37.45,b=534622036,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
2c5ce403-b01e-0036-2af9-4b72e7000000
access-control-allow-origin
*
content-length
47821
powerpoint.app.boot.1e97b7666880c86e3838.js
wise.public.cdn.office.net/wise/owl/ 		163 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wise.public.cdn.office.net/wise/owl/powerpoint.app.boot.1e97b7666880c86e3838.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/wacodcowlhostwebpack.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:7100::687e:2531 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
295df1362fbd3b86350b661ecf10fa05a8e704e4f2695e567be422d5c57b7155
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.2d257e68.1736293852.1fddaf66&TotalRTCDNTime=23&CompressionType=br&FileSize=41342"}],"include_subdomains ":true}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=23, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Tue, 07 Jan 2025 23:50:52 GMT
last-modified
Wed, 11 Dec 2024 18:06:59 GMT
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=630720000
ak-network
ESSL
timing-allow-origin
*
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
akamai-request-bc
[a=104.126.37.45,b=534622054,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
59e0a770-f01e-0018-76f9-4b20f0000000
quic-version
0x00000001
access-control-allow-origin
*
content-length
41342
ondemand.resx.js
res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/de/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/de/ondemand.resx.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/wacodcowlhostwebpack.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:2780:66::217:e3d1 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
ca4d7063b4e3b4934645d1c7f6413c067b965bd61e915f0b7827673431a31d97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.d1c41402.1736293852.52862823&TotalRTCDNTime=24&CompressionType=br&FileSize=1972"}],"include_subdomains ":true}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=24, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Tue, 07 Jan 2025 23:50:52 GMT
last-modified
Wed, 11 Dec 2024 07:23:42 GMT
x-ms-meta-sourceid
CE5A499A978BD548F70770F0333BCB5B0DF968988FE659AD68BF9CDDA2FFE68A00
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-meta-sourcebuild
odsp-web-prod_2024-12-06.011
cache-control
public, max-age=630720000
ak-network
ESSL
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
akamai-request-bc
[a=2.20.196.209,b=1384523811,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
e480c8b2-401e-0040-1d45-4cf8af000000
quic-version
0x00000001
access-control-allow-origin
*
content-length
1972
0.js
res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/0.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/wacodcowlhostwebpack.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:2780:66::217:e3d1 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
aa072f1e04c3e45ffaf43643951aad8ea7f9a432086a6cb29e5134d39b3f0d28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.d1c41402.1736293852.52862827&TotalRTCDNTime=24&CompressionType=br&FileSize=16939"}],"include_subdomains ":true}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=24, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Tue, 07 Jan 2025 23:50:52 GMT
last-modified
Wed, 11 Dec 2024 07:23:38 GMT
x-ms-meta-sourceid
8059567F966AE6E48F81FDE2493F012559C6B187A05EAB181351A782B1DA431000
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-meta-sourcebuild
odsp-web-prod_2024-12-06.011
cache-control
public, max-age=630720000
ak-network
ESSL
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
akamai-request-bc
[a=2.20.196.209,b=1384523815,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
6fc06ac1-901e-001e-193b-4c134f000000
quic-version
0x00000001
access-control-allow-origin
*
content-length
16939
1.js
res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/ 		113 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/1.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/wacodcowlhostwebpack.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:2780:66::217:e3d1 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
ffd91b6c72afe5c7a699a0e11124ad4353b3f7f65e094e07c61e38b07591bc25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.d1c41402.1736293852.52862828&TotalRTCDNTime=24&CompressionType=br&FileSize=28026"}],"include_subdomains ":true}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=24, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Tue, 07 Jan 2025 23:50:52 GMT
last-modified
Wed, 11 Dec 2024 07:23:42 GMT
x-ms-meta-sourceid
DFBC6D46189335CFC1B572D00E5DC392A02B3B66AB97B2044DE1547D3886A15300
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-meta-sourcebuild
odsp-web-prod_2024-12-06.011
cache-control
public, max-age=630720000
ak-network
ESSL
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
akamai-request-bc
[a=2.20.196.209,b=1384523816,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
197fd62b-601e-001a-3f3b-4c9e48000000
quic-version
0x00000001
access-control-allow-origin
*
content-length
28026
2.js
res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/2.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/wacodcowlhostwebpack.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:2780:66::217:e3d1 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
4da2ade9f3f9ec1c59456b3cc9fc38c352c99a532f693ae8764079402318aa62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.d1c41402.1736293852.52862829&TotalRTCDNTime=24&CompressionType=br&FileSize=10220"}],"include_subdomains ":true}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=24, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Tue, 07 Jan 2025 23:50:52 GMT
last-modified
Wed, 11 Dec 2024 07:23:43 GMT
x-ms-meta-sourceid
5AC0D8D46C9E2AFD86C0A133C43C1358F7D0C272B283CD728B92EB0908FF21EB00
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-meta-sourcebuild
odsp-web-prod_2024-12-06.011
cache-control
public, max-age=630720000
ak-network
ESSL
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
akamai-request-bc
[a=2.20.196.209,b=1384523817,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
d94fa439-201e-0046-523b-4ccb10000000
quic-version
0x00000001
access-control-allow-origin
*
content-length
10220
4.js
res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/4.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/wacodcowlhostwebpack.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:2780:66::217:e3d1 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
6340fb003cc2c4b6745a61fa85b2bcd0be833c58cbe6d199d9a4e2fda7326e7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.d1c41402.1736293852.5286282a&TotalRTCDNTime=24&CompressionType=br&FileSize=4704"}],"include_subdomains ":true}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=24, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Tue, 07 Jan 2025 23:50:52 GMT
last-modified
Wed, 11 Dec 2024 07:23:43 GMT
x-ms-meta-sourceid
3C1E214E7DD581AF0C4EDAAA81A28C637DA03B8581119326D4B9130B1726003600
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-meta-sourcebuild
odsp-web-prod_2024-12-06.011
cache-control
public, max-age=630720000
ak-network
ESSL
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
akamai-request-bc
[a=2.20.196.209,b=1384523818,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
b8d21021-001e-0041-543b-4ca773000000
quic-version
0x00000001
access-control-allow-origin
*
content-length
4704
47.js
res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/ 		126 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/47.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/wacodcowlhostwebpack.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:2780:66::217:e3d1 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
155c98bfdec401729242ca54fb171415b091619cdee047b526673c604ea1e2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.d1c41402.1736293852.52862864&TotalRTCDNTime=24&CompressionType=br&FileSize=32119"}],"include_subdomains ":true}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=24, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Tue, 07 Jan 2025 23:50:52 GMT
last-modified
Wed, 11 Dec 2024 07:23:42 GMT
x-ms-meta-sourceid
68C85FB762692B8E1832F6D2A788F3335D6613763BF870516FE582A605112D8F00
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-meta-sourcebuild
odsp-web-prod_2024-12-06.011
cache-control
public, max-age=630720000
ak-network
ESSL
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
akamai-request-bc
[a=2.20.196.209,b=1384523876,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
2798a2e8-d01e-0052-203b-4c837f000000
quic-version
0x00000001
access-control-allow-origin
*
content-length
32119
PowerPointFrame.aspx
powerpoint.officeapps.live.com/p/ Frame 8720 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=de-DE&rs=de-DE&WOPISrc=https%3A%2F%2Fmy.microsoftpersonalcontent.com%2Fpersonal%2Fade802bda063b0f3%2F_vti_bin%2Fwopi.ashx%2Ffiles%2Ffa6d7225d7094168b6c5273ba78ee1ec&sc=%7B%22pmo%22%3A%22https%3A%2F%2Fonedrive.live.com%22%2C%22pmshare%22%3Atrue%2C%22redeem%22%3A%22aHR0cHM6Ly8xZHJ2Lm1zL3AvYy9hZGU4MDJiZGEwNjNiMGYzL0VTVnliZm9KMTJoQnRzVW5PNmVPNGV3QjYwVURmejB3NDc4ZFZqNkRjSDYtckE_ZT1kUmZGNWw%22%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=a75575a1-b067-7000-73f7-325a602002fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-security-policy-report-only
font-src data: 'self' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net res.public.onecdn.static.microsoft https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com pmservices.cp.microsoft.com paymentinstruments.mp.microsoft.com paymentinstruments-int.mp.microsoft.com edge.payments.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net res.public.onecdn.static.microsoft *.youtube.com s.ytimg.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net res.public.onecdn.static.microsoft https:; media-src blob: *.skype.com *.skypeassets.com *.officeapps.live.com https:; object-src 'self' *.youtube.com s.ytimg.com https:; child-src blob: * https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /p/reportcsp.ashx?sessionId=3e972815-31db-41ad-b002-39a7d92f17c2
content-type
text/html; charset=utf-8
date
Tue, 07 Jan 2025 23:50:51 GMT
document-policy
js-profiling,include-js-call-stacks-in-crash-reports
expires
-1
nel
{"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.001,"failure_fraction":1.0}
origin-agent-cluster
?1
origin-trial
AtFKAQdG+ydQM/bvbc5Qxv930XARVdP6iEmsQLrizs1HYDZnXMf7/f8oOaknwmnnXoTmlFWim3Ptj/bW7MfeElEAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNzQ0MzA5NDUyfQ== AhQJUzE5LCv5KHvmQov3fZhTT0W3oRbJWD7uk+pw4EemPcV5dWZzr8wiGtZj/dh81uDAw0I9lZ30j8otVRSRQwYAAABkeyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://powerpointonline.nelsdf.measure.office.net/api/report?FrontEnd=AFD&DestinationEndpoint=Edge-Prod-FRA23r5b&DC=PNL1&FileSource=SharePointOnlineConsumer"}]}
reporting-endpoints
default="https://powerpoint.officeapps.live.com/p/BrowserReportingHandler.ashx"
server-timing
prerender;dur=27,render;dur=0,total;dur=27
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
3e972815-31db-41ad-b002-39a7d92f17c2
x-msedge-features
afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest_control
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest_control
x-msedge-ref
Ref A: 7273E38FE0134677830931C8E7447B74 Ref B: FRA231050414029 Ref C: 2025-01-07T23:50:52Z
x-officecluster
PNL1
x-officefd
AM4PEPF0002D66F
x-officefe
AM4PEPF0002D66F
x-officeversion
16.0.18417.40506
x-partitioning-enabled
true
x-usersessionid
3e972815-31db-41ad-b002-39a7d92f17c2
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.73.31 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://onedrive.live.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://onedrive.live.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 07 Jan 2025 23:50:53 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		0
0
23.js
res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/ 		433 B
296 B 		Script
General
Check archive.org
Download Go to
Full URL
https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/23.js
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/wacodcowlhostwebpack.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:2780:66::217:e3d1 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
daa2b0afc66929ef88a8b63cd4a2e569372432f18b28557417ada34e45940e12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://onedrive.live.com
Referer
https://onedrive.live.com/

Response headers

access-control-expose-headers
date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
content-encoding
br
report-to
{"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=FRANKFURT&ASN=20940&Country=DE&Region=HE&RequestIdentifier=0.d1c41402.1736293853.52862fa5&TotalRTCDNTime=24&CompressionType=br&FileSize=251"}],"include_subdomains ":true}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=93600
server-timing
clientrtt; dur=24, clienttt; dur=, origin; dur=0 , cdntime; dur=0
x-cdn-provider
Akamai
akamai-cache-status
Hit from child
date
Tue, 07 Jan 2025 23:50:53 GMT
last-modified
Wed, 11 Dec 2024 07:23:45 GMT
x-ms-meta-sourceid
7777788D8EA1B4BE972F5A985D2AEA1A5A975C338EAEBA4D87FD9F9BD944357900
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-meta-sourcebuild
odsp-web-prod_2024-12-06.011
cache-control
public, max-age=630720000
ak-network
ESSL
nel
{"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
timing-allow-origin
*
akamai-request-bc
[a=2.20.196.209,b=1384525733,c=g,n=DE_HE_FRANKFURT,o=20940]
x-ms-request-id
86e6eb5f-501e-004c-173b-4c6fa7000000
quic-version
0x00000001
access-control-allow-origin
*
content-length
251
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.73.31 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://onedrive.live.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-allow-origin
https://onedrive.live.com
access-control-max-age
3600
cache-control
public, 3600
content-length
0
date
Tue, 07 Jan 2025 23:50:53 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: res-1.cdn.office.net
URL: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.42.73.31 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
8781c39d8de27fe4337ba7e2e94f5a6720f790b5474b809ffd14c0a5af818a9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

cache-control
no-cache, no-store
Referer
https://onedrive.live.com/
Client-Id
NO_AUTH
upload-time
1736293853763
time-delta-to-apply-millis
use-collector-delta
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/x-json-stream
client-version
1DS-Web-JS-3.2.15
apikey
a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157

Response headers

strict-transport-security
max-age=31536000
access-control-expose-headers
time-delta-millis
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-origin
https://onedrive.live.com
content-length
153
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
date
Tue, 07 Jan 2025 23:50:54 GMT
content-type
application/json
server
Microsoft-HTTPAPI/2.0
time-delta-millis
1183
access-control-allow-headers
P3P,Set-Cookie,time-delta-millis

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| wopiDiagClient object| _wopiContextJson string| appName string| bootstrapperUrl object| wopiAuthInfo object| _spPageContextInfo object| wopiDiagServer string| docTypeHint boolean| refreshIfTokenExpired string| refreshUri string| clientThrottlingProtection string| requestedCallThrottling boolean| supportsCommonFilePicker boolean| supportsCustomAuthConfig object| $Config object| FilesConfig object| Flight object| WacConfig object| __tti number| g_responseEnd object| FabricConfig string| __odsp_culture object| __odspSriHashes object| _spModuleLink function| requirejs function| require function| define object| __odsp_cdnConfig string| __backupBaseUrl object| __cdnFailOverState function| bootWacHost number| g_duration number| g_iisLatency number| g_cpuDuration number| g_queryCount number| g_queryDuration number| g_requireJSDone object| odspNextWebpackJsonp object| __webpack_result__ function| __debugSetKillSwitch object| ODSP_TELEMETRY_MANAGER function| __onbeforeunload object| __stylesheet__ object| __globalSettings__ object| __themeState__ object| __packages__ object| _perfMarks object| __testHooks object| CUSTOMERPROMISE_MANAGER object| __debugLoggerContext boolean| __wroteSessionId object| __events__ object| __dynProto$Gbl function| owlManifestFactory object| Microsoft object| webpackChunkMicrosoft_Office_OWL number| __currentId__ object| __ko

14 Cookies

Domain/Path Name / Value
onedrive.live.com/ Name: FedAuth
Value: 77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjE0LDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY2ODFlOWMxNGM5YzMyZGY0ZGVkZjk4OGQzYzU3YzBjODg5NmRkNTlkZTY2ODg4NTgwZDY4ZmVlOWM4OGQ2YWEsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjY4MWU5YzE0YzljMzJkZjRkZWRmOTg4ZDNjNTdjMGM4ODk2ZGQ1OWRlNjY4ODg1ODBkNjhmZWU5Yzg4ZDZhYSwxMzM4MDc2Nzc1MDAwMDAwMDAsMCwxMzM4MDg1Mzg1MDUyODM1NjAsMC4wLjAuMCwyNTgsOTE4ODA0MGQtNmM2Ny00YzViLWIxMTItMzZhMzA0YjY2ZGFkLCwsYTc1NTc1YTEtNTA0Yy03MDAwLTczZjctM2M1YmZkNjEwZDdiLGE3NTU3NWExLTUwNGMtNzAwMC03M2Y3LTNjNWJmZDYxMGQ3Yixic1QvQWtQTGIwSzYxeHVaanN1WFdRLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE3MDEsdVhlaFFKUGxlVmpOQ2Jha1VoR0Q2SXlGUVFrLFp4QmdjSTVObnNRQ1RQWWZHSHBLU0ZJeGFPQSxHMjBJazJnZ1o3dkRuS3ZnTGFSM0w3RTh5RUlkV0ZMUnZWTXJFVnA4djNjcEJrbGUwQjEvS2ppaFh4OE0yaGVhU0doY3kzQk0yRE5USW1sZllCTkNZZG0zdGhYSlh6ZTFJMVc2MzBTMmg1YXhZbm9tam1ER2NyZnU2SXVrU1ZNQ0JaQ0Zrd0kvUHhTNWdqdTJHZVZOY1FTM3IxTGwvbU5qUithSDRYcm9kTDZqN3pPUkhZMVZDTHNVMkplYzhQRnlGNzVRRXlvU2hqSzd6c2JEL3g4WHFCRElVMmZMRmp6YmJsMDNXMVVHVXBGVWNkTkk1V2tVV1l6VStyTlRtOXJUZDRsbUJWeVFJUnB1T2o3MXRnWjYvaTNLSjRqRW5ZVmZjdDdxL1NhYjZpbHNXaUpzdEh0Q3RvTWFwbFdKbTJQSFdrYlJSOXJPc1VSTFVMRU05WWhjUUE9PTwvU1A+
onedrive.live.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 317c1572-44af-48fc-95de-dc6c52b727f4
onedrive.live.com/ Name: ai_session
Value: isp0+gvxPIGNvrsgXPEgmv|1736293851519|1736293851762
powerpoint.officeapps.live.com/ Name: BIGipCookie
Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
.oauth.officeapps.live.com/ Name: PNL1-ARRAffinity
Value: 7a0f188831cd9fea51b53b5d3d8dc923155afecb4bc4a286819b8047be6aa43c
login.microsoftonline.com/ Name: fpc
Value: AiOnM5HhL-FGl6ioa4FUxGM
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1736293853&co=1
.login.live.com/ Name: uaid
Value: 047d9f6fe60a488facab789a0e40f618
.login.live.com/ Name: OParams
Value: 11O.DudRsqkRFkO1jWGv*4QHVnFODq*agtNYb*LyhrbCyIZ5Qwp!*r8zf8hkF4SXy*L0lXJ8AKSS1LhXHWLJfPisMHwtaND0biv8AdtPYz7ILzpX5pTWM3C8tAJhfiJn3S7fgoJ08bU8sla701Qc!ABFSGnJptnPdSAn4U3PHaZ6M!zKsImDpgmJ9w2YERjKwOdDnxg8CieG0*K1DeH49o2YWlX7YKJUkiv9C3RL0wbDzb77tcyfsXPfAhLBZbe!nlMaNCaamcyiyldY5vNzBSOJ6tf4UOz8xvxyb6WSKC*SWYM7ADPIA9z2d60iSvo2VbxO!MK9G*OhlLd64kgBBSH2zI*vMDgDfLfLhY7wqHfA*9oPxSHJL8d2tQZZPkTjs8rb5afYuIclNSMQcTLMXbQ3Sl5TmlqRojO7Ikp!MUmKLWtBcgDzAAzP5afK1DsfGqrfD6DjE4gCFZp9n2Qi2tGW0w1HIVRM8woqTm5fxzshrF5viUcOtG5w4jhJ0hsqpieMTwrFKChVcPUIMQ4DXtGnxHPKSug3xq4CL7EEDI7ESFTjQbyf0!!6D8lXMZYOyBeG7BnQDovaLvBA4kkInbniv*ExlW*bSyM*HVylUUp9F!niGNO3njzNyi*oRf6kyZIYd5aKMXxH08rpSFIKNTPdzKaFccXXC0tC7kersxsOXWtkW7bT9YExFTph9r!lHnMOMDQdiRKKeBZDwX4bRp*gm!R5sEngEhhOyib8kW8gNioa51BnoTbRRSxlN463M5Z0vviJlZFsePMQ3ofdwsqt9rR8ZFvDrNP*KxepMn54DJT4f4Ko!49JR*2b4KombEgRUfvujltMW1Yn1Qc32YdJco2JX037EdcDu3*bdRGLPq6tQ9Nc9EcHN8QFL4mZ8OMWjM5MzTAYMuTKhlcUavRlMHf!AVLTmUKyFXu9Ktyzevjsz9HURSAf0Qvs2tR9YykI9SoNRHT6RSsg4DmamykjEZMPa!Zd3D71*UkNT4kDYgoaOmEJNS*rUrnR5W2rqJ4CfmjQ3TZSR*irDgpmY0irfv8WNIt6oe9MS6GAA0zn07oQz!v8yphv9mks5SvdzoF723wKhE5tPofHcAI!Zx50J4aL7*thf*beSnTdxCkFCRXK5hvSNpgRa7pGFdrOuECbMVHs0Sg4bB6yYFWVFzZASTE$
.microsoft.com/ Name: MC1
Value: GUID=ef0476435b3e458a836abdfcef51b369&HASH=ef04&LV=202501&V=4&LU=1736293854946
.microsoft.com/ Name: MS0
Value: 93f1a9a9381b47219213d7adbc009698
onedrive.live.com/ Name: MSFPC
Value: GUID=ef0476435b3e458a836abdfcef51b369&HASH=ef04&LV=202501&V=4&LU=1736293854946

1 Console Messages

Source Level URL
Text
security warning URL: https://res-1.cdn.office.net/files/odsp-web-prod_2024-12-06.011/wacodcowlhostwebpack.manifest/4.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://powerpoint.officeapps.live.com') does not match the recipient window's origin ('https://onedrive.live.com').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com app.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1drv.ms
api-badgerp.svc.ms
browser.events.data.microsoft.com
onedrive.live.com
powerpoint.officeapps.live.com
res-1.cdn.office.net
wise-m.public.cdn.office.net
wise.public.cdn.office.net
www.pkx.ovi.mybluehost.me
browser.events.data.microsoft.com
13.107.137.11
13.107.42.12
162.241.253.105
20.42.73.31
2603:1063:2000::12
2620:1ec:8fa::10
2a02:26f0:2780:66::217:e3d1
2a02:26f0:2780:68::217:e34e
2a02:26f0:7100::687e:2531
155c98bfdec401729242ca54fb171415b091619cdee047b526673c604ea1e2b9
25fd28bff140e1521f3d4cdd797ecd5519d726d8bc825b7fd5516c2fe7a12405
295df1362fbd3b86350b661ecf10fa05a8e704e4f2695e567be422d5c57b7155
2d92f0ce8491d2f9a27ea16d261a15089c4a9be879d1eedcb6f4a3859e7f1999
4da2ade9f3f9ec1c59456b3cc9fc38c352c99a532f693ae8764079402318aa62
502602b6934e59554d7d2f3e75b0c90e0d85cbfee3cb201f2db8d38d57daa6fa
6340fb003cc2c4b6745a61fa85b2bcd0be833c58cbe6d199d9a4e2fda7326e7f
68d53a6847a5a90e2346f9c5e77db18f9f01e850c42a370255eb6b007d1edd9e
7f2404e6a676960c6b9c5899e868e7bc80615788a98aa1d11202a406626194c0
8781c39d8de27fe4337ba7e2e94f5a6720f790b5474b809ffd14c0a5af818a9a
a8ee7e71e59b5aa1bbb1a7942a9af29809b6123a6a4bb7c0772d71b0359f7ead
aa072f1e04c3e45ffaf43643951aad8ea7f9a432086a6cb29e5134d39b3f0d28
ad20635d51a5bba011e5a09f3966dcb29a950c9b8bda7b665775a70baa1aa3fb
ca4d7063b4e3b4934645d1c7f6413c067b965bd61e915f0b7827673431a31d97
daa2b0afc66929ef88a8b63cd4a2e569372432f18b28557417ada34e45940e12
dc0c566122feb5cbd9f5e3586d7604e634968f32b7d017ad7900acca478f0ec4
f36f9289dd120295002977786309e79417e580dbb5c1b3e265c8ea1a3c960086
ffd91b6c72afe5c7a699a0e11124ad4353b3f7f65e094e07c61e38b07591bc25