URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0...
Submission: On April 21 via manual from GB

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2620:1ec:a92::171, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is powerpoint.officeapps.live.com.
TLS certificate: Issued by Microsoft IT TLS CA 1 on February 18th 2020. Valid for: 2 years.
This is the only time powerpoint.officeapps.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2620:1ec:a92:... 8068 (MICROSOFT...)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
4 2a02:26f0:310... 20940 (AKAMAI-ASN1)
3 2a02:26f0:310... 20940 (AKAMAI-ASN1)
12 4
Domain Requested by
4 c1-powerpoint-15.cdn.office.net powerpoint.officeapps.live.com
3 c1-officeapps-15.cdn.office.net powerpoint.officeapps.live.com
3 powerpoint.officeapps.live.com powerpoint.officeapps.live.com
2 c.s-microsoft.com powerpoint.officeapps.live.com
12 4

This site contains no links.

Subject Issuer Validity Valid
officeapps.live.com
Microsoft IT TLS CA 1
2020-02-18 -
2022-02-18
2 years crt.sh
www.microsoft.com
Microsoft IT TLS CA 5
2019-10-21 -
2021-10-21
2 years crt.sh
*.cdn.office.net
Microsoft IT TLS CA 1
2019-10-31 -
2021-10-31
2 years crt.sh

This page contains 1 frames:

Primary Page: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
Frame ID: 40CEC7B77435D1A7A24AF29CDC0F7468
Requests: 12 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Page Statistics

12
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

492 kB
Transfer

2255 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request PowerPointFrame.aspx
powerpoint.officeapps.live.com/p/
21 KB
23 KB
Document
General
Full URL
https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bcdfed068a4a66ced55a2c5313acb2611383caebf02af933be8c18ad12a71812
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
powerpoint.officeapps.live.com
:scheme
https
:path
/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
expires
-1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1033&data=1033; expires=Tue, 21-Jul-2020 08:44:06 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure
x-correlationid
716fe160-af4c-4814-b075-5ece0fe39c9e
x-usersessionid
716fe160-af4c-4814-b075-5ece0fe39c9e
strict-transport-security
max-age=31536000
timing-allow-origin
*
origin-trial
ApjnZzULQW2j+i9/++Pj2WfVVByLoS5iZEVBPKULeFRNzLpMlHgeKsGOK4+MyK1AqsSdMI92vD2CSaa45EOWMQgAAAB7eyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IkFsbG93U3luY1hIUkluUGFnZURpc21pc3NhbCIsImV4cGlyeSI6MTU5MzM1NjU4NCwiaXNTdWJkb21haW4iOnRydWV9,AktAaQJK0LkEoh/qQ/vTovjHNk8hAtrepa1AYDtpeGHBdcRht7H0g/YI9EWFOpnXX5F0bdV0tM/mEAdFpD3jUgsAAAB2eyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IkV4cGVyaW1lbnRhbEpTUHJvZmlsZXIiLCJleHBpcnkiOjE1ODM4ODQ3OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-ccr
true
x-officefe
BL6PEPF0000051C
x-officeversion
16.0.12819.35628
x-officecluster
US6
x-content-type-options
nosniff
content-security-policy-report-only
font-src data: c1-powerpoint-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net uci.officeapps.live.com c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net content.lifecycle.office.net www.microsoft.com c.s-microsoft.com *.youtube.com s.ytimg.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com c.s-microsoft.com https:; media-src *.skype.com *.skypeassets.com *.officeapps.live.com https:; object-src 'self' *.youtube.com s.ytimg.com https:; child-src * https:; img-src * data: blob: https:; report-uri /p/reportcsp.ashx
x-officefd
BL6PEPF00000754
x-msedge-ref
Ref A: 28B6A8011C6042B4B773BF245FA40EBC Ref B: AMS04EDGE0615 Ref C: 2020-04-21T08:44:06Z
x-msedge-flight
qx9=tasmigration015,skb=typeheadertest,1fvv=multitenanttasmigration_115cf,1fxu=afd_waccluster
x-msedge-features
tasmigration015,typeheadertest,multitenanttasmigration_115cf,afd_waccluster
date
Tue, 21 Apr 2020 08:44:06 GMT
mscc-0.4.2.min.css
c.s-microsoft.com/mscc/statics/
1 KB
934 B
Stylesheet
General
Full URL
https://c.s-microsoft.com/mscc/statics/mscc-0.4.2.min.css
Requested by
Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3100:286::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
66c5d9882a954332c4aebef2386c7713a226fa617ddcd08d22f24e53ba5ec066

Request headers

Referer
https://powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 21 Apr 2020 08:44:06 GMT
content-encoding
gzip
last-modified
Fri, 10 Jan 2020 15:56:23 GMT
content-md5
QLyM0qNPDXd6ayzd1iIoLA==
status
200
etag
0x8D795E5A424E059
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c43cdb5c-301e-00bf-44fd-c707ee000000
x-ms-version
2009-09-19
content-length
626
stylesread.css
c1-powerpoint-15.cdn.office.net/p/s/161281935628_PptResources/1033/
282 KB
42 KB
Stylesheet
General
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161281935628_PptResources/1033/stylesread.css
Requested by
Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:287::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
c3335f40a8018ff01c148142faf3fb7064ed8af4cc3da9ba82422ced20fb3cee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"806323ce9517d61:0"
X-OfficeCluster
US4
X-CCR
true
X-OfficeVersion
16.0.12816.35628
X-OfficeFE
BL2PEPF000025DC
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
X-MSEdge-Flight
qx9=tasmigration015,skb=typeheadertest,1fvv=multitenanttasmigration_115cf,1fxu=afd_waccluster
Content-Length
42411
Cache-Control
public,max-age=31536000
X-MSEdge-Features
tasmigration015,typeheadertest,multitenanttasmigration_115cf,afd_waccluster
Last-Modified
Tue, 21 Apr 2020 04:32:03 GMT
X-OFFICEFD
BL2PEPF000023A7
X-MSEdge-Ref
Ref A: 961E1938D53445CF85D2EE0F63AA306B Ref B: AMS04EDGE0420 Ref C: 2020-04-21T04:32:02Z
X-UserSessionId
05c73aeb-e64e-420d-bf76-f16422f72bf3
Date
Tue, 21 Apr 2020 08:44:06 GMT
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
X-CorrelationId
05c73aeb-e64e-420d-bf76-f16422f72bf3
Accept-Ranges
bytes
Timing-Allow-Origin
*
MicrosoftAjax.js
c1-officeapps-15.cdn.office.net/p/s/161281935628_App_Scripts/
105 KB
27 KB
Script
General
Full URL
https://c1-officeapps-15.cdn.office.net/p/s/161281935628_App_Scripts/MicrosoftAjax.js
Requested by
Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:29d::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
85115acdc1b70c4a47daa1da31011b67bde417cbb718c5b3c73a914b82781bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://powerpoint.officeapps.live.com/
Origin
https://powerpoint.officeapps.live.com

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"807d3a849517d61:0"
X-OfficeCluster
US4
X-CCR
true
X-OfficeVersion
16.0.12816.35628
X-OfficeFE
BL2PEPF00001DA3
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
X-MSEdge-Flight
qx9=tasmigration015,skb=typeheadertest,1fvv=multitenanttasmigration_115cf,1fxu=afd_waccluster
Content-Length
27035
Cache-Control
public,max-age=31536000
X-MSEdge-Features
tasmigration015,typeheadertest,multitenanttasmigration_115cf,afd_waccluster
Last-Modified
Tue, 21 Apr 2020 04:29:59 GMT
X-OFFICEFD
BL2PEPF00001187
X-MSEdge-Ref
Ref A: DDB68322C5344CED9D58422EE523D26F Ref B: AM3EDGE0519 Ref C: 2020-04-21T04:29:59Z
X-UserSessionId
d338a300-8dd1-44e9-bf95-f88409b71f7f
Date
Tue, 21 Apr 2020 08:44:06 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
d338a300-8dd1-44e9-bf95-f88409b71f7f
Accept-Ranges
bytes
Timing-Allow-Origin
*
mscc-0.4.2.min.js
c.s-microsoft.com/mscc/statics/
4 KB
2 KB
Script
General
Full URL
https://c.s-microsoft.com/mscc/statics/mscc-0.4.2.min.js
Requested by
Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3100:286::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a188e6c4c6729c3abbe6a34e45b5c3d7d65ffc659e1baa46632ffb1c876e815c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://powerpoint.officeapps.live.com/
Origin
https://powerpoint.officeapps.live.com

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 21 Apr 2020 08:44:06 GMT
content-encoding
gzip
last-modified
Fri, 10 Jan 2020 15:56:14 GMT
content-md5
AO6kLOW8s6NiicKEPl74tA==
status
200
etag
0x8D795E59EC908A0
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
12ac3cb7-b01e-000f-19fd-c7fe6e000000
x-ms-version
2009-09-19
content-length
2017
cookiecompliance.js
c1-officeapps-15.cdn.office.net/p/s/161281935628_App_Scripts/
9 KB
3 KB
Script
General
Full URL
https://c1-officeapps-15.cdn.office.net/p/s/161281935628_App_Scripts/cookiecompliance.js
Requested by
Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:29d::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
910f1f3ce687cfde1a12415fe73a4465e7a2f851177c33ca8e9f3b5c5f93c41c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://powerpoint.officeapps.live.com/
Origin
https://powerpoint.officeapps.live.com

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"8066dfb99517d61:0"
X-OfficeCluster
US4
X-CCR
true
X-OfficeVersion
16.0.12816.35628
X-OfficeFE
BL2PEPF00001E22
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
X-MSEdge-Flight
qx9=tasmigration015,skb=typeheadertest,1fvv=multitenanttasmigration_115,1fxu=afd_waccluster
Content-Length
1945
Cache-Control
public,max-age=31536000
X-MSEdge-Features
tasmigration015,typeheadertest,multitenanttasmigration_115,afd_waccluster
Last-Modified
Tue, 21 Apr 2020 04:31:29 GMT
X-OFFICEFD
BL2PEPF000023AC
X-MSEdge-Ref
Ref A: CA931B304E2141EDB1DBEFDF24F88EC1 Ref B: AM3EDGE1014 Ref C: 2020-04-21T04:31:29Z
X-UserSessionId
0cb8ffa4-9abb-47e0-bbee-1a2d3745d7ff
Date
Tue, 21 Apr 2020 08:44:06 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
0cb8ffa4-9abb-47e0-bbee-1a2d3745d7ff
Accept-Ranges
bytes
Timing-Allow-Origin
*
powerpointintl.js
c1-powerpoint-15.cdn.office.net/p/s/161281935628_PptScripts/1033/
175 KB
49 KB
Script
General
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161281935628_PptScripts/1033/powerpointintl.js
Requested by
Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:287::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
ea7f2800fea2215c63f9ccf2ca27f063267b340aca0d451540b39e3b74cf6087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://powerpoint.officeapps.live.com/
Origin
https://powerpoint.officeapps.live.com

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"806323ce9517d61:0"
X-OfficeCluster
US6
X-CCR
true
X-OfficeVersion
16.0.12816.35628
X-OfficeFE
BL6PEPF0000053A
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
X-MSEdge-Flight
qx9=tasmigration015,skb=typeheadertest,1fvv=multitenanttasmigration_115,1fxu=afd_waccluster
Content-Length
48901
Cache-Control
public,max-age=31536000
X-MSEdge-Features
tasmigration015,typeheadertest,multitenanttasmigration_115,afd_waccluster
Last-Modified
Tue, 21 Apr 2020 04:32:03 GMT
X-OFFICEFD
BL6PEPF000028A8
X-MSEdge-Ref
Ref A: D406555C689B40409DA6A55ECCEAFDDF Ref B: AM3EDGE0914 Ref C: 2020-04-21T04:32:02Z
X-UserSessionId
cba90cdc-d009-4430-9718-62979a60b8a2
Date
Tue, 21 Apr 2020 08:44:06 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
cba90cdc-d009-4430-9718-62979a60b8a2
Accept-Ranges
bytes
Timing-Allow-Origin
*
BootView.js
c1-powerpoint-15.cdn.office.net/p/s/161281935628_PptScripts/
2 MB
328 KB
Script
General
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161281935628_PptScripts/BootView.js
Requested by
Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:287::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
c26c607d8f0f001ad810f0327a4d4e6ef04b4a6b021740d0ee467c22b61b0a7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://powerpoint.officeapps.live.com/
Origin
https://powerpoint.officeapps.live.com

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
ETag
"5841a709517d61:0"
X-OfficeCluster
US6
X-CCR
true
X-OfficeVersion
16.0.12816.35628
X-OfficeFE
BL6PEPF00000516
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
X-MSEdge-Flight
qx9=tasmigration015,skb=typeheadertest,1fvv=multitenanttasmigration_115,1fxu=afd_waccluster
Content-Length
334605
Cache-Control
public,max-age=31536000
X-MSEdge-Features
tasmigration015,typeheadertest,multitenanttasmigration_115,afd_waccluster
Last-Modified
Tue, 21 Apr 2020 04:29:25 GMT
X-OFFICEFD
BL6PEPF000028B3
X-MSEdge-Ref
Ref A: 17DAA5D5BFC84E8B9A986DCA3A2F7430 Ref B: AMS04EDGE0509 Ref C: 2020-04-21T04:31:18Z
X-UserSessionId
02d63ce8-b0c7-4ec5-ae9e-7a59c19a7695
Date
Tue, 21 Apr 2020 08:44:06 GMT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
02d63ce8-b0c7-4ec5-ae9e-7a59c19a7695
Accept-Ranges
bytes
Timing-Allow-Origin
*
progress.gif
c1-officeapps-15.cdn.office.net/p/s/161281935628_resources/1033/
695 B
2 KB
Image
General
Full URL
https://c1-officeapps-15.cdn.office.net/p/s/161281935628_resources/1033/progress.gif
Requested by
Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:29d::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"46646849517d61:0"
X-OfficeCluster
US6
X-CCR
true
X-OfficeVersion
16.0.12816.35628
X-OfficeFE
BL6PEPF00000530
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
X-MSEdge-Flight
qx9=tasmigration015,skb=typeheadertest,1fvv=multitenanttasmigration_115cf,1fxu=afd_waccluster
Content-Length
695
Cache-Control
public,max-age=31536000
X-MSEdge-Features
tasmigration015,typeheadertest,multitenanttasmigration_115cf,afd_waccluster
Last-Modified
Tue, 21 Apr 2020 04:29:59 GMT
X-OFFICEFD
BL6PEPF0000073D
X-MSEdge-Ref
Ref A: 49602BDDD9ED489DB8F175E9F0FA4EE0 Ref B: AMS04EDGE0212 Ref C: 2020-04-21T04:29:58Z
X-UserSessionId
cc1aaa91-d6cc-4067-8267-9b3c82e7ad5d
Date
Tue, 21 Apr 2020 08:44:06 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-CorrelationId
cc1aaa91-d6cc-4067-8267-9b3c82e7ad5d
Accept-Ranges
bytes
Timing-Allow-Origin
*
prt.png
c1-powerpoint-15.cdn.office.net/p/s/161281935628_PptResources/1033/
13 KB
14 KB
Image
General
Full URL
https://c1-powerpoint-15.cdn.office.net/p/s/161281935628_PptResources/1033/prt.png
Requested by
Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:287::1c24 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://powerpoint.officeapps.live.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"88428f839517d61:0"
X-OFFICEFD
BL6PEPF00000749
X-OfficeVersion
16.0.12816.35628
X-OfficeFE
BL6PEPF00000522
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
X-MSEdge-Flight
qx9=tasmigration015,skb=typeheadertest,1fvv=multitenanttasmigration_115,1fxu=afd_waccluster
Content-Length
13611
Cache-Control
public,max-age=31536000
X-MSEdge-Features
tasmigration015,typeheadertest,multitenanttasmigration_115,afd_waccluster
Last-Modified
Tue, 21 Apr 2020 04:29:57 GMT
X-OfficeCluster
US6
X-MSEdge-Ref
Ref A: 51DB683E5C894B7182B106A77DBBFD92 Ref B: AM3EDGE0109 Ref C: 2020-04-21T04:29:57Z
X-UserSessionId
17b7bc03-042f-42fc-a396-585593028567
Date
Tue, 21 Apr 2020 08:44:06 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
17b7bc03-042f-42fc-a396-585593028567
Accept-Ranges
bytes
Timing-Allow-Origin
*
RemoteUls.ashx
powerpoint.officeapps.live.com/p/
0
337 B
XHR
General
Full URL
https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.12819.35628&waccluster=US6
Requested by
Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
X-UserSessionId
716fe160-af4c-4814-b075-5ece0fe39c9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-BrowserUlsBeacon
[{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
US6
x-officeversion
16.0.12819.35628
x-officefe
BL6PEPF00000542
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
x-msedge-flight
qx9=tasmigration015,skb=typeheadertest,1fvv=multitenanttasmigration_115cf,1fxu=afd_waccluster
content-length
0
x-msedge-features
tasmigration015,typeheadertest,multitenanttasmigration_115cf,afd_waccluster
x-correlationid
32e67da4-b202-4919-a4c9-484c1e975e83
x-officefd
BL6PEPF00002BC7
x-ccr
true
x-usersessionid
716fe160-af4c-4814-b075-5ece0fe39c9e
date
Tue, 21 Apr 2020 08:44:06 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 21AD8B6849D547008CBC1C2E68670DD6 Ref B: AMS04EDGE0615 Ref C: 2020-04-21T08:44:06Z
timing-allow-origin
*
RemoteUls.ashx
powerpoint.officeapps.live.com/p/
0
167 B
XHR
General
Full URL
https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.12819.35628&waccluster=US6
Requested by
Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ReadingView&ui=en-US&rs=en-US&hid=twIDv+aBCkOHJqfdKp5y/A.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FE845F3743FC17A9A%211232&wdo=2&wde=pptx&sc=host%3D%26qt%3DFolders&wdp=3
X-UserSessionId
716fe160-af4c-4814-b075-5ece0fe39c9e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-BrowserUlsBeacon
[{"Index":1,"MsSinceStart":22,"Value":"https://c.s-microsoft.com/mscc/statics/mscc-0.4.2.min.css","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-officecluster
US6
x-officeversion
16.0.12819.35628
x-officefe
BL6PEPF00000517
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-disposition
attachment
x-msedge-flight
qx9=tasmigration015,skb=typeheadertest,1fvv=multitenanttasmigration_115cf,1fxu=afd_waccluster
content-length
0
x-msedge-features
tasmigration015,typeheadertest,multitenanttasmigration_115cf,afd_waccluster
x-correlationid
e67b545b-5050-46b6-8c6a-33bf2d1d7a87
x-officefd
BL6PEPF00000747
x-ccr
true
x-usersessionid
716fe160-af4c-4814-b075-5ece0fe39c9e
date
Tue, 21 Apr 2020 08:44:06 GMT
x-download-options
noopen
content-type
text/plain
access-control-allow-origin
https://powerpoint.officeapps.live.com
access-control-expose-headers
X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control
private
x-msedge-ref
Ref A: 06F2D89880A745ECBF108D80827750F7 Ref B: AMS04EDGE0615 Ref C: 2020-04-21T08:44:06Z
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| g_firstByte object| g_cssLT object| g_jsLT undefined| g_bootScriptsStartTime undefined| g_bootScriptsEndTime object| WindowVisibilityMetrics object| _bB object| g_splashScreenShown object| loadingLabel object| __startTime object| __dataCultureString function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events object| mscc boolean| g_cookieBannerVisible object| CookieComplianceConstants function| CookieComplianceSettings function| ConsentSettings object| WacCookieCompliance object| CommonStrings object| CommonUIStrings object| ResourceStrings object| g_afterJs function| __loadCompatLayer function| __supportsCompatLayer function| $$ct function| $$as function| $41 function| isUndefined function| isNull function| isNullOrUndefined function| $$methodFrame function| hardSigninCompleted function| InfoAtLevel function| MenuModel function| SyncStatusModel function| SyncControlStatusModel function| SyncStatusCalloutContent function| SyncStatusCalloutBody function| SyncStatusCalloutButton function| UlsExternalLogger function| IsSupportedSilverlightVersionInstalled function| BrowserSupportsRequiredSvgFeatures function| DetectVectorSupport function| onPageLoaded function| ControlVersion function| GetSwfVer function| DetectFlashVer function| CrashInfo function| TimeLineMapping function| TimeLineInfo function| UlsLogArgs function| MediaEventType function| Dione function| InkPlayer function| PowerPointWebViewerAppMetadata function| PowerPointWebViewerContentMetadata function| deserializeXmlDom function| maximizeWindow function| fetchJSWithoutParsing_scriptTag function| fetchJSWithoutParsing_imageTag function| fetchJSWithoutParsing_objectTag function| fetchJSWithoutParsing_prefetchTag function| addToMediaProxyMap function| SilverlightCallback_OnResourceLoaded function| GetMediaXapPath function| SilverlightCallback_OnMediaEvent function| SilverlightCallback_OnUnhandledException function| mat16 function| mat16Identity function| mat16Mul function| mat16MulVec3 function| mat16Translate function| mat16Scale function| mat16RotateX function| mat16RotateY function| mat16RotateZ function| hexToRgb function| createMeshDefault function| createMeshMask function| rect function| drawMeshDefault function| drawMeshCC function| drawMeshMask function| drawMeshAlpha function| drawMeshMorph function| getShader function| initShaders function| initPrograms function| programInit function| useProgramDefault function| useProgramMorphFade function| useProgramMorphCrossfade function| useProgramMorphBg function| useProgramAlpha function| useProgramCC function| useProgramMask function| initGL function| render_cc function| render_texture function| drawMultiShapeMorphTexture function| initTextureFrameBuffer function| render_alpha function| bindFramebuffer function| drawBitmapForClipAnimation function| getInnerText function| setInnerText function| clearElement function| browserIsInternetExplorer function| browserIsFirefox function| setElementOpacity function| stopPropagation function| getEventObject function| setCapture function| releaseCapture function| getImageNativeWidth function| getImageNativeHeight function| preloadVMLImage object| otel object| health function| IExternalLogger object| qosWac object| VisioUISurveyExample object| VisioUserInitiatedSurveysDictionary object| OneNoteUISurveyExample object| OneNoteUserInitiatedSurveysDictionary object| ExcelUISurveyExample object| ExcelUserInitiatedSurveysDictionary object| MSOJS undefined| Debug object| TL object| TN object| TS object| JSAE object| WGL object| BL object| SM object| PPTIdeasSurvey object| PPTRehearsePresentationSurvey object| PPTUserInitiatedSurveysDictionary boolean| flashDetect_isIE boolean| flashDetect_isWin boolean| flashDetect_isOpera boolean| g_loadedMediaDLL boolean| g_fAbortMediaPlayback string| c_mediaAssemblyName string| c_mediaXapName string| c_MediaManagerProxyClassName string| c_elementType object| g_mediaProxyToContentTypeMap function| __getNonTextNode function| __getLocation function| navigate function| attachEvent function| detachEvent function| IEnumerable function| IEnumerator object| $$sc object| Common object| Diag object| Otel object| System object| CommonUI object| common object| BasicChat object| PPTCampaignsObj object| VisioCampaignsObj object| ExcelCampaignsObj object| OneNoteCampaignsObj object| CAUI object| CADWLTR object| Fdbk object| PPTe object| PowerPoint object| DiagUse function| GetNameSpace object| PowerPointWeb object| Silverlight

2 Cookies

Domain/Path Name / Value
powerpoint.officeapps.live.com/ Name: BIGipCookie
Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
powerpoint.officeapps.live.com/ Name: DcLcid
Value: ui=1033&data=1033

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff