onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk
Submission: On February 10 via manual (February 10th 2022, 4:42:18 pm UTC) from FR — Scanned from GB

Summary HTTP 67 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 8 domains to perform 67 HTTP transactions. The main IP is 13.107.42.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com. The Cisco Umbrella rank of the primary domain is 2359.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on February 1st 2022. Valid for: a year.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	92.123.195.42 92.123.195.42	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.65.40.209 13.65.40.209	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
26	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
14	2a02:26f0:fb:... 2a02:26f0:fb:5a1::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:fb:... 2a02:26f0:fb:593::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.90.146.78 104.90.146.78	16625 (AKAMAI-AS) (AKAMAI-AS)
2	51.132.193.104 51.132.193.104	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.105.28.48 13.105.28.48	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.189.173.2 20.189.173.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
67	13

3 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 92.123.195.42 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-195-42.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.65.40.209 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.sfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

powerpoint.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:26f0:fb:5a1::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1-powerpoint-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:fb:593::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1-officeapps-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.146.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-146-78.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.132.193.104 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.105.28.48 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

skyapi.onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.189.173.2 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	live.com 1 redirects onedrive.live.com — Cisco Umbrella Rank: 2359 powerpoint.officeapps.live.com — Cisco Umbrella Rank: 12432 skyapi.onedrive.live.com — Cisco Umbrella Rank: 25104 c.live.com — Cisco Umbrella Rank: 8472	3 MB
16	office.net c1-powerpoint-15.cdn.office.net — Cisco Umbrella Rank: 4700 c1-officeapps-15.cdn.office.net — Cisco Umbrella Rank: 2798	850 KB
10	akamaihd.net spoprod-a.akamaihd.net — Cisco Umbrella Rank: 2174	345 KB
3	microsoft.com browser.events.data.microsoft.com — Cisco Umbrella Rank: 240 browser.pipe.aria.microsoft.com — Cisco Umbrella Rank: 91	1 KB
3	sfx.ms p.sfx.ms — Cisco Umbrella Rank: 17662	12 KB
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 631	33 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 212	1 KB
1	live.net js.live.net — Cisco Umbrella Rank: 3995	16 KB
67	8

	Domain	Requested by
26	powerpoint.officeapps.live.com	onedrive.live.com powerpoint.officeapps.live.com c1-powerpoint-15.cdn.office.net
14	c1-powerpoint-15.cdn.office.net	powerpoint.officeapps.live.com c1-powerpoint-15.cdn.office.net onedrive.live.com
10	spoprod-a.akamaihd.net	onedrive.live.com spoprod-a.akamaihd.net
3	p.sfx.ms	onedrive.live.com spoprod-a.akamaihd.net
3	onedrive.live.com	onedrive.live.com
2	c.live.com	1 redirects
2	browser.events.data.microsoft.com	c1-powerpoint-15.cdn.office.net
2	c1-officeapps-15.cdn.office.net	powerpoint.officeapps.live.com c1-powerpoint-15.cdn.office.net
1	ajax.aspnetcdn.com	skyapi.onedrive.live.com
1	browser.pipe.aria.microsoft.com	p.sfx.ms
1	c.bing.com	1 redirects
1	skyapi.onedrive.live.com	spoprod-a.akamaihd.net
1	js.live.net	c1-powerpoint-15.cdn.office.net
67	13

This site contains links to these domains. Also see Links.

Domain
profile.live.com

Subject Issuer	Validity	Valid
onedrive.com Microsoft RSA TLS CA 02	`2022-02-01` - `2023-02-01`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2021-09-29` - `2022-09-29`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02	`2021-12-12` - `2022-12-07`	a year	crt.sh
storage.live.com Microsoft RSA TLS CA 01	`2021-08-19` - `2022-08-19`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk
Frame ID: D13DFCE65E58614E5974413B7B0DBEA1
Requests: 18 HTTP requests in this frame

Frame: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
Frame ID: 668872322A909E2562FE3D690775AFDD
Requests: 47 HTTP requests in this frame

Frame: https://skyapi.onedrive.live.com/api/proxy?v=3
Frame ID: 089C5F4FF1AF01FC59CC77B54C3FFA54
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EN_IRIS-PT_IRISPowerscan11_Presentation_20211018_Distri.pptx - Microsoft PowerPoint Online

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

96 %
HTTPS

31 %
IPv6

8
Domains

13
Subdomains

13
IPs

4
Countries

4050 kB
Transfer

7458 kB
Size

17
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://profile.live.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://c.live.com/c.gif?DI=15347&wlxid=8412a1a8-91b8-4f48-a4c4-38422f41deac&reqid=0019aa166b3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72139%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.powerpoint%26PLT%3D5910%26IR%3D1%26EX%3D0%26L.h%3D2971%26L.bc%3D3240%26L.ac%3D3258%26L.f%3D3264%26L.sjs%3D5888%26L.ttg%3D5252%26C.st%3D1644511330198%26N.jsPlt%3D4333%26N.domIn%3D3264%26N.dns%3D1%26N.tcp%3D122%26N.req%3D2636%26N.resp%3D61%26N.navType%3D0%26N.redirectCount%3D0&r=0.4163453401320458 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=8412a1a8-91b8-4f48-a4c4-38422f41deac&reqid=0019aa166b3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72139%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.powerpoint%26PLT%3D5910%26IR%3D1%26EX%3D0%26L.h%3D2971%26L.bc%3D3240%26L.ac%3D3258%26L.f%3D3264%26L.sjs%3D5888%26L.ttg%3D5252%26C.st%3D1644511330198%26N.jsPlt%3D4333%26N.domIn%3D3264%26N.dns%3D1%26N.tcp%3D122%26N.req%3D2636%26N.resp%3D61%26N.navType%3D0%26N.redirectCount%3D0&r=0.4163453401320458&CtsSyncId=F098C7245D79478F9662CCFEAC76A688&RedC=c.live.com&MXFR=30A3A8F0051B608006C3B9B7011B64E1 HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=8412a1a8-91b8-4f48-a4c4-38422f41deac&reqid=0019aa166b3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72139%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.powerpoint%26PLT%3D5910%26IR%3D1%26EX%3D0%26L.h%3D2971%26L.bc%3D3240%26L.ac%3D3258%26L.f%3D3264%26L.sjs%3D5888%26L.ttg%3D5252%26C.st%3D1644511330198%26N.jsPlt%3D4333%26N.domIn%3D3264%26N.dns%3D1%26N.tcp%3D122%26N.req%3D2636%26N.resp%3D61%26N.navType%3D0%26N.redirectCount%3D0&r=0.4163453401320458&CtsSyncId=F098C7245D79478F9662CCFEAC76A688&MUID=30A3A8F0051B608006C3B9B7011B64E1

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request view.aspx Show response
onedrive.live.com/ 101 KB
33 KB 2698ms
2576ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fcfdea4a58e08e0769001e9d62d5af50155b3f752cd842a645acc2623defd6c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD0004FFA72139
x-odwebserver: canadaeast1-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4EDA27ADF5F345518859630949EE4300 Ref B: FRAEDGE1307 Ref C: 2022-02-10T16:42:10Z
date: Thu, 10 Feb 2022 16:42:11 GMT

GET
H2 200 maincss-3d633429.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001// 136 KB
26 KB 187ms
62ms Stylesheet
text/css 92.123.195.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//maincss-3d633429.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.195.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 16:42:13 GMT
content-encoding: gzip
content-md5: PWM0KdjmKRxU/0cF4Kv/Uw==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 25623
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F437FC5D3D3
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b3d84624-501e-0051-78f3-c11ba1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21108230
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001// 85 KB
16 KB 182ms
58ms Stylesheet
text/css 92.123.195.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.195.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 16:42:13 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F4379793342
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4a7c36b2-501e-007e-22f3-c1166a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21108354
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-7859787f.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001// 169 KB
30 KB 198ms
74ms Stylesheet
text/css 92.123.195.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//filescss2-7859787f.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.195.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 16:42:13 GMT
content-encoding: gzip
content-md5: eFl4f1R1WfMJocO6wVsUhA==
content-length: 30612
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F437A5D7B4E
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 8fce239f-901e-004e-30f3-c1a8a5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21108192
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 91 KB
25 KB 189ms
188ms Script
text/javascript 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-GB&group=Office&v=19.773.0927.2003&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c77904caea30dfa3c4da76ad762e53906fcdc7adbc26a0e7d94be86a10869b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-msnserver: RD0004FFA72EB2
x-content-type-options: nosniff
x-msedge-ref: Ref A: D959FD1E73B640F2A4557268F27D51D7 Ref B: FRAEDGE1307 Ref C: 2022-02-10T16:42:12Z
x-odwebserver: canadaeast1-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
date: Thu, 10 Feb 2022 16:42:12 GMT
content-encoding: gzip
expires: Fri, 10 Feb 2023 16:42:12 GMT

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 4 KB
2 KB 183ms
182ms Script
text/javascript 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-GB&group=GroupFolders&v=19.773.0927.2003&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

29d8798ab31b6507f7d96448436aa76d5dfc0c82c1efcdc4e39a24c4da8178d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-msnserver: RD00155D5E8B98
x-content-type-options: nosniff
x-msedge-ref: Ref A: 5568E8A388604547808EB87EBA0DB2F0 Ref B: FRAEDGE1307 Ref C: 2022-02-10T16:42:12Z
x-odwebserver: canadaeast1-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
date: Thu, 10 Feb 2022 16:42:12 GMT
content-encoding: gzip
expires: Fri, 10 Feb 2023 16:42:12 GMT

GET
H2 200 aria-2.5.0.min.js Show response
p.sfx.ms//storage/ 45 KB
12 KB 513ms
171ms Script
application/javascript 13.65.40.209
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.sfx.ms//storage/aria-2.5.0.min.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.65.40.209 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 16:42:13 GMT
content-encoding: gzip
last-modified: Wed, 17 Nov 2021 21:05:46 GMT
server: Microsoft-IIS/10.0
etag: "071bde3f6dbd71:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
x-odwebserver: southcentralus1-odwebp
accept-ranges: bytes
x-msnserver: RD00155DFF6DF1
content-length: 12195

GET
H2 200 invis.gif
p.sfx.ms/is/ 43 B
130 B 270ms
171ms Image
image/gif 13.65.40.209
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.65.40.209 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 16:42:13 GMT
x-msnserver: RD00155DFF6DF1
last-modified: Wed, 17 Nov 2021 21:05:20 GMT
server: Microsoft-IIS/10.0
etag: "0283ed4f6dbd71:0"
content-type: image/gif
cache-control: public,max-age=86400
x-odwebserver: southcentralus1-odwebp
accept-ranges: bytes
content-length: 43

POST
H2 200 PowerPointFrame.aspx Show response
powerpoint.officeapps.live.com/p/ Frame 6688 109 KB
111 KB 321ms
205ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&authkey=!AOUDaRRiBSgSAKk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

620c0dbd9b62684f82609c2e379b909307bfaf4766195c0debda8c26ce91ff93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
strict-transport-security: max-age=31536000
timing-allow-origin: *
origin-trial: Aq8ApbTsnK8lxoHFoGQlfXD5lggah+O8ZwFjtswkfRHxLcDdmMd0syPhcneNqm9E4tAhpOFVNHn8j6knJRk2MSEAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjQ1NDgyMTU2fQ==
x-officefe: DM3PEPF00001D54
x-officeversion: 16.0.15007.40503
x-officecluster: US1C
x-content-type-options: nosniff
content-security-policy-report-only: font-src data: c1-powerpoint-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net messaging.growth.office.com content.lifecycle.office.net www.microsoft.com *.youtube.com s.ytimg.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com *.officeapps.live.com https:; object-src 'self' *.youtube.com s.ytimg.com https:; child-src blob: * https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /p/reportcsp.ashx
document-policy: js-profiling
x-officefd: DM3PEPF00008A1F
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 2A426871B938425FBD13218BEF405DD1 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:13Z
date: Thu, 10 Feb 2022 16:42:13 GMT

GET
H/1.1 200
OK stylesread.css
c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/ Frame 6688 290 KB
35 KB 296ms
112ms Stylesheet
text/css 2a02:26f0:fb:5a1::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/stylesread.css

Requested by

Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a1::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

48588a2abdfd892954b36ed99b244788a6e6b2566a46fc6778d06c6b6b2c43e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"ac4cd53f811dd81:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14918.40504
X-OfficeFE: BL6PEPF0000EEB5
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 35267
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Feb 2022 06:49:56 GMT
X-OFFICEFD: BL6PEPF0000EEB5
X-MSEdge-Ref: Ref A: 7D2E24C781544949BA18DFE24ACC4FD6 Ref B: AM3EDGE0916 Ref C: 2022-02-09T06:49:56Z
X-UserSessionId: dd6cfd6b-2b62-4fa0-8e14-15f2c19af0a1
Date: Thu, 10 Feb 2022 16:42:14 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: dd6cfd6b-2b62-4fa0-8e14-15f2c19af0a1
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjax.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161500740503_App_Scripts/ Frame 6688 106 KB
28 KB 295ms
111ms Script
application/javascript 2a02:26f0:fb:5a1::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_App_Scripts/MicrosoftAjax.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a1::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"8082a5f95c1dd81:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14918.40504
X-OfficeFE: BL6PEPF00007426
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 27244
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_powerpointslice_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Feb 2022 02:30:17 GMT
X-OFFICEFD: BL6PEPF00007426
X-MSEdge-Ref: Ref A: B62D5A2E27494EE68FC4282EEA0217FB Ref B: AMS04EDGE3210 Ref C: 2022-02-09T02:30:17Z
X-UserSessionId: d5e1a028-06ef-493f-8503-f6831bf9f3ab
Date: Thu, 10 Feb 2022 16:42:14 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d5e1a028-06ef-493f-8503-f6831bf9f3ab
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK powerpointintl.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/2057/ Frame 6688 241 KB
51 KB 295ms
112ms Script
application/javascript 2a02:26f0:fb:5a1::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/2057/powerpointintl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a1::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

483a5ffd1ef86f8ed77f4541e020f4a5c6b7aa1419f92f5ad728e5a8998efd5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"adcf6fe5771dd81:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14918.40504
X-OfficeFE: BL6PEPF0000EEB6
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 51151
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Feb 2022 05:42:59 GMT
X-OFFICEFD: BL6PEPF0000EEB6
X-MSEdge-Ref: Ref A: 847F3312B1FD428AA98E897E1529ED1A Ref B: AM3EDGE0912 Ref C: 2022-02-09T05:42:59Z
X-UserSessionId: 4ae18916-c1c3-49fa-b459-c9aa04add304
Date: Thu, 10 Feb 2022 16:42:14 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 4ae18916-c1c3-49fa-b459-c9aa04add304
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK BootView.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/ Frame 6688 2 MB
489 KB 295ms
113ms Script
application/javascript 2a02:26f0:fb:5a1::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/BootView.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a1::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2a37c9e7b8440a0c5c0a5db1c54a8d90d310129b814624bab725492eb256eeb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"0193efa5c1dd81:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14918.40504
X-OfficeFE: BL6PEPF0000D63E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 500097
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Feb 2022 02:30:18 GMT
X-OFFICEFD: BL6PEPF0000D63E
X-MSEdge-Ref: Ref A: DDC164512B0C45BF8FD2382A4B8A9623 Ref B: AM3EDGE0819 Ref C: 2022-02-09T02:30:17Z
X-UserSessionId: d5e1a028-06ef-493f-8503-f6831bf9f3ab
Date: Thu, 10 Feb 2022 16:42:14 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d5e1a028-06ef-493f-8503-f6831bf9f3ab
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/p/s/161500740503_resources/2057/ Frame 6688 695 B
2 KB 247ms
65ms Image
image/gif 2a02:26f0:fb:593::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/161500740503_resources/2057/progress.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:593::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "3796102e7d1dd81:0"
X-OfficeCluster: US3C
X-OfficeVersion: 16.0.15007.40503
X-OfficeFE: DM3PEPF00010DE3
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_powerpointslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Feb 2022 06:20:48 GMT
X-OFFICEFD: DM3PEPF000132E0
X-MSEdge-Ref: Ref A: 04EF7D38C8E148E482F453907C4CFEF9 Ref B: AM3EDGE1012 Ref C: 2022-02-09T08:12:17Z
X-UserSessionId: 5f4becfc-2f34-4045-ac32-22f921d6d90e
Date: Thu, 10 Feb 2022 16:42:14 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 5f4becfc-2f34-4045-ac32-22f921d6d90e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK prt.png
c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/ Frame 6688 13 KB
14 KB 250ms
69ms Image
image/png 2a02:26f0:fb:5a1::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/prt.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a1::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"9c6d63f811dd81:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14918.40504
X-OfficeFE: BL6PEPF00007429
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 13611
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Feb 2022 06:49:56 GMT
X-OFFICEFD: BL6PEPF00007429
X-MSEdge-Ref: Ref A: 108F8ABAD7F043AD8BE8DF11308CD7C4 Ref B: AM3EDGE0918 Ref C: 2022-02-09T06:49:56Z
X-UserSessionId: 2ba4035d-0caa-4b61-a697-c04b5f0f933e
Date: Thu, 10 Feb 2022 16:42:14 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 2ba4035d-0caa-4b61-a697-c04b5f0f933e
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 6688 0
578 B 246ms
246ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15007.40503&waccluster=US1C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
X-UserSessionId: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS2
x-officeversion: 16.0.15007.40503
x-officefe: MW1PEPF0000782D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-ms-server-duration: 0.3354
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 82b99c4f-a83a-43c3-b1ca-6c2d5617ed6a
x-officefd: MW1PEPF0000782D
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:13 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: C17BC13AF39B4991875C6D273D624928 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:13Z

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 6688 0
414 B 217ms
216ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15007.40503&waccluster=US1C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
X-UserSessionId: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":331,"Value":"https://c1-powerpoint-15.cdn.office.net:443/p/s/161500740503_App_Scripts/MicrosoftAjax.js","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS1
x-officeversion: 16.0.15007.40503
x-officefe: BY3PEPF0000C8F2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-ms-server-duration: 1.4909
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 4e0031a7-e552-4226-b561-64b2b42f323a
x-officefd: BY3PEPF0000C8F2
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:14 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: F7F4AAB5247F46B0AFAEA35FE2EF8503 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:14Z

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 6688 0
289 B 209ms
208ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15007.40503&waccluster=US1C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
X-UserSessionId: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":637,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS1
x-officeversion: 16.0.15007.40503
x-officefe: BY3PEPF0000C8D8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-ms-server-duration: 0.5294
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 80f74ef6-5c69-4365-9f3a-bec01e9986e7
x-officefd: BY3PEPF0000C8D8
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:14 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 9B4C1F807C8F46FE8EFDA181154B2219 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:14Z

GET
H/1.1 404
Not Found segoeui.woff
c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/ Frame 6688 0
0 253ms
253ms Font
text/html 2a02:26f0:fb:5a1::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/segoeui.woff

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/stylesread.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a1::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/stylesread.css
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-OFFICEFD: BN3PEPF000024E7
X-OfficeVersion: 16.0.15007.40503
X-OfficeFE: BN3PEPF000024E7
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1245
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
X-CorrelationId: 48447687-20d8-448b-8d10-210f9ac71097
X-OfficeCluster: PUS3
X-UserSessionId: 48447687-20d8-448b-8d10-210f9ac71097
Date: Thu, 10 Feb 2022 16:42:14 GMT
Content-Type: text/html
Access-Control-Allow-Origin: *
X-MSEdge-Ref: Ref A: 75F927BDA68947D790716E12B3EF0260 Ref B: AMS04EDGE1521 Ref C: 2022-02-10T16:42:14Z
Timing-Allow-Origin: *

POST
H2 200 GetPresentationWithSlideById Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 6688 6 KB
2 KB 222ms
222ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetPresentationWithSlideById

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6dab90815086a487c410891330ea4451ac96a79cf74d9a61a65e1c51a24e6a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm_9Un00gR0ZHRhA9k4t3wC0Po-1I4GHZUls0Pq59D-t7y5wNR-UcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow
X-UserSessionId: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
Accept-Language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15007.40503
X-Key: BJPYIA8Hco5oPxASyVux/NAhgy3IHBuL9Gn1OPljI6Y=,637801081336836685
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1646325732760
X-WacCluster: US1C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1858
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: e43403a6-498c-46e1-96c8-9b1aacf35d5e
x-officefd: DM3PEPF00008A22
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:14 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 5A3A37AF23C6446FA151CEE2785AC957 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:14Z
timing-allow-origin: *
expires: -1

GET
H/1.1 200
OK wapsw.png
c1-powerpoint-15.cdn.office.net/p/s/161500740503_resources/2057/ Frame 6688 6 KB
7 KB 61ms
60ms Image
image/png 2a02:26f0:fb:5a1::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_resources/2057/wapsw.png?b=1601500215000

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&authkey=!AOUDaRRiBSgSAKk

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a1::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"4a6a269d861dd81:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14918.40504
X-OfficeFE: BL6PEPF00007425
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5884
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Feb 2022 07:28:20 GMT
X-OFFICEFD: BL6PEPF00007425
X-MSEdge-Ref: Ref A: 5BDE1C3C36604B75AFD04B59765EB681 Ref B: AMS04EDGE3116 Ref C: 2022-02-09T07:28:20Z
X-UserSessionId: 1b2d01f2-245f-44c9-83a4-2388765e516c
Date: Thu, 10 Feb 2022 16:42:14 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 1b2d01f2-245f-44c9-83a4-2388765e516c
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK prt2.png
c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/ Frame 6688 38 KB
39 KB 75ms
74ms Image
image/png 2a02:26f0:fb:5a1::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/prt2.png

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&authkey=!AOUDaRRiBSgSAKk

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a1::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0c76d70e9992d863540c63932b0b04820c2ffb3c2f0b44d949af68cdb43fc95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"1d82d82d841dd81:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14918.40504
X-OfficeFE: BL6PEPF0000D644
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 38870
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Feb 2022 07:10:54 GMT
X-OFFICEFD: BL6PEPF0000D644
X-MSEdge-Ref: Ref A: 68360397BF84403C8ABDCD7548512611 Ref B: AM3EDGE0721 Ref C: 2022-02-09T07:10:54Z
X-UserSessionId: c93036e0-e555-4c59-a15f-5afc4a7a4073
Date: Thu, 10 Feb 2022 16:42:14 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: c93036e0-e555-4c59-a15f-5afc4a7a4073
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
BLOB 200
OK 5d36691f-e98b-466f-aef0-aaecc53ae947
https://powerpoint.officeapps.live.com/ Frame 6688 183 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://powerpoint.officeapps.live.com/5d36691f-e98b-466f-aef0-aaecc53ae947
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 360131f6a0cebba26e32c706603a4c7f5c70393fe2e7d9f369274bdc6a86c198

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 183
Content-Type: application/javascript

POST
H2 200 RemoteTelemetry.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 6688 0
258 B 143ms
142ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteTelemetry.ashx

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000F951
x-officeversion: 16.0.15007.40503
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 86e1d9cf-2d56-4134-abbc-8f25a11d7b36
x-officecluster: PUS4
x-usersessionid: 86e1d9cf-2d56-4134-abbc-8f25a11d7b36
date: Thu, 10 Feb 2022 16:42:14 GMT
x-download-options: noopen
access-control-allow-origin: https://powerpoint.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 9566C26F243C467E8B680C7E6D05C41D Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:14Z
timing-allow-origin: *
x-officefe: BL6PEPF0000F951

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 6688 42 KB
16 KB 293ms
61ms Script
application/javascript 104.90.146.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/BootView.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.90.146.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-146-78.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 16:42:14 GMT
X-MSNServer: RD0003FF23ED10
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=44183, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H/1.1 404
Not Found segoeui.ttf
c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/ Frame 6688 0
0 276ms
276ms Font
text/html 2a02:26f0:fb:5a1::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/segoeui.ttf

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/stylesread.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a1::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/stylesread.css
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-OFFICEFD: BL6PEPF0000EEB5
X-OfficeVersion: 16.0.15007.40503
X-OfficeFE: BL6PEPF0000EEB5
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1245
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
X-CorrelationId: eb68f1ec-4d90-4ede-938e-ea4ddc09771e
X-OfficeCluster: PUS4
X-UserSessionId: eb68f1ec-4d90-4ede-938e-ea4ddc09771e
Date: Thu, 10 Feb 2022 16:42:15 GMT
Content-Type: text/html
Access-Control-Allow-Origin: *
X-MSEdge-Ref: Ref A: BF12EAA36DF74AC2B42EEEBA49BD1455 Ref B: AM3EDGE0608 Ref C: 2022-02-10T16:42:14Z
Timing-Allow-Origin: *

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 6688 50 KB
51 KB 219ms
219ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=0&PF=4&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&access_token=4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm%5F9Un00gR0ZHRhA9k4t3wC0Po%2D1I4GHZUls0Pq59D%2Dt7y5wNR%2DUcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow&access_token_ttl=1646325732760&z=aOEYzMzI1NDZEQkZEMkQ3MiExOTkyMTQuNQ&usid=9d02576c%2D1dc7%2D4247%2D8ff0%2Da15f45c8399e&Rid=S1%5F1%5F1504x846%2Epng&waccluster=US1C&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b26dc65c5d0e54f74ecf380642f00e93b0fa73971415fc26b9de77790d68aae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 51610
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&access_token=4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm%5F9Un00gR0ZHRhA9k4t3wC0Po%2D1I4GHZUls0Pq59D%2Dt7y5wNR%2DUcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow&access_token_ttl=1646325732760&z=aOEYzMzI1NDZEQkZEMkQ3MiExOTkyMTQuNQS1_1_1504x846.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 73a53be3-a9ad-4ac0-9391-81f6236c3ed3
x-officefd: DM3PEPF00008A1F
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:14 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: E22ECC85BCCE4596AA19835F72E51CD9 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:14Z
timing-allow-origin: *
expires: Fri, 10 Feb 2023 16:42:14 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 6688 1 MB
1 MB 283ms
282ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5730e4eb9b4d6917835fb4add1d0f65a2bfc9b47f4346d1a793be949d5255c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1108997
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&access_token=4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm%5F9Un00gR0ZHRhA9k4t3wC0Po%2D1I4GHZUls0Pq59D%2Dt7y5wNR%2DUcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow&access_token_ttl=1646325732760&z=aOEYzMzI1NDZEQkZEMkQ3MiExOTkyMTQuNQS1_2_1504x846.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 1a41cf76-9c7e-4dba-8bf9-2663efcf9d43
x-officefd: DM3PEPF00008A22
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:14 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 0964B2050C7149929CFFA0D5654AEFFD Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:14Z
timing-allow-origin: *
expires: Fri, 10 Feb 2023 16:42:14 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 6688 1 MB
1 MB 186ms
186ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5730e4eb9b4d6917835fb4add1d0f65a2bfc9b47f4346d1a793be949d5255c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1108997
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&access_token=4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm%5F9Un00gR0ZHRhA9k4t3wC0Po%2D1I4GHZUls0Pq59D%2Dt7y5wNR%2DUcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow&access_token_ttl=1646325732760&z=aOEYzMzI1NDZEQkZEMkQ3MiExOTkyMTQuNQS1_2_1504x846.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 2479a349-4bac-4f0c-abdb-3e8d70d1ca79
x-officefd: DM3PEPF00008A22
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:15 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: E7573C2670E8414DB9AEB46758AAC3CA Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:15Z
timing-allow-origin: *
expires: Fri, 10 Feb 2023 16:42:15 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 6688 50 KB
51 KB 181ms
181ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b26dc65c5d0e54f74ecf380642f00e93b0fa73971415fc26b9de77790d68aae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 51610
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&access_token=4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm%5F9Un00gR0ZHRhA9k4t3wC0Po%2D1I4GHZUls0Pq59D%2Dt7y5wNR%2DUcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow&access_token_ttl=1646325732760&z=aOEYzMzI1NDZEQkZEMkQ3MiExOTkyMTQuNQS1_1_1504x846.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: cd2cdaa1-b92e-47a2-97fe-2aebd6c06f5c
x-officefd: DM3PEPF00008A1F
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:15 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: C8491F7AA14047B489739EB2D6221C99 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:15Z
timing-allow-origin: *
expires: Fri, 10 Feb 2023 16:42:15 GMT

GET
H/1.1 200
OK reader.calypso.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/ Frame 6688 312 KB
64 KB 59ms
58ms Script
application/javascript 2a02:26f0:fb:5a1::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/reader.calypso.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a1::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b108f1796626c2796bd612abdb0abddba4cd8e31c9e1e33eefc987a95dd78914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"82b65a325f1dd81:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14918.40504
X-OfficeFE: BL6PEPF0000F951
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 64259
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Feb 2022 02:46:11 GMT
X-OFFICEFD: BL6PEPF0000F951
X-MSEdge-Ref: Ref A: BEF83FA93F15454188271F5E02FF591D Ref B: AM3EDGE0711 Ref C: 2022-02-09T02:46:11Z
X-UserSessionId: 3eb8b2fa-67ff-4e0e-bd7e-20ad81572aa4
Date: Thu, 10 Feb 2022 16:42:15 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 3eb8b2fa-67ff-4e0e-bd7e-20ad81572aa4
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
c1-officeapps-15.cdn.office.net/p/s/161500740503_App_Scripts/ Frame 6688 40 KB
7 KB 224ms
57ms Script
application/javascript 2a02:26f0:fb:593::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/161500740503_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:593::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000, max-age=31536000
Content-Encoding: br
ETag: "ad162f17231dd81:0"
X-OfficeCluster: SNL1
X-OfficeVersion: 16.0.15007.40503
X-OfficeFE: AM4PEPF00006A62
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5997
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 08 Feb 2022 19:35:55 GMT
X-OFFICEFD: AM4PEPF000141D8
X-MSEdge-Ref: Ref A: 739229BF4F9A4C87998CD21903B196FA Ref B: AMS04EDGE1415 Ref C: 2022-02-09T04:45:41Z
X-UserSessionId: 82eb9b28-9274-4f9e-ab30-39a896e11264, b1d91377-0684-4bfb-97d2-0fe480eb8fc3
X-Powered-By: ARR/3.0
Date: Thu, 10 Feb 2022 16:42:15 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 82eb9b28-9274-4f9e-ab30-39a896e11264, b1d91377-0684-4bfb-97d2-0fe480eb8fc3
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 6688 0
568 B 188ms
188ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15007.40503&waccluster=US1C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
X-UserSessionId: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":1618,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS5
x-officeversion: 16.0.15007.40503
x-officefe: SN3PEPF0000C0CC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-ms-server-duration: 0.6813
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 4d2affb6-e8be-45d3-bdf5-d81fe8c6a39b
x-officefd: SN3PEPF0000C0CC
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:15 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 78B96C49608642E89E466EE92027FEF8 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:15Z

GET
H/1.1 200
OK prt2.png
c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/ Frame 6688 38 KB
39 KB 70ms
70ms Image
image/png 2a02:26f0:fb:5a1::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/prt2.png

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a1::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0c76d70e9992d863540c63932b0b04820c2ffb3c2f0b44d949af68cdb43fc95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"1d82d82d841dd81:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14918.40504
X-OfficeFE: BL6PEPF0000D644
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 38870
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Feb 2022 07:10:54 GMT
X-OFFICEFD: BL6PEPF0000D644
X-MSEdge-Ref: Ref A: 68360397BF84403C8ABDCD7548512611 Ref B: AM3EDGE0721 Ref C: 2022-02-09T07:10:54Z
X-UserSessionId: c93036e0-e555-4c59-a15f-5afc4a7a4073
Date: Thu, 10 Feb 2022 16:42:15 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: c93036e0-e555-4c59-a15f-5afc4a7a4073
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 6688 7 KB
2 KB 516ms
515ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3b55d15beaf3a5efccab2703a6149fdbc44e2cdcc388ab9ba7e100455a26a77f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm_9Un00gR0ZHRhA9k4t3wC0Po-1I4GHZUls0Pq59D-t7y5wNR-UcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow
X-UserSessionId: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
Accept-Language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15007.40503
X-Key: BJPYIA8Hco5oPxASyVux/NAhgy3IHBuL9Gn1OPljI6Y=,637801081336836685
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1646325732760
X-WacCluster: US1C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1825
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 61d5a9c9-c375-469e-98bc-8b43c6a1342d
x-officefd: DM3PEPF00008A21
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:15 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 4D8E325738044C63919A7A94C494F623 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:15Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 6688 0
2 KB 234ms
233ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15007.40503&waccluster=US1C

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm_9Un00gR0ZHRhA9k4t3wC0Po-1I4GHZUls0Pq59D-t7y5wNR-UcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow
X-UserSessionId: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
Accept-Language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15007.40503
X-Key: BJPYIA8Hco5oPxASyVux/NAhgy3IHBuL9Gn1OPljI6Y=,637801081336836685
X-bULS-SuppressionETag: 4FD7376F28567A0A6553A225C8FD61FF22AC0742
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1646325732760
X-WacCluster: US1C

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS1
x-officeversion: 16.0.15007.40503
x-officefe: BY3PEPF0000C8B5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: A05D16B8C45CAFC5B00015FE7CF9685222749EA0
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-buls-suppressedtags: 378069,1671813,2209344,3290144,4298965,4298968,4298969,4751696,5306497,5904476,6375195,6572226,6948167,7463498,17085210,17085216,17162522,17358857,19743902,21627712,21631370,22401293,22410500,22598977,22680210,22680213,22680214,22836558,22946650,23909858,24401375,24462656,24515087,25514973,33592839,34388130,35682372,36472266,36546380,36546381,36546382,36569418,36708451,36773964,36791688,36811158,36811159,36963655,37288035,37876293,37876294,37889309,38293640,38535900,38543496,38580697,38637954,38922202,39076766,39076767,39105358,39613840,39966341,40437001,40935455,41003225,41207258,41502555,41711299,41952657,41964885,42272991,42496725,42513088,42815875,42857251,50406866,50431969,50619726,50622685,50622687,51451613,51504083,51667010,538543587,540378699,540378700,542700237,542994947,545783884,557077970,557389507,557670930,558735363,559423838,559424262,559486496,559760215,559760216,570507662,571549507,571786073,571786074,574468116,575157663,575157664,575157665,575157666,575157667,575157696,575157697,575157698,575157699,575157700,575157701,575157702,577295376,577626581,578164000,587862985,591729363,592556551,592843145,593780815,593838232,594134597,594392640,594392649,594392666,594396706,594830612,595137156,595714715,595895774,596115913,596444186,596464289,845836083,845836084,845836085,846166132,876178018,963472182,1630679666,1630679667,1633958006,1647605351,1664576567,1698260075,1718235956,1765045358,1802139698,1986689397,1986689633,1986689647,1986748791,1986748793,1986749030,1986749288,1986749546,2004443760,2004444278,2004448354
content-length: 0
x-cache: CONFIG_NOCACHE
x-ms-server-duration: 1.33
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 93316890-2b2c-4633-a79b-0cc827f84149
x-officefd: BY3PEPF0000C8B5
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:15 GMT
x-download-options: noopen
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: A209154FBE994BF884A0451C0991271C Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:15Z

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/ 92 KB
33 KB 177ms
56ms Script
application/javascript 92.123.195.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.195.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 16:42:15 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F437EC0696D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e7abfc5c-801e-0052-03f3-c1fac5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21108325
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac_s_office-ff051758.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/ 337 KB
103 KB 194ms
73ms Script
application/javascript 92.123.195.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac_s_office-ff051758.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.195.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: befd6b76fa27121afcbc45c7ffaf1ed27728d1e37bd803bd7bda09417c408a5f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 16:42:15 GMT
content-encoding: gzip
content-md5: /wUXWPs2boNAV7GJJoVaSg==
content-length: 104834
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:23 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F4385DEFF32
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8d767f6e-001e-0063-0ff3-c11bd6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21108295
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H/1.1 200
OK otelFullNext.min.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/ Frame 6688 104 KB
35 KB 70ms
69ms Script
application/javascript 2a02:26f0:fb:5a1::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/otelFullNext.min.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a1::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

adf1d40408ee9a8ee51a8f61e1fa38390f7f80ffe0e5fb34f866b0dbf247ecda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"0db15677e1dd81:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14918.40504
X-OfficeFE: BL6PEPF0000EEB6
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 34577
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Feb 2022 06:29:34 GMT
X-OFFICEFD: BL6PEPF0000EEB6
X-MSEdge-Ref: Ref A: FDDC43753668463AAE79F8076FA725B8 Ref B: AM3EDGE0719 Ref C: 2022-02-09T06:29:34Z
X-UserSessionId: e6b3a01d-5e35-4589-8553-ecc8ecc1080b
Date: Thu, 10 Feb 2022 16:42:15 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: e6b3a01d-5e35-4589-8553-ecc8ecc1080b
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK segoeui-semilight-final.woff
c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/ Frame 6688 25 KB
26 KB 62ms
62ms Font
font/x-woff 2a02:26f0:fb:5a1::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/segoeui-semilight-final.woff

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/stylesread.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a1::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/stylesread.css
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"5460e089851dd81:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14918.40504
X-OfficeFE: BL6PEPF0000F543
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 25997
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Feb 2022 07:20:38 GMT
X-OFFICEFD: BL6PEPF0000F543
X-MSEdge-Ref: Ref A: 2851780E1AE04387BE29F04F6AA2FAF8 Ref B: AMS04EDGE1610 Ref C: 2022-02-09T07:20:38Z
X-UserSessionId: 88604c1b-be1e-40a3-b01d-1fd730089d76
Date: Thu, 10 Feb 2022 16:42:15 GMT
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
X-CorrelationId: 88604c1b-be1e-40a3-b01d-1fd730089d76
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK prt.png
c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/ Frame 6688 13 KB
14 KB 72ms
72ms Image
image/png 2a02:26f0:fb:5a1::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/prt.png

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/reader.calypso.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5a1::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"9c6d63f811dd81:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14918.40504
X-OfficeFE: BL6PEPF00007429
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 13611
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 09 Feb 2022 06:49:56 GMT
X-OFFICEFD: BL6PEPF00007429
X-MSEdge-Ref: Ref A: 108F8ABAD7F043AD8BE8DF11308CD7C4 Ref B: AM3EDGE0918 Ref C: 2022-02-09T06:49:56Z
X-UserSessionId: 2ba4035d-0caa-4b61-a697-c04b5f0f933e
Date: Thu, 10 Feb 2022 16:42:15 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 2ba4035d-0caa-4b61-a697-c04b5f0f933e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 6688 4 B
334 B 238ms
55ms XHR
application/json 51.132.193.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/otelFullNext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.132.193.104 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 16:42:14 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://powerpoint.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 6688 0
462 B 184ms
183ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.15007.40503&waccluster=US1C

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
X-UserSessionId: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1618,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS5
x-officeversion: 16.0.15007.40503
x-officefe: SN3PEPF0000C095
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-ms-server-duration: 0.8154
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 0fad7022-4d60-483a-a11f-0a0494d0b8b9
x-officefd: SN3PEPF0000C095
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:15 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 72BB262A04E04DF5BEC74D2103651383 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:15Z

GET
H3-Q050 200 wac2-bf8b3319.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/ 310 KB
107 KB 57ms
56ms Script
application/javascript 92.123.195.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac2-bf8b3319.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.195.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 71d842c9de99f8965d973113b192dd688f1b5d6615a177251c3f141e2ef5f771

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 16:42:15 GMT
content-encoding: gzip
content-md5: v4szGe0O1pyqsqnSLW8nTQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 109104
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:23 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F4385D64B0E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 76e129d4-e01e-006b-06f3-c101d9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21108504
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 wac0-efa56458.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/ 15 KB
6 KB 58ms
58ms Script
application/javascript 92.123.195.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac0-efa56458.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.195.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 09f6c8293dec26567f220f12acd488876fbbf40ad2c67e0f0f4766de6bda8981

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 16:42:15 GMT
content-encoding: gzip
content-md5: 76VkWOHqhHqIEEUyr6GMKg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 5910
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:22 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F43857098E0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c199e720-001e-005c-48f3-c1d375000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21108235
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 wac1-cdc297b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/ 47 KB
14 KB 58ms
58ms Script
application/javascript 92.123.195.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac1-cdc297b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=8F332546DBFD2D72!199214&ithint=file%2cpptx&wdo=2&authkey=!AOUDaRRiBSgSAKk
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.195.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b323d86681653d7e2e92716f79f18a324b1337dd9ad3d456644ca9fb7493ffa3

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 16:42:15 GMT
content-encoding: gzip
content-md5: zcKXtFHbuejuppPFKcKOyw==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14062
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:23 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F438590F80B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c199e708-001e-005c-33f3-c1d375000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21108491
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 6688 3 KB
4 KB 193ms
192ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1ed2de1602572ad965b2aceb11327f1451fed8d236c9b4861e531f7d9b6b1840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3561
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&access_token=4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm%5F9Un00gR0ZHRhA9k4t3wC0Po%2D1I4GHZUls0Pq59D%2Dt7y5wNR%2DUcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow&access_token_ttl=1646325732760&z=aOEYzMzI1NDZEQkZEMkQ3MiExOTkyMTQuNQM4B_1_1504x846.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 2d5a09e5-11f6-466b-977e-d22e034325c6
x-officefd: DM3PEPF00008A1F
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:16 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: C71F97A7E98F466FAC733D83610F5DB0 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:16Z
timing-allow-origin: *
expires: Fri, 10 Feb 2023 16:42:16 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 6688 93 KB
93 KB 183ms
183ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8e7c0b66b454a6873389924256a3b19b393d7b9d9ce7f8f1fbb2785c019d8826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 94840
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&access_token=4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm%5F9Un00gR0ZHRhA9k4t3wC0Po%2D1I4GHZUls0Pq59D%2Dt7y5wNR%2DUcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow&access_token_ttl=1646325732760&z=aOEYzMzI1NDZEQkZEMkQ3MiExOTkyMTQuNQS2_1_1504x846.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: f49ac229-97a5-402d-ac8a-c24b08fbe919
x-officefd: DM3PEPF00008A22
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:16 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: E4B9587D1F514BCE846155AB82F49F9A Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:16Z
timing-allow-origin: *
expires: Fri, 10 Feb 2023 16:42:16 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 6688 4 KB
5 KB 181ms
181ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8cb46846429ec2132038f864899ec7abda646a8a3b7d6d46aeaf665201dc8c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4443
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&access_token=4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm%5F9Un00gR0ZHRhA9k4t3wC0Po%2D1I4GHZUls0Pq59D%2Dt7y5wNR%2DUcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow&access_token_ttl=1646325732760&z=aOEYzMzI1NDZEQkZEMkQ3MiExOTkyMTQuNQS2_2_1504x846.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 64799f41-e20f-4cd6-bb43-b5948c8475d3
x-officefd: DM3PEPF00008A21
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:16 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: D2A2ADCB7BCE41589F1A16B3D6D45FB3 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:16Z
timing-allow-origin: *
expires: Fri, 10 Feb 2023 16:42:16 GMT

GET
H2 200 proxy Show response
skyapi.onedrive.live.com/api/ Frame 089C 448 B
556 B 305ms
64ms Document
text/html 13.105.28.48
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://skyapi.onedrive.live.com/api/proxy?v=3

Requested by

Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac_s_office-ff051758.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.105.28.48 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b75e2161fc0e6fdadef210b391b117852f75fa88b85e057092b18b1fe0b60f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/

Response headers

cache-control: public
content-length: 295
content-type: text/html
content-encoding: gzip
expires: Fri, 10 Feb 2023 16:42:16 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-msnserver: DB5PPF3F9E99B07
strict-transport-security: max-age=31536000; includeSubDomains
ms-cv: sTecWlQgW06yja9ek+Lx/A.0
x-asmversion: UNKNOWN; 19.840.125.2005
date: Thu, 10 Feb 2022 16:42:16 GMT

GET
H2 200 invis.gif
p.sfx.ms/is/ 43 B
104 B 168ms
168ms Image
image/gif 13.65.40.209
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac2-bf8b3319.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.65.40.209 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 16:42:15 GMT
x-msnserver: RD00155DFF6DF1
last-modified: Wed, 17 Nov 2021 21:05:20 GMT
server: Microsoft-IIS/10.0
etag: "0283ed4f6dbd71:0"
content-type: image/gif
cache-control: public,max-age=86400
x-odwebserver: southcentralus1-odwebp
accept-ranges: bytes
content-length: 43

GET
H3-Q050 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001// 8 KB
8 KB 258ms
93ms Image
text/css 92.123.195.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//filesbucket3-5286f09d.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.195.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 16:42:16 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F4378A54204
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 29373e5e-501e-000c-6df3-c11125000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21108297
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2

200

c.gif
c.live.com/
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=8412a1a8-91b8-4f48-a4c4-38422f41deac&reqid=0019aa166b3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72139%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=8412a1a8-91b8-4f48-a4c4-38422f41deac&reqid=0019aa166b3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72139%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=8412a1a8-91b8-4f48-a4c4-38422f41deac&reqid=0019aa166b3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72139%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
253 B

70ms
70ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=8412a1a8-91b8-4f48-a4c4-38422f41deac&reqid=0019aa166b3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72139%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.powerpoint%26PLT%3D5910%26IR%3D1%26EX%3D0%26L.h%3D2971%26L.bc%3D3240%26L.ac%3D3258%26L.f%3D3264%26L.sjs%3D5888%26L.ttg%3D5252%26C.st%3D1644511330198%26N.jsPlt%3D4333%26N.domIn%3D3264%26N.dns%3D1%26N.tcp%3D122%26N.req%3D2636%26N.resp%3D61%26N.navType%3D0%26N.redirectCount%3D0&r=0.4163453401320458&CtsSyncId=F098C7245D79478F9662CCFEAC76A688&MUID=30A3A8F0051B608006C3B9B7011B64E1
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 16:42:16 GMT
last-modified: Wed, 12 Jan 2022 02:05:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9ea1ae3587d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 16:42:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 176FE172343F49AD8A849D31877B6067 Ref B: FRA31EDGE0819 Ref C: 2022-02-10T16:42:16Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=8412a1a8-91b8-4f48-a4c4-38422f41deac&reqid=0019aa166b3&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRD0004FFA72139%26MA%3Den-GB%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.powerpoint%26PLT%3D5910%26IR%3D1%26EX%3D0%26L.h%3D2971%26L.bc%3D3240%26L.ac%3D3258%26L.f%3D3264%26L.sjs%3D5888%26L.ttg%3D5252%26C.st%3D1644511330198%26N.jsPlt%3D4333%26N.domIn%3D3264%26N.dns%3D1%26N.tcp%3D122%26N.req%3D2636%26N.resp%3D61%26N.navType%3D0%26N.redirectCount%3D0&r=0.4163453401320458&CtsSyncId=F098C7245D79478F9662CCFEAC76A688&MUID=30A3A8F0051B608006C3B9B7011B64E1
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
397 B 825ms
218ms XHR
application/json 20.189.173.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157
Requested by: Host: p.sfx.ms
URL: https://p.sfx.ms//storage/aria-2.5.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.189.173.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 16:42:16 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 699
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 6688 10 KB
2 KB 219ms
219ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8e178ca987d2807df5206ab129246e34479bb868b785089f5e24991b3120f176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm_9Un00gR0ZHRhA9k4t3wC0Po-1I4GHZUls0Pq59D-t7y5wNR-UcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow
X-UserSessionId: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
Accept-Language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15007.40503
X-Key: BJPYIA8Hco5oPxASyVux/NAhgy3IHBuL9Gn1OPljI6Y=,637801081336836685
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1646325732760
X-WacCluster: US1C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2124
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 8544cdc8-5cc9-4733-ac79-cdaa8c79d21f
x-officefd: DM3PEPF00008A21
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:16 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: A46E60C0D364491BA38B5B4241A51C5E Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:16Z
timing-allow-origin: *
expires: -1

GET
H3-Q050 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001// 8 KB
2 KB 57ms
56ms Stylesheet
text/css 92.123.195.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001//filesbucket3-5286f09d.css
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210924.001/wac2-bf8b3319.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 92.123.195.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-195-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 10 Feb 2022 16:42:16 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Fri, 24 Sep 2021 10:10:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97F4378A54204
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 29373e5e-501e-000c-6df3-c11125000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21108297
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2 200 jquery-1.7.2.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ Frame 089C 93 KB
33 KB 229ms
54ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js

Requested by

Host: skyapi.onedrive.live.com
URL: https://skyapi.onedrive.live.com/api/proxy?v=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F12) /

Resource Hash

e441bb2cea80ca356c69595682c3b7d76c341566b5f851b352434e9eaadf136b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://skyapi.onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 16:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21125831
x-cache: HIT
content-length: 33717
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:10:59 GMT
server: ECAcc (frc/8F12)
etag: "80385acc33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 6688 25 KB
25 KB 195ms
193ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

249707e7f89a6e2da01e0093e2e6971d727245ac2ea0df956ddab99aaff80c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 25130
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&access_token=4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm%5F9Un00gR0ZHRhA9k4t3wC0Po%2D1I4GHZUls0Pq59D%2Dt7y5wNR%2DUcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow&access_token_ttl=1646325732760&z=aOEYzMzI1NDZEQkZEMkQ3MiExOTkyMTQuNQM40_1_1504x846.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wordcapacity_2_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 8ccc1502-81f1-41f2-90ee-36a395531e1c
x-officefd: DM3PEPF00008A1F
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:16 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: B802DECAA2AA40EE96B7F3B5A4EBBF4F Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:16Z
timing-allow-origin: *
expires: Fri, 10 Feb 2023 16:42:16 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 6688 88 KB
89 KB 182ms
181ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cb1dea9a75a2a0b00d02b29711e17f87c91cb5320aaa8edad240d63d2dea0132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 90465
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&access_token=4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm%5F9Un00gR0ZHRhA9k4t3wC0Po%2D1I4GHZUls0Pq59D%2Dt7y5wNR%2DUcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow&access_token_ttl=1646325732760&z=aOEYzMzI1NDZEQkZEMkQ3MiExOTkyMTQuNQS12F9_1_1504x846.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wordcapacity_2_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 9bc93056-e1c9-4446-b972-f516d4d02061
x-officefd: DM3PEPF00008A22
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:16 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 69335439321246C28EE82068D3C099C5 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:16Z
timing-allow-origin: *
expires: Fri, 10 Feb 2023 16:42:16 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 6688 1 KB
2 KB 181ms
180ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

016688c750ec69bf4a8b4e01ffea14c6297bd5d99d8ca9469ec829a4611af682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1300
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&access_token=4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm%5F9Un00gR0ZHRhA9k4t3wC0Po%2D1I4GHZUls0Pq59D%2Dt7y5wNR%2DUcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow&access_token_ttl=1646325732760&z=aOEYzMzI1NDZEQkZEMkQ3MiExOTkyMTQuNQS12F9_2_1504x846.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wordcapacity_2_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 9d4ec103-87a5-4b12-accf-bba98d1faedf
x-officefd: DM3PEPF00008A21
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:16 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: A1A5D600940A42ED9F1962A12F7C7FBF Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:16Z
timing-allow-origin: *
expires: Fri, 10 Feb 2023 16:42:16 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 6688 5 KB
6 KB 531ms
531ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ddb5a354e07d1866e8fe1de2fc9a4c70f6d1e254687930f74cbb4570a12fdeb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5177
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&access_token=4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm%5F9Un00gR0ZHRhA9k4t3wC0Po%2D1I4GHZUls0Pq59D%2Dt7y5wNR%2DUcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow&access_token_ttl=1646325732760&z=aOEYzMzI1NDZEQkZEMkQ3MiExOTkyMTQuNQS12F9_3_1504x846.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wordcapacity_2_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 4825e8ac-294c-4325-b0db-ab7ad64b737d
x-officefd: DM3PEPF00001D4B
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:16 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 367D3B1A6E6F4C7DB9972B71D3CD9088 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:16Z
timing-allow-origin: *
expires: Fri, 10 Feb 2023 16:42:16 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 6688 10 KB
3 KB 181ms
181ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b9bca722dc0a7d848dfbfd8d3adf1d2e7babe53b6a72156a595541d675708bae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm_9Un00gR0ZHRhA9k4t3wC0Po-1I4GHZUls0Pq59D-t7y5wNR-UcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow
X-UserSessionId: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
Accept-Language: en-GB,en;q=0.9
X-OfficeVersion: 16.0.15007.40503
X-Key: BJPYIA8Hco5oPxASyVux/NAhgy3IHBuL9Gn1OPljI6Y=,637801081336836685
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1646325732760
X-WacCluster: US1C

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2093
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wordcapacity_2_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: e212991a-95b3-44a1-9d17-15a45f4b6824
x-officefd: DM3PEPF00008A21
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:17 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 8F888AA9B71C404BB1FD24904FD53BE3 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:17Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 6688 105 KB
105 KB 521ms
521ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fb367795ed8add61b8ecc91440ba0a2beb91662375b184d740542c735529cac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 107222
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&access_token=4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm%5F9Un00gR0ZHRhA9k4t3wC0Po%2D1I4GHZUls0Pq59D%2Dt7y5wNR%2DUcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow&access_token_ttl=1646325732760&z=aOEYzMzI1NDZEQkZEMkQ3MiExOTkyMTQuNQS12FA_1_1504x846.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wordcapacity_2_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 2a0badee-f687-42be-84a5-3746f80eff23
x-officefd: DM3PEPF00008A22
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:17 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: CD619E545F89465ABC4E90F9096FB9A3 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:17Z
timing-allow-origin: *
expires: Fri, 10 Feb 2023 16:42:17 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 6688 5 KB
5 KB 465ms
465ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e47026441e3c171814dbcd253209f3e6e2226328bfe26911beb829729c829a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5115
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&access_token=4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm%5F9Un00gR0ZHRhA9k4t3wC0Po%2D1I4GHZUls0Pq59D%2Dt7y5wNR%2DUcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow&access_token_ttl=1646325732760&z=aOEYzMzI1NDZEQkZEMkQ3MiExOTkyMTQuNQS12FA_2_1504x846.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wordcapacity_2_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: d2a5e369-25b7-4d46-a8c4-a7e988aea19e
x-officefd: DM3PEPF00008A1F
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:17 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: E7E3ED6757AA4E0A8245280FD77CFA92 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:17Z
timing-allow-origin: *
expires: Fri, 10 Feb 2023 16:42:17 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 6688 283 B
745 B 232ms
232ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c421858f0688321c0e306469ac87642cb5097470d164ee3294419e531a2e8b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-GB&rs=en-US&hid=l4satyWT+k2wjfsAXbQ5XA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&wdo=2&wde=pptx&sc=host%3D%26qt%3DDefault&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: US1C
x-officeversion: 16.0.15007.40503
x-officefe: DM3PEPF00001D54
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 283
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F8F332546DBFD2D72%21199214&access_token=4w0jSeLNtbW5xRTXmTSeQPzeezl2CZY7MHtDgq1ECTm%5F9Un00gR0ZHRhA9k4t3wC0Po%2D1I4GHZUls0Pq59D%2Dt7y5wNR%2DUcQI5Timg1m5Mu14aSD1JtKhBCUciZTg1vdbG5HEw8i8JWIID4D3vVWCo1Ow&access_token_ttl=1646325732760&z=aOEYzMzI1NDZEQkZEMkQ3MiExOTkyMTQuNQS12FA_3_1504x846.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wordcapacity_2_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 19063cb8-e82b-4e62-9283-9410e366f103
x-officefd: DM3PEPF00001D4B
x-usersessionid: 9d02576c-1dc7-4247-8ff0-a15f45c8399e
date: Thu, 10 Feb 2022 16:42:17 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 9E47D9C8348B479BB6C0CD18CF3D9F97 Ref B: AMS04EDGE3219 Ref C: 2022-02-10T16:42:17Z
timing-allow-origin: *
expires: Fri, 10 Feb 2023 16:42:17 GMT

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 6688 24 B
431 B 232ms
60ms XHR
application/json 51.132.193.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,b664cab4b3f24a739be75b93b026749e-65c206a3-a985-48b4-8b50-36c56c3ce309-7201&upload-time=1644511337609&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptScripts/otelFullNext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.132.193.104 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 4a43245106e0874b95dc5edec8fc630a06f82bf5ce87f245b1b9cd286313ca59

Request headers

Referer: https://powerpoint.officeapps.live.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 10 Feb 2022 16:42:17 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 193
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://powerpoint.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

POST GetSlide
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 6688 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.live.com/	1969-12-31 23:59:59	Name: xid Value: 8412a1a8-91b8-4f48-a4c4-38422f41deac&&RD0004FFA72139&74
.live.com/	1970-01-20 00:58:36	Name: wla42 Value:
.live.com/	1970-01-20 09:33:07	Name: mkt Value: en-GB
.live.com/	1969-12-31 23:59:59	Name: xidseq Value: 2
.live.com/	1969-12-31 23:59:59	Name: E Value: P:DqMISrTs2Yg=:95LAZO7qfe/scenZRvFme2L+s0Pm/xpemUqmV62gyBk=:F
powerpoint.officeapps.live.com/	1970-01-20 02:56:37	Name: DcLcid Value: ui=2057&data=1033
powerpoint.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
.powerpoint.officeapps.live.com/	1969-12-31 23:59:59	Name: US1C-ARRAffinity Value: 050e58274a24418b81d9eae46df1fb10a68385fc1e027e252d691d10c51575f9
.live.com/	1969-12-31 23:59:59	Name: BP Value: l=SDX.Skydrive&FR=&ST=
onedrive.live.com/	1970-01-22 21:57:35	Name: MicrosoftApplicationsTelemetryDeviceId Value: 3b750574-083f-3a9f-e438-06ef8be06b9d
onedrive.live.com/	1970-01-22 21:57:35	Name: MicrosoftApplicationsTelemetryFirstLaunchTime Value: 1644511336118
.live.com/	1970-01-20 10:10:07	Name: MUID Value: 30A3A8F0051B608006C3B9B7011B64E1
.bing.com/	1970-01-20 10:10:07	Name: MUID Value: 30A3A8F0051B608006C3B9B7011B64E1
.c.bing.com/	1970-01-20 10:10:07	Name: SRM_B Value: 30A3A8F0051B608006C3B9B7011B64E1
.c.bing.com/	1970-01-20 10:10:07	Name: SRM_L Value: 30A3A8F0051B608006C3B9B7011B64E1
.c.live.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.live.com/	1970-01-20 00:48:31	Name: ANONCHK Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/segoeui.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://c1-powerpoint-15.cdn.office.net/p/s/161500740503_PptResources/2057/segoeui.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.live.com
c1-officeapps-15.cdn.office.net
c1-powerpoint-15.cdn.office.net
js.live.net
onedrive.live.com
p.sfx.ms
powerpoint.officeapps.live.com
skyapi.onedrive.live.com
spoprod-a.akamaihd.net
powerpoint.officeapps.live.com
104.90.146.78
13.105.28.48
13.107.42.13
13.65.40.209
152.199.19.160
20.189.173.2
2620:1ec:a92::171
2620:1ec:c11::200
2a02:26f0:fb:593::4b36
2a02:26f0:fb:5a1::4b36
51.132.193.104
52.142.114.2
92.123.195.42
016688c750ec69bf4a8b4e01ffea14c6297bd5d99d8ca9469ec829a4611af682
09f6c8293dec26567f220f12acd488876fbbf40ad2c67e0f0f4766de6bda8981
0c76d70e9992d863540c63932b0b04820c2ffb3c2f0b44d949af68cdb43fc95d
1ed2de1602572ad965b2aceb11327f1451fed8d236c9b4861e531f7d9b6b1840
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
249707e7f89a6e2da01e0093e2e6971d727245ac2ea0df956ddab99aaff80c65
29d8798ab31b6507f7d96448436aa76d5dfc0c82c1efcdc4e39a24c4da8178d3
2a37c9e7b8440a0c5c0a5db1c54a8d90d310129b814624bab725492eb256eeb9
360131f6a0cebba26e32c706603a4c7f5c70393fe2e7d9f369274bdc6a86c198
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3b55d15beaf3a5efccab2703a6149fdbc44e2cdcc388ab9ba7e100455a26a77f
483a5ffd1ef86f8ed77f4541e020f4a5c6b7aa1419f92f5ad728e5a8998efd5b
48588a2abdfd892954b36ed99b244788a6e6b2566a46fc6778d06c6b6b2c43e3
4a43245106e0874b95dc5edec8fc630a06f82bf5ce87f245b1b9cd286313ca59
4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171
5730e4eb9b4d6917835fb4add1d0f65a2bfc9b47f4346d1a793be949d5255c6f
620c0dbd9b62684f82609c2e379b909307bfaf4766195c0debda8c26ce91ff93
63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5
6dab90815086a487c410891330ea4451ac96a79cf74d9a61a65e1c51a24e6a52
71d842c9de99f8965d973113b192dd688f1b5d6615a177251c3f141e2ef5f771
85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449
8cb46846429ec2132038f864899ec7abda646a8a3b7d6d46aeaf665201dc8c7c
8e178ca987d2807df5206ab129246e34479bb868b785089f5e24991b3120f176
8e7c0b66b454a6873389924256a3b19b393d7b9d9ce7f8f1fbb2785c019d8826
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
adf1d40408ee9a8ee51a8f61e1fa38390f7f80ffe0e5fb34f866b0dbf247ecda
b108f1796626c2796bd612abdb0abddba4cd8e31c9e1e33eefc987a95dd78914
b26dc65c5d0e54f74ecf380642f00e93b0fa73971415fc26b9de77790d68aae3
b323d86681653d7e2e92716f79f18a324b1337dd9ad3d456644ca9fb7493ffa3
b75e2161fc0e6fdadef210b391b117852f75fa88b85e057092b18b1fe0b60f1d
b9bca722dc0a7d848dfbfd8d3adf1d2e7babe53b6a72156a595541d675708bae
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
befd6b76fa27121afcbc45c7ffaf1ed27728d1e37bd803bd7bda09417c408a5f
c421858f0688321c0e306469ac87642cb5097470d164ee3294419e531a2e8b04
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c77904caea30dfa3c4da76ad762e53906fcdc7adbc26a0e7d94be86a10869b0b
cb1dea9a75a2a0b00d02b29711e17f87c91cb5320aaa8edad240d63d2dea0132
cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
ddb5a354e07d1866e8fe1de2fc9a4c70f6d1e254687930f74cbb4570a12fdeb8
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6
e441bb2cea80ca356c69595682c3b7d76c341566b5f851b352434e9eaadf136b
e47026441e3c171814dbcd253209f3e6e2226328bfe26911beb829729c829a5d
e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c
e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5
fb367795ed8add61b8ecc91440ba0a2beb91662375b184d740542c735529cac5
fcfdea4a58e08e0769001e9d62d5af50155b3f752cd842a645acc2623defd6c3

onedrive.live.com Open in urlscan Pro 13.107.42.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

96 %HTTPS

31 %IPv6

8 Domains

13 Subdomains

13 IPs

4 Countries

4050 kBTransfer

7458 kBSize

17 Cookies

1 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

96 %
HTTPS

31 %
IPv6

8
Domains

13
Subdomains

13
IPs

4
Countries

4050 kB
Transfer

7458 kB
Size

17
Cookies

67 HTTP transactions
0 data transactions