oaimplan.ca Open in urlscan Pro
192.0.78.227 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://oaimplan.ca/
Submission Tags: falconsandbox
Submission: On December 15 via api (December 15th 2021, 4:46:28 pm UTC) from US — Scanned from CA

Summary HTTP 86 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 10 domains to perform 86 HTTP transactions. The main IP is 192.0.78.227, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is oaimplan.ca.
TLS certificate: Issued by R3 on October 15th 2021. Valid for: 3 months.

This is the only time oaimplan.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	192.0.78.227 192.0.78.227	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
1	13.107.43.13 13.107.43.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	192.0.72.2 192.0.72.2	2635 (AUTOMATTIC) (AUTOMATTIC)
7	23.215.130.42 23.215.130.42	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
25	13.107.6.171 13.107.6.171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
14	2600:1400:d:5... 2600:1400:d:5ac::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.105.45.76 104.105.45.76	16625 (AKAMAI-AS) (AKAMAI-AS)
2	20.42.73.25 20.42.73.25	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
86	13

16 192.0.78.227 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

oaimplan.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.0.72.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

videos.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.215.130.42 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-215-130-42.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 13.107.6.171 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

powerpoint.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:1400:d:5ac::4b36 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

c1-powerpoint-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1-officeapps-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.105.45.76 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-45-76.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.42.73.25 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	live.com onedrive.live.com powerpoint.officeapps.live.com	778 KB
16	oaimplan.ca 1 redirects oaimplan.ca	1 MB
14	office.net c1-powerpoint-15.cdn.office.net c1-officeapps-15.cdn.office.net	611 KB
8	wordpress.com videos.files.wordpress.com	37 KB
7	akamaihd.net spoprod-a.akamaihd.net	300 KB
6	gstatic.com fonts.gstatic.com	149 KB
4	wp.com s0.wp.com stats.wp.com pixel.wp.com	5 KB
2	microsoft.com browser.events.data.microsoft.com	765 B
2	googleapis.com fonts.googleapis.com	3 KB
1	live.net js.live.net	16 KB
86	10

	Domain	Requested by
25	powerpoint.officeapps.live.com	powerpoint.officeapps.live.com c1-powerpoint-15.cdn.office.net c1-officeapps-15.cdn.office.net
16	oaimplan.ca	1 redirects oaimplan.ca
10	c1-powerpoint-15.cdn.office.net	powerpoint.officeapps.live.com c1-powerpoint-15.cdn.office.net
8	videos.files.wordpress.com	oaimplan.ca
7	spoprod-a.akamaihd.net	onedrive.live.com
6	fonts.gstatic.com	fonts.googleapis.com
4	c1-officeapps-15.cdn.office.net	powerpoint.officeapps.live.com c1-powerpoint-15.cdn.office.net
2	browser.events.data.microsoft.com	c1-powerpoint-15.cdn.office.net
2	pixel.wp.com	oaimplan.ca
2	fonts.googleapis.com	oaimplan.ca
1	js.live.net	c1-powerpoint-15.cdn.office.net
1	onedrive.live.com	oaimplan.ca
1	stats.wp.com	oaimplan.ca
1	s0.wp.com	oaimplan.ca
86	14

This site contains links to these domains. Also see Links.

Domain
www.oaimplan.ca
www.fairnessfordrivers.ca
www.instagram.com
twitter.com
www.facebook.com
www.lionsavenue.ca

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2021-10-15` - `2022-01-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
onedrive.com Microsoft RSA TLS CA 01	`2021-08-13` - `2022-08-13`	a year	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-21` - `2022-01-21`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2021-01-26` - `2022-01-26`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2021-09-29` - `2022-09-29`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02	`2021-12-12` - `2022-12-07`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://oaimplan.ca/
Frame ID: AE3AAA819C092C7941E4065E5DB8DBE2
Requests: 44 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=C30D97E25D93C82D&resid=C30D97E25D93C82D%21114&authkey=AJGVBKSBDMEzA_M&em=2&wdAr=1.7777777777777777
Frame ID: 4EB046B2501DC6B0D00343C06E195E23
Requests: 8 HTTP requests in this frame

Frame: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
Frame ID: 5FEDBA348216C492E87736BDF17B722D
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Ontario AIM Plan

Page Statistics

86
Requests

98 %
HTTPS

25 %
IPv6

10
Domains

14
Subdomains

13
IPs

1
Countries

3102 kB
Transfer

8977 kB
Size

2
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.oaimplan.ca/#about
Title: About

Search URL Search Domain Scan URL

URL: https://www.oaimplan.ca/#blog
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.fairnessfordrivers.ca/
Title: https://www.fairnessfordrivers.ca/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/carteririss/
Title: 

Search URL Search Domain Scan URL

URL: https://twitter.com/CarterIriss
Title: 

Search URL Search Domain Scan URL

URL: https://www.facebook.com/oaimplan.ca
Title: 

Search URL Search Domain Scan URL

URL: https://www.lionsavenue.ca/
Title: Lions Avenue

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://oaimplan.ca/perfect-1-mp4/ HTTP 301
https://videos.files.wordpress.com/q9nSdkIR/perfect-1.mp4

86 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
oaimplan.ca/ 33 KB
10 KB 633ms
572ms Document
text/html 192.0.78.227
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.227 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2bc42c332f9fc7827775426c087b00725af19fe97e977117583d7c2d1465a01a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

server: nginx
date: Wed, 15 Dec 2021 16:46:21 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
link: <https://oaimplan.ca/wp-json/>; rel="https://api.w.org/" <https://oaimplan.ca/wp-json/wp/v2/pages/1311>; rel="alternate"; type="application/json" <https://wp.me/PbRvZh-l9>; rel=shortlink
last-modified: Wed, 15 Dec 2021 16:46:21 GMT
cache-control: max-age=300, must-revalidate
x-nananana: Batcache-Set
content-encoding: br
x-ac: 2.yyz _atomic_dca

GET
H2 200 /
oaimplan.ca/_static/ 1021 KB
123 KB 240ms
239ms Stylesheet
text/css 192.0.78.227
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://oaimplan.ca/_static/??-eJylkd0KwjAMRl/IWn9wsAvxxveQrg1dXNqOpXP07e3Ui02QDbwp+cg5IaRDK9Br6g2w1MzSIEdZUdCNIKw61SXJMRFsHfptBjbDRLizdGBQAYEDH2ehJZWgEwRW6bTKzr1pnjo6+DgiLfUWfVYhtko30gXTUx5F2OT3veiXEus8jeUVH7gICF0jmb+wXxtyrTowypj0KtHbJfOWDyU5aFQkKNjAs7DmOuN/fuoRvbjzvjiWp11ZFocnWdG+8Q==

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.227 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d2149f078f9179c941055fc6b7e331c88d994ffe27cf121c04f260ac4cb01920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 14 Dec 2021 19:26:02 GMT
server: nginx
x-page-optimize: uncached
etag: W/"c5d364a4110d6ddc4da1430dc439876d"
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
date: Wed, 15 Dec 2021 16:46:21 GMT
x-ac: 2.yyz _atomic_dca
host-header: WordPress.com

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 97ms
49ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac97bc7f217e4f44ef06f70136d703ef07504dcb904e0848bee504cc8a4aafc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 15:04:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 15 Dec 2021 16:46:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Dec 2021 16:46:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 19 KB
972 B 97ms
50ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=latin,latin-ext&display=swap

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6af036a4ec23088a2e702e364d84320dbcd420a0c8c5ef82bac37006554e3ea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 16:41:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 15 Dec 2021 16:46:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Dec 2021 16:46:21 GMT

GET
H2 200 dashicons.min.css
oaimplan.ca/wp-includes/css/ 58 KB
35 KB 108ms
107ms Stylesheet
text/css 192.0.78.227
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://oaimplan.ca/wp-includes/css/dashicons.min.css?ver=5.8.2

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.227 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: nginx
etag: W/"603ffca6-e688"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Wed, 15 Dec 2021 16:46:21 GMT
x-ac: 2.yyz _atomic_dca
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
oaimplan.ca/wp-includes/js/jquery/ 87 KB
31 KB 117ms
116ms Script
application/javascript 192.0.78.227
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://oaimplan.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.227 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
etag: W/"6048e0ac-15db1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Wed, 15 Dec 2021 16:46:21 GMT
x-ac: 2.yyz _atomic_dca
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
oaimplan.ca/wp-includes/js/jquery/ 11 KB
4 KB 126ms
125ms Script
application/javascript 192.0.78.227
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://oaimplan.ca/wp-includes/js/jquery/jquery-migrate.min.js?m=1605690366

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.227 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Wed, 15 Dec 2021 16:46:21 GMT
x-ac: 2.yyz _atomic_dca
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modules.ttf
oaimplan.ca/wp-content/themes/Divi/core/admin/fonts/ 90 KB
37 KB 116ms
116ms Font
application/font-ttf 192.0.78.227
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://oaimplan.ca/wp-content/themes/Divi/core/admin/fonts/modules.ttf

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.227 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://oaimplan.ca/
Origin: https://oaimplan.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 19 Jan 2021 01:13:33 GMT
server: nginx
etag: W/"6006323d-168f0"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-ttf
access-control-allow-origin: *
cache-control: max-age=604800
date: Wed, 15 Dec 2021 16:46:21 GMT
x-ac: 2.yyz _atomic_dca
expires: Wed, 22 Dec 2021 16:46:21 GMT

GET
H2 200 et-core-unified-1311-1639534669177.min.css
oaimplan.ca/wp-content/et-cache/1311/ 15 KB
3 KB 168ms
168ms Stylesheet
text/css 192.0.78.227
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://oaimplan.ca/wp-content/et-cache/1311/et-core-unified-1311-1639534669177.min.css

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.227 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8eed6d3b0d7e2892aba59d98ee5075c0636b432fd655ad05ee40de3b1da38e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 15 Dec 2021 02:17:49 GMT
server: nginx
etag: W/"61b9504d-3ddf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
date: Wed, 15 Dec 2021 16:46:21 GMT
x-ac: 2.yyz _atomic_dca
expires: Wed, 22 Dec 2021 16:46:21 GMT

GET
H2 200 OAIM_Plan_Logo_Web-01.png
oaimplan.ca/wp-content/uploads/2021/01/ 126 KB
126 KB 179ms
178ms Image
image/png 192.0.78.227
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oaimplan.ca/wp-content/uploads/2021/01/OAIM_Plan_Logo_Web-01.png

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.227 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2236a701036e3774950d0af7b1412eb81573459737730932c55279b77d89b395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:46:22 GMT
x-ac: 2.yyz _atomic_dca
last-modified: Mon, 25 Jan 2021 00:53:50 GMT
server: nginx
etag: "600e169e-1f8eb"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 129259
expires: Wed, 22 Dec 2021 16:46:22 GMT

GET
H2 200 bilmur.min.js Show response
s0.wp.com/wp-content/js/ 5 KB
2 KB 60ms
20ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/bilmur.min.js?m=202150
Requested by: Host: oaimplan.ca
URL: https://oaimplan.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: ccd1ae8d139b4ddb53c470f4a9ff95259b89b0572b88bc33b4baf78636f2782d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 1
date: Wed, 15 Dec 2021 16:46:22 GMT
content-encoding: br
server: nginx
etag: W/"612678e4-1386"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 2.yyz _dca
timing-allow-origin: *
expires: Tue, 13 Dec 2022 00:00:01 GMT

GET
H2 200 / Show response
oaimplan.ca/_static/ 499 KB
131 KB 180ms
179ms Script
application/javascript 192.0.78.227
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://oaimplan.ca/_static/??-eJytkEkOwjAMRS9EawaB1AViwz1QmhhwaewqcYrg9FgMArFgxerLw/eX33movLAiKwx9ORBn6FAH50+wI/bQFuoDDEdR4afUkbju8uT8tuoRI2bY0kjQZfAlq8S6MO0Jw9fud8xTdyNykASumNWpkn9Nqt5dLxVFd7CIQFmB7FLK6JWEK2kzphHT/2M+Gj/+9ZIQXDAo99clRnnhMYB9CbZoAysxtkbjQW8T17PVollOm2Y1vwE7RpM8

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.227 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2a019bd15cc4934034490113d6ab3845f2287da2fa019b6068f6b1ef9bb19e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 14 Dec 2021 19:26:02 GMT
server: nginx
x-page-optimize: uncached
etag: W/"1158fc2dc4bdacb706d05beaa634bbc7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
date: Wed, 15 Dec 2021 16:46:22 GMT
x-ac: 2.yyz _atomic_dca
host-header: WordPress.com

GET
H2 200 mediaelement-and-player.min.js Show response
oaimplan.ca/wp-includes/js/mediaelement/ 154 KB
38 KB 118ms
118ms Script
application/javascript 192.0.78.227
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://oaimplan.ca/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.227 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
etag: W/"5f735862-267aa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Wed, 15 Dec 2021 16:46:22 GMT
x-ac: 2.yyz _atomic_dca
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
oaimplan.ca/_static/ 2 KB
969 B 158ms
157ms Script
application/javascript 192.0.78.227
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://oaimplan.ca/_static/??-eJwrL9DNzEvOKU1JLdbPKtbPTU3JTEzNSc1NzStB4ejmZqYXJZak6uVm5ullFeuU49EHlEPmQ7XY59oamhkaGppYmhtaAACquiuT

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.227 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

502de1a0bd23dcdd0d81b6bbcfcd78679e46b2637b6ef76701ed7614b73cd13e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
server: nginx
x-page-optimize: uncached
etag: W/"5b6f28198d28db3638f60090a8d3ac27"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
date: Wed, 15 Dec 2021 16:46:22 GMT
x-ac: 2.yyz _atomic_dca
host-header: WordPress.com

GET
H2 200 e-202150.js Show response
stats.wp.com/ 9 KB
3 KB 55ms
17ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202150.js
Requested by: Host: oaimplan.ca
URL: https://oaimplan.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz
date: Wed, 15 Dec 2021 16:46:22 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 05 Dec 2022 05:11:10 GMT

GET
H2 200 wp-emoji-release.min.js Show response
oaimplan.ca/wp-includes/js/ 18 KB
5 KB 156ms
156ms Script
application/javascript 192.0.78.227
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://oaimplan.ca/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.227 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
server: nginx
etag: W/"60bfebf0-4705"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Wed, 15 Dec 2021 16:46:22 GMT
x-ac: 2.yyz _atomic_dca
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v5/ 21 KB
21 KB 67ms
20ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oaimplan.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 01:35:33 GMT
x-content-type-options: nosniff
age: 486649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21080
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 01:35:33 GMT

GET
H2 200 OAIM_Header.jpg
oaimplan.ca/wp-content/uploads/2021/01/ 427 KB
427 KB 140ms
140ms Image
image/jpeg 192.0.78.227
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oaimplan.ca/wp-content/uploads/2021/01/OAIM_Header.jpg

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/wp-content/et-cache/1311/et-core-unified-1311-1639534669177.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.227 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7787a06c22b28e57268b950fb99520da475f6d3fda0a5aa38da6e6ad2322af7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/wp-content/et-cache/1311/et-core-unified-1311-1639534669177.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:46:22 GMT
x-ac: 2.yyz _atomic_dca
last-modified: Mon, 25 Jan 2021 16:27:51 GMT
server: nginx
etag: "600ef187-6aa36"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 436790
expires: Wed, 22 Dec 2021 16:46:22 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 SPQK8276-3.jpg
oaimplan.ca/wp-content/uploads/2021/10/ 104 KB
104 KB 298ms
298ms Image
image/jpeg 192.0.78.227
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oaimplan.ca/wp-content/uploads/2021/10/SPQK8276-3.jpg

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.227 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5d7e161c83ccc4af287ff5946c932ac4fa0a70b1834c5b505c23b486f632b407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:46:22 GMT
x-ac: 2.yyz _atomic_dca
last-modified: Tue, 12 Oct 2021 20:26:45 GMT
server: nginx
etag: "6165ef85-1a122"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 106786
expires: Wed, 22 Dec 2021 16:46:22 GMT

GET
DATA 200
OK truncated
/ 253 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e452280c50ce1eec448085d070dd6c1266acf3a28477c0ad0507474dc9ad9b2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 190 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69c2c5221dff459e98f5e64f25113e24a121afd94032f5940af833c6fac55da2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 7cHqv4kjgoGqM7E3q-0s51os.woff2
fonts.gstatic.com/s/barlow/v5/ 21 KB
21 KB 79ms
46ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3q-0s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa773a6c9bc50be41bb6ce8e5f8fc0e6ad1b1e409a19c65704cfdcf7ce9f3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oaimplan.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 15:55:37 GMT
x-content-type-options: nosniff
age: 3045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21268
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:06:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 15:55:37 GMT

GET
H2 200 7cHsv4kjgoGqM7E_CfOA5WouvTo.woff2
fonts.gstatic.com/s/barlow/v5/ 22 KB
22 KB 68ms
35ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHsv4kjgoGqM7E_CfOA5WouvTo.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b5365ef1cef7674b470b457cd272d7c208c90acd976e5fe6dd92131e94f15bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oaimplan.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 22:03:52 GMT
x-content-type-options: nosniff
age: 499350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22452
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 09 Dec 2022 22:03:52 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v5/ 20 KB
20 KB 81ms
49ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oaimplan.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 05:10:38 GMT
x-content-type-options: nosniff
age: 128144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20348
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:07:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 05:10:38 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 73ms
41ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oaimplan.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 22:58:42 GMT
x-content-type-options: nosniff
age: 150460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 13 Dec 2022 22:58:42 GMT

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v5/ 21 KB
21 KB 34ms
30ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oaimplan.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 00:33:05 GMT
x-content-type-options: nosniff
age: 317597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21072
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 12 Dec 2022 00:33:05 GMT

GET
H2 200 embed Show response
onedrive.live.com/ Frame 4EB0 61 KB
21 KB 513ms
360ms Document
text/html 13.107.43.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=C30D97E25D93C82D&resid=C30D97E25D93C82D%21114&authkey=AJGVBKSBDMEzA_M&em=2&wdAr=1.7777777777777777

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.43.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1652366d4f05828d8055e403d475e7b212705442fb527249721ed1aa969f73d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD00155D9983A3
x-odwebserver: eastus0-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C7B782DB6DBC4D26BE73C8A2FB24ADBD Ref B: BLUEDGE0420 Ref C: 2021-12-15T16:46:22Z
date: Wed, 15 Dec 2021 16:46:21 GMT

GET
H2

206

perfect-1.mp4
videos.files.wordpress.com/q9nSdkIR/
Redirect Chain

https://oaimplan.ca/perfect-1-mp4/
https://videos.files.wordpress.com/q9nSdkIR/perfect-1.mp4

320 KB
0

24ms
23ms

Media
video/mp4

192.0.72.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://videos.files.wordpress.com/q9nSdkIR/perfect-1.mp4

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Server

192.0.72.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Wed, 15 Dec 2021 16:46:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 15:48:17 GMT
server: nginx
access-control-allow-origin: *
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-14822534/14822535
Content-Length: 14822535
expires: Sun, 19 Dec 2021 06:16:22 GMT

Redirect headers

x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date: Wed, 15 Dec 2021 16:46:22 GMT
x-ac: 2.yyz _atomic_dca
server: nginx
x-redirect-by: Yoast SEO
vary: Cookie
content-type: text/html; charset=UTF-8
location: https://videos.files.wordpress.com/q9nSdkIR/perfect-1.mp4
strict-transport-security: max-age=31536000
host-header: WordPress.com

GET
H2 206 second-try-2.mp4
videos.files.wordpress.com/RNKPzqMt/ 64 KB
0 71ms
20ms Media
video/mp4 192.0.72.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://videos.files.wordpress.com/RNKPzqMt/second-try-2.mp4

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oaimplan.ca/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

x-nc: HIT yyz 2
date: Wed, 15 Dec 2021 16:46:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Nov 2021 19:28:09 GMT
server: nginx
access-control-allow-origin: *
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-14619343/14619344
Content-Length: 14619344
expires: Fri, 24 Dec 2021 20:24:22 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 23ms
21ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.5-a.3&blog=175294043&post=1311&tz=-5&srv=oaimplan.ca&host=oaimplan.ca&ref=&fcp=1026&rand=0.7829828342644889
Requested by: Host: oaimplan.ca
URL: https://oaimplan.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 16:46:22 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 206 second-try-2.mp4
videos.files.wordpress.com/RNKPzqMt/ 37 KB
37 KB 23ms
22ms Media
video/mp4 192.0.72.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://videos.files.wordpress.com/RNKPzqMt/second-try-2.mp4

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1d470ec93b65431702069fd5c436880b2cae900c87267bd2e77c172ecc2f23e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oaimplan.ca/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=14581760-

Response headers

x-nc: HIT yyz 2
date: Wed, 15 Dec 2021 16:46:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Nov 2021 19:28:09 GMT
server: nginx
access-control-allow-origin: *
vary: Origin
content-type: video/mp4
Content-Range: bytes 14581760-14619343/14619344
Content-Length: 37584
expires: Fri, 24 Dec 2021 20:24:22 GMT

GET
H2 206 second-try-2.mp4
videos.files.wordpress.com/RNKPzqMt/ 128 KB
0 64ms
64ms Media
video/mp4 192.0.72.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://videos.files.wordpress.com/RNKPzqMt/second-try-2.mp4

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oaimplan.ca/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=65536-

Response headers

x-nc: HIT yyz 2
date: Wed, 15 Dec 2021 16:46:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Nov 2021 19:28:09 GMT
server: nginx
access-control-allow-origin: *
vary: Origin
content-type: video/mp4
Content-Range: bytes 65536-14619343/14619344
Content-Length: 14553808
expires: Fri, 24 Dec 2021 20:24:22 GMT

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 4EB0 85 KB
16 KB 145ms
28ms Stylesheet
text/css 23.215.130.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=C30D97E25D93C82D&resid=C30D97E25D93C82D%21114&authkey=AJGVBKSBDMEzA_M&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.215.130.42 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 16:46:22 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5314EB9E3
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 74f5b8c4-301e-00d7-0272-4c0d57000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=13113472
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 4EB0 169 KB
30 KB 152ms
36ms Stylesheet
text/css 23.215.130.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=C30D97E25D93C82D&resid=C30D97E25D93C82D%21114&authkey=AJGVBKSBDMEzA_M&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.215.130.42 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 16:46:22 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E534F1A182
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 60b6a08e-001e-0169-473a-e5ff4a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29911683
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 206 perfect-1.mp4
videos.files.wordpress.com/q9nSdkIR/ 144 KB
0 124ms
123ms Media
video/mp4 192.0.72.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://videos.files.wordpress.com/q9nSdkIR/perfect-1.mp4

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oaimplan.ca/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=327680-

Response headers

x-nc: HIT yyz 2
date: Wed, 15 Dec 2021 16:46:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 15:48:17 GMT
server: nginx
access-control-allow-origin: *
vary: Origin
content-type: video/mp4
Content-Range: bytes 327680-14822534/14822535
Content-Length: 14494855
expires: Sun, 19 Dec 2021 06:16:22 GMT

GET
H2 206 perfect-1.mp4
videos.files.wordpress.com/q9nSdkIR/ 128 KB
0 111ms
110ms Media
video/mp4 192.0.72.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://videos.files.wordpress.com/q9nSdkIR/perfect-1.mp4

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oaimplan.ca/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=458752-

Response headers

x-nc: HIT yyz 2
date: Wed, 15 Dec 2021 16:46:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 15:48:17 GMT
server: nginx
access-control-allow-origin: *
vary: Origin
content-type: video/mp4
Content-Range: bytes 458752-14822534/14822535
Content-Length: 14363783
expires: Sun, 19 Dec 2021 06:16:22 GMT

POST
H2 200 PowerPointFrame.aspx Show response
powerpoint.officeapps.live.com/p/ Frame 5FED 105 KB
107 KB 200ms
63ms Document
text/html 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a24ae39d3fc621018424fd0fe49469a5c4ef193c4e61fe40467f6fc1e491e052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://onedrive.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 4aa363af-3376-4146-846c-e7ecb5d1e601
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: BL6PEPF00007423
x-officeversion: 16.0.14805.40503
x-officecluster: PUS4
x-content-type-options: nosniff
content-security-policy-report-only: font-src data: c1-powerpoint-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net content.lifecycle.office.net www.microsoft.com *.youtube.com s.ytimg.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com *.officeapps.live.com https:; object-src 'self' *.youtube.com s.ytimg.com https:; child-src blob: * https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /p/reportcsp.ashx
document-policy: js-profiling
x-officefd: BL6PEPF00007423
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 8A61ACE6E0A941E4B192D10773D6E05B Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:22Z
date: Wed, 15 Dec 2021 16:46:22 GMT

GET
H2 200 OAIM_Plan_Logo_Web-01.png
oaimplan.ca/wp-content/uploads/2021/01/ 126 KB
126 KB 363ms
362ms Image
image/png 192.0.78.227
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oaimplan.ca/wp-content/uploads/2021/01/OAIM_Plan_Logo_Web-01.png

Requested by

Host: oaimplan.ca
URL: https://oaimplan.ca/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.227 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2236a701036e3774950d0af7b1412eb81573459737730932c55279b77d89b395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:46:23 GMT
x-ac: 2.yyz _atomic_dca
last-modified: Mon, 25 Jan 2021 00:53:50 GMT
server: nginx
etag: "600e169e-1f8eb"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 129259
expires: Wed, 22 Dec 2021 16:46:23 GMT

GET
H3-Q050 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 4EB0 92 KB
33 KB 123ms
59ms Script
application/javascript 23.215.130.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=C30D97E25D93C82D&resid=C30D97E25D93C82D%21114&authkey=AJGVBKSBDMEzA_M&em=2&wdAr=1.7777777777777777
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.215.130.42 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 16:46:22 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5358D6B64
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bd2cae08-301e-0047-7b72-4c39d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=13113462
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 4EB0 483 KB
133 KB 123ms
60ms Script
application/javascript 23.215.130.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=C30D97E25D93C82D&resid=C30D97E25D93C82D%21114&authkey=AJGVBKSBDMEzA_M&em=2&wdAr=1.7777777777777777
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.215.130.42 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 16:46:22 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E531CF2A88
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2393d247-e01e-0082-1b47-7e47e3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=11609155
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H2 206 perfect-1.mp4
videos.files.wordpress.com/q9nSdkIR/ 144 KB
0 21ms
21ms Media
video/mp4 192.0.72.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://videos.files.wordpress.com/q9nSdkIR/perfect-1.mp4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oaimplan.ca/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=589824-

Response headers

x-nc: HIT yyz 2
date: Wed, 15 Dec 2021 16:46:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 15:48:17 GMT
server: nginx
access-control-allow-origin: *
vary: Origin
content-type: video/mp4
Content-Range: bytes 589824-14822534/14822535
Content-Length: 14232711
expires: Sun, 19 Dec 2021 06:16:22 GMT

GET
H2 206 perfect-1.mp4
videos.files.wordpress.com/q9nSdkIR/ 112 KB
0 28ms
27ms Media
video/mp4 192.0.72.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://videos.files.wordpress.com/q9nSdkIR/perfect-1.mp4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oaimplan.ca/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=720896-

Response headers

x-nc: HIT yyz 2
date: Wed, 15 Dec 2021 16:46:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 15:48:17 GMT
server: nginx
access-control-allow-origin: *
vary: Origin
content-type: video/mp4
Content-Range: bytes 720896-14822534/14822535
Content-Length: 14101639
expires: Sun, 19 Dec 2021 06:16:22 GMT

GET
H3-Q050 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 4EB0 47 KB
14 KB 20ms
19ms Script
application/javascript 23.215.130.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=C30D97E25D93C82D&resid=C30D97E25D93C82D%21114&authkey=AJGVBKSBDMEzA_M&em=2&wdAr=1.7777777777777777
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.215.130.42 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 16:46:22 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:54 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E530269299
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1392dd12-f01e-00e8-3a72-4cba8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=13113521
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 4EB0 203 KB
68 KB 21ms
20ms Script
application/javascript 23.215.130.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=C30D97E25D93C82D&resid=C30D97E25D93C82D%21114&authkey=AJGVBKSBDMEzA_M&em=2&wdAr=1.7777777777777777
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.215.130.42 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 16:46:22 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E531AF1786
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5ca82e37-b01e-00fc-5bcb-21d82c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=8423598
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 4EB0 15 KB
6 KB 21ms
21ms Script
application/javascript 23.215.130.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=C30D97E25D93C82D&resid=C30D97E25D93C82D%21114&authkey=AJGVBKSBDMEzA_M&em=2&wdAr=1.7777777777777777
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 23.215.130.42 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-42.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 16:46:22 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:54 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5302299FA
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 280201a6-c01e-00af-27e3-e965e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30444087
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H/1.1 200
OK styleschromeless.css
c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/ Frame 5FED 288 KB
35 KB 145ms
22ms Stylesheet
text/css 2600:1400:d:5ac::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/styleschromeless.css

Requested by

Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5ac::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

df1ae8b868678d92d766097e778c0b8696c7f2a9ff9eb7c1009ea1b31f7bd4b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"68562172dfebd71:0"
X-OfficeCluster: PUS8
X-OfficeVersion: 16.0.14730.40504
X-OfficeFE: BL6PEPF00009C4D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 34932
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 08 Dec 2021 02:58:15 GMT
X-OFFICEFD: BL6PEPF00009C4D
X-MSEdge-Ref: Ref A: 634FA5677CD742A4985DBE87AE644D5A Ref B: BLUEDGE2013 Ref C: 2021-12-08T02:58:15Z
X-UserSessionId: 8f4ab8d2-5a57-42b2-8c43-b4419b0bf2b7
Date: Wed, 15 Dec 2021 16:46:23 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: 8f4ab8d2-5a57-42b2-8c43-b4419b0bf2b7
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjax.js Show response
c1-officeapps-15.cdn.office.net/p/s/161480540503_App_Scripts/ Frame 5FED 106 KB
24 KB 108ms
22ms Script
application/javascript 2600:1400:d:5ac::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/161480540503_App_Scripts/MicrosoftAjax.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5ac::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"362f60facfebd71:0"
X-OfficeCluster: PUS3
X-OfficeVersion: 16.0.14730.40504
X-OfficeFE: BN3PEPF00001F7D
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 23714
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 08 Dec 2021 01:07:32 GMT
X-OFFICEFD: BN3PEPF00001D08
X-MSEdge-Ref: Ref A: F287C6229A0A491F8F48EF6886C36EE2 Ref B: BL2EDGE1621 Ref C: 2021-12-08T01:07:32Z
X-UserSessionId: 89e349de-d5df-4127-adc3-e775da61b246
Date: Wed, 15 Dec 2021 16:46:23 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 89e349de-d5df-4127-adc3-e775da61b246
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK powerpointintl.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/1033/ Frame 5FED 237 KB
50 KB 144ms
23ms Script
application/javascript 2600:1400:d:5ac::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/1033/powerpointintl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5ac::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0107fc5b73692d33281d506e2872b39772ca35c8158dac1c4c2cb5d018691317

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"ae99b038d2ebd71:0"
X-OfficeCluster: PUS8
X-OfficeVersion: 16.0.14730.40504
X-OfficeFE: BL6PEPF0000EEBF
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 50606
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 08 Dec 2021 01:23:35 GMT
X-OFFICEFD: BL6PEPF0000EEBF
X-MSEdge-Ref: Ref A: 560F675F99004C1AA6BE33FA14199BA3 Ref B: BL2EDGE1720 Ref C: 2021-12-08T01:23:35Z
X-UserSessionId: d062b10b-20ea-447f-9cf3-8d73d35c7f86
Date: Wed, 15 Dec 2021 16:46:23 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d062b10b-20ea-447f-9cf3-8d73d35c7f86
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK BootView.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/ Frame 5FED 2 MB
356 KB 140ms
23ms Script
application/javascript 2600:1400:d:5ac::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/BootView.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5ac::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ARR/3.0

Resource Hash

b994cc549e96f0d73d8e29a7b01cde0e2a007d81963458ddfbe8aa99c2b1e29d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000, max-age=31536000
Content-Encoding: br
ETag: W/"668f97dad2ebd71:0"
X-OfficeCluster: PUS8
X-OfficeVersion: 16.0.14730.40504
X-OfficeFE: BL6PEPF00009C51
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 363638
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Wed, 08 Dec 2021 01:28:07 GMT
X-OFFICEFD: BL6PEPF00009D19
X-UserSessionId: 94f42bd9-7baa-43c6-ab6b-bb21cd3f4e05, 4e60174d-e934-4a29-b918-5a2a0c9f8007
X-Powered-By: ARR/3.0
Date: Wed, 15 Dec 2021 16:46:23 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 94f42bd9-7baa-43c6-ab6b-bb21cd3f4e05, 4e60174d-e934-4a29-b918-5a2a0c9f8007
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/p/s/161480540503_resources/1033/ Frame 5FED 695 B
2 KB 99ms
18ms Image
image/gif 2600:1400:d:5ac::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/161480540503_resources/1033/progress.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5ac::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"fc7c63e3ebd71:0"
X-OfficeCluster: PUS3
X-OfficeVersion: 16.0.14730.40504
X-OfficeFE: BN3PEPF0000473B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 08 Dec 2021 03:23:47 GMT
X-OFFICEFD: BN3PEPF000051C8
X-MSEdge-Ref: Ref A: 7AB73989E95A45AE90FBD9C54D04E727 Ref B: BLUEDGE2008 Ref C: 2021-12-08T03:23:47Z
X-UserSessionId: 6b4a9380-788e-4e54-b6ad-1bfa341833bb
Date: Wed, 15 Dec 2021 16:46:23 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: 6b4a9380-788e-4e54-b6ad-1bfa341833bb
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK prt.png
c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/ Frame 5FED 13 KB
14 KB 138ms
22ms Image
image/png 2600:1400:d:5ac::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/prt.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5ac::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ARR/3.0

Resource Hash

e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000, max-age=31536000
ETag: W/"a3af7fdad2ebd71:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14730.40504
X-OfficeFE: BL6PEPF0000D640
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 13611
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Wed, 08 Dec 2021 01:28:07 GMT
X-OFFICEFD: BL6PEPF00007446
X-UserSessionId: d67146f3-e764-4479-844c-1759c0293513, 8f80a628-5f65-4260-bf29-e2262c9c5d87
X-Powered-By: ARR/3.0
Date: Wed, 15 Dec 2021 16:46:23 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: d67146f3-e764-4479-844c-1759c0293513, 8f80a628-5f65-4260-bf29-e2262c9c5d87
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 5FED 0
592 B 122ms
121ms XHR
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14805.40503&waccluster=PUS4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 4aa363af-3376-4146-846c-e7ecb5d1e601
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS2
x-officeversion: 16.0.14805.40503
x-officefe: MW1PEPF00007865
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-ms-server-duration: 0.3366
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5c681af0-212c-46b7-9391-df8966974b15
x-officefd: MW1PEPF00007865
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:22 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: D0D1B63EC9A94F0C8CB3E487F5B803B3 Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:23Z

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 5FED 0
341 B 52ms
51ms XHR
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14805.40503&waccluster=PUS4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 4aa363af-3376-4146-846c-e7ecb5d1e601
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":168,"Value":"https://c1-officeapps-15.cdn.office.net:443/p/s/161480540503_App_Scripts/MicrosoftAjax.js","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000BAB9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-ms-server-duration: 1.5696
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: c21fbee6-b62a-439c-9a32-5785ccb84315
x-officefd: BL6PEPF0000BAB9
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:22 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 0F8EA00F79B74B339E0144827A9872CF Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:23Z

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 5FED 0
356 B 50ms
50ms XHR
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14805.40503&waccluster=PUS4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 4aa363af-3376-4146-846c-e7ecb5d1e601
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":337,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS6
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000BB62
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-ms-server-duration: 0.4992
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 3197d538-0eb2-4724-907b-9e4273e562a3
x-officefd: BL6PEPF0000BB62
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:22 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: D444AF3DCB3D420FABC66C7FD6613301 Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:23Z

POST
H2 200 RemoteTelemetry.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 5FED 0
276 B 52ms
51ms XHR
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteTelemetry.ashx

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF00009C4E
x-officeversion: 16.0.14805.40503
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 6a5cc77d-4c33-4bf1-b3d9-f498032f1bff
x-officecluster: PUS8
x-usersessionid: 6a5cc77d-4c33-4bf1-b3d9-f498032f1bff
date: Wed, 15 Dec 2021 16:46:22 GMT
x-download-options: noopen
access-control-allow-origin: https://powerpoint.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 9493D1B749874BF496F056F538AB253C Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:23Z
timing-allow-origin: *
x-officefe: BL6PEPF00009C4E

GET
H/1.1 404
Not Found segoeui.woff
c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/ Frame 5FED 0
0 150ms
149ms Font
text/html 2600:1400:d:5ac::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/segoeui.woff

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/styleschromeless.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5ac::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/styleschromeless.css
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-OFFICEFD: BL6PEPF00009C4E
X-OfficeVersion: 16.0.14805.40503
X-OfficeFE: BL6PEPF00009C4E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1245
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
X-CorrelationId: 7959e395-0c10-4056-bec1-c05d660ac759
X-OfficeCluster: PUS8
X-UserSessionId: 7959e395-0c10-4056-bec1-c05d660ac759
Date: Wed, 15 Dec 2021 16:46:23 GMT
Content-Type: text/html
Access-Control-Allow-Origin: *
X-MSEdge-Ref: Ref A: 89F15230C6804BE5A2B352C982A2A638 Ref B: BL2EDGE1909 Ref C: 2021-12-15T16:46:23Z
Timing-Allow-Origin: *

POST
H2 200 GetPresentationWithSlideById Show response
powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 5FED 4 KB
2 KB 294ms
292ms XHR
application/json 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetPresentationWithSlideById

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/161480540503_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c317977a3ad6f89dc0cb354e30ebe8a9e5621c4e8039a335e765daafe766d0ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wMdTakmj9U_H-DYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G_L7CoPoyNhCxvN_lZDzlHVd-ihRP2blzpahUt_5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ
X-UserSessionId: 4aa363af-3376-4146-846c-e7ecb5d1e601
Accept-Language: en-CA,en;q=0.9
X-OfficeVersion: 16.0.14805.40503
X-Key: BTJid06BeRktcPYu255xA+H7hfkCwEfeZ9sMRNIigTQ=,637751835829436445
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1641401182478
X-WacCluster: PUS4

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000742A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1771
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 90095974-7d6e-4a22-a14d-600de262485d
x-officefd: BL6PEPF0000742A
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:23 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: F54BACC729F14924B6EF20A5BF4B3EFC Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:23Z
timing-allow-origin: *
expires: -1

GET
H/1.1 200
OK wapsw.png
c1-officeapps-15.cdn.office.net/p/s/161480540503_resources/1033/ Frame 5FED 6 KB
7 KB 23ms
22ms Image
image/png 2600:1400:d:5ac::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/161480540503_resources/1033/wapsw.png?b=1601472815001

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5ac::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"e22259dcebebd71:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14730.40504
X-OfficeFE: BL6PEPF00007424
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5884
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 08 Dec 2021 04:27:07 GMT
X-OFFICEFD: BL6PEPF00007AA5
X-MSEdge-Ref: Ref A: EC26740D7EE74CF5A043082D3001DCE4 Ref B: BLUEDGE1213 Ref C: 2021-12-08T04:27:07Z
X-UserSessionId: ac09bb48-cb33-425a-85a4-e45dd4578ef7
Date: Wed, 15 Dec 2021 16:46:23 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: ac09bb48-cb33-425a-85a4-e45dd4578ef7
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
BLOB 200
OK 31dff6fe-88ec-43d6-a746-2d8b372abff3
https://powerpoint.officeapps.live.com/ Frame 5FED 219 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://powerpoint.officeapps.live.com/31dff6fe-88ec-43d6-a746-2d8b372abff3
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd0ecdb353408eaa3b257bb108e5ffb79b27e69338d10bdbf8aa2dfc7299f92a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 219
Content-Type: application/javascript

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 5FED 42 KB
16 KB 114ms
22ms Script
application/javascript 104.105.45.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/BootView.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.105.45.76 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-45-76.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:46:23 GMT
X-MSNServer: RD0003FF78BF7F
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=40617, public
X-ODWebServer: eastus0-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H/1.1 404
Not Found segoeui.ttf
c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/ Frame 5FED 0
0 131ms
131ms Font
text/html 2600:1400:d:5ac::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/segoeui.ttf

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/styleschromeless.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5ac::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/styleschromeless.css
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-OFFICEFD: BL6PEPF0000D642
X-OfficeVersion: 16.0.14805.40503
X-OfficeFE: BL6PEPF0000D642
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 1245
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
X-CorrelationId: 5e044557-79e6-403c-bb1a-7315ae89c00d
X-OfficeCluster: PUS4
X-UserSessionId: 5e044557-79e6-403c-bb1a-7315ae89c00d
Date: Wed, 15 Dec 2021 16:46:23 GMT
Content-Type: text/html
Access-Control-Allow-Origin: *
X-MSEdge-Ref: Ref A: 1F0A49155DDD417C966D837C729BD882 Ref B: BL2EDGE1809 Ref C: 2021-12-15T16:46:23Z
Timing-Allow-Origin: *

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 5FED 36 KB
37 KB 142ms
141ms Image
image/png 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=2&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&access_token=4wMdTakmj9U%5FH%2DDYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G%5FL7CoPoyNhCxvN%5FlZDzlHVd%2DihRP2blzpahUt%5F5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ&access_token_ttl=1641401182478&z=aQzMwRDk3RTI1RDkzQzgyRCExMTQuMTA&usid=4aa363af%2D3376%2D4146%2D846c%2De7ecb5d1e601&Rid=S6%5F1%5F608x342%2Epng&waccluster=PUS4&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

382359f925113a516e0c5fcb07252f6c90da02c3d6f56f278c3a6b9fb1e0782b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000EEB4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 37107
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&access_token=4wMdTakmj9U%5FH%2DDYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G%5FL7CoPoyNhCxvN%5FlZDzlHVd%2DihRP2blzpahUt%5F5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ&access_token_ttl=1641401182478&z=aQzMwRDk3RTI1RDkzQzgyRCExMTQuMTAS6_1_608x342.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 692c48e6-e8d7-4822-9fa7-fc59e47e6c48
x-officefd: BL6PEPF0000EEB4
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:23 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 3C98074EF0E44570B08B3F076E4A5B37 Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:23Z
timing-allow-origin: *
expires: Thu, 15 Dec 2022 16:46:23 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 5FED 1 KB
2 KB 214ms
214ms Image
image/png 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d93f4c931b192371a9d3a224f28ef7e64acc1350cd1d04274ca3ed03149deaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000D1F3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1469
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&access_token=4wMdTakmj9U%5FH%2DDYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G%5FL7CoPoyNhCxvN%5FlZDzlHVd%2DihRP2blzpahUt%5F5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ&access_token_ttl=1641401182478&z=aQzMwRDk3RTI1RDkzQzgyRCExMTQuMTAS6_2_608x342.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 800ba923-7bff-4f14-a565-a2773e4eb14a
x-officefd: BL6PEPF0000D1F3
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:23 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 8C611485FECF43649A527E0705C5D21F Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:23Z
timing-allow-origin: *
expires: Thu, 15 Dec 2022 16:46:24 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 5FED 36 KB
37 KB 184ms
183ms Image
image/png 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

382359f925113a516e0c5fcb07252f6c90da02c3d6f56f278c3a6b9fb1e0782b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000EEAE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 37107
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&access_token=4wMdTakmj9U%5FH%2DDYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G%5FL7CoPoyNhCxvN%5FlZDzlHVd%2DihRP2blzpahUt%5F5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ&access_token_ttl=1641401182478&z=aQzMwRDk3RTI1RDkzQzgyRCExMTQuMTAS6_1_608x342.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: c6d0c343-55ff-4762-97b8-07fc11cea9ec
x-officefd: BL6PEPF0000EEAE
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:23 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 8E4A6A0A8D01405D9DF45AF161606D42 Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:24Z
timing-allow-origin: *
expires: Thu, 15 Dec 2022 16:46:24 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 5FED 1 KB
2 KB 205ms
205ms Image
image/png 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d93f4c931b192371a9d3a224f28ef7e64acc1350cd1d04274ca3ed03149deaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000EEAC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1469
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&access_token=4wMdTakmj9U%5FH%2DDYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G%5FL7CoPoyNhCxvN%5FlZDzlHVd%2DihRP2blzpahUt%5F5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ&access_token_ttl=1641401182478&z=aQzMwRDk3RTI1RDkzQzgyRCExMTQuMTAS6_2_608x342.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 90709fd5-a0f4-4590-8432-0d8a08b231e1
x-officefd: BL6PEPF0000EEAC
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:23 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 965BB911AEC04A049FECB7476D21E1C5 Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:24Z
timing-allow-origin: *
expires: Thu, 15 Dec 2022 16:46:24 GMT

GET
H/1.1 200
OK reader.calypso.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/ Frame 5FED 338 KB
69 KB 19ms
19ms Script
application/javascript 2600:1400:d:5ac::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/reader.calypso.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5ac::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ae6f16a16c26c3f55b99a1fb12b6e7d16955a507fe9357b7818fc3597a95179f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"23aa5525d1ebd71:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14730.40504
X-OfficeFE: BL6PEPF00007420
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 70026
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 08 Dec 2021 01:15:53 GMT
X-OFFICEFD: BL6PEPF00007420
X-MSEdge-Ref: Ref A: FE3F188BAC0145A0AA964062C720C83A Ref B: BL2EDGE1720 Ref C: 2021-12-08T01:15:53Z
X-UserSessionId: 490307f1-5632-4ff1-9bbf-8c247f088f05
Date: Wed, 15 Dec 2021 16:46:24 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 490307f1-5632-4ff1-9bbf-8c247f088f05
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
c1-officeapps-15.cdn.office.net/p/s/161480540503_App_Scripts/ Frame 5FED 40 KB
7 KB 20ms
20ms Script
application/javascript 2600:1400:d:5ac::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/161480540503_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5ac::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "66d2a87cceebd71:0"
X-OfficeCluster: US3C
X-OfficeVersion: 16.0.14730.40504
X-OfficeFE: DM3PEPF00013CCD
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5997
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 08 Dec 2021 00:56:51 GMT
X-OFFICEFD: DM3PEPF000132E0
X-MSEdge-Ref: Ref A: 142F1A76C40D401A9EBA414966FF1CFD Ref B: BLUEDGE2007 Ref C: 2021-12-08T01:07:35Z
X-UserSessionId: 4ae2186e-7a06-4877-813b-93c758c45bc8
Date: Wed, 15 Dec 2021 16:46:24 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 4ae2186e-7a06-4877-813b-93c758c45bc8
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 5FED 0
553 B 48ms
48ms XHR
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14805.40503&waccluster=PUS4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 4aa363af-3376-4146-846c-e7ecb5d1e601
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":1121,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS6
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000B739
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-ms-server-duration: 0.3743
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 8bd5c130-dc48-4678-9d90-850c6dc4287d
x-officefd: BL6PEPF0000B739
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:23 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 13B8D16BE94544D5A1FDEA239615DDAF Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:24Z

GET
H2 206 mediahandler.ashx
powerpoint.officeapps.live.com/p/ Frame 5FED 94 KB
95 KB 205ms
205ms Media
audio/mp4 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/mediahandler.ashx?PV=6&PF=5&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&access_token=4wMdTakmj9U%5FH%2DDYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G%5FL7CoPoyNhCxvN%5FlZDzlHVd%2DihRP2blzpahUt%5F5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ&access_token_ttl=1641401182478&z=aQzMwRDk3RTI1RDkzQzgyRCExMTQuMTA&usid=4aa363af%2D3376%2D4146%2D846c%2De7ecb5d1e601&Rid=17984764%2Em4a%2Emedia&waccluster=PUS4&retries=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2039057e020b3265c2d0de2f5d5f4b040e16ba928969ee3fb672a42811483733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF00007423
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF00007423
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Range: bytes 0-96443/96444
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 96444
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: faaae18f-1064-46ce-ab61-0ec9a4d3b3b2
x-officecluster: PUS4
x-msedge-ref: Ref A: E6EAE9156EA048A9B55907511EA627DB Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:24Z
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:23 GMT
x-download-options: noopen
content-type: audio/mp4
cache-control: private
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Dec 2022 16:46:24 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 5FED 6 KB
3 KB 158ms
157ms XHR
application/json 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/161480540503_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8e56cfeadaf5717a456f74aa7191147435cf3237b99779a243045a39a90b63cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wMdTakmj9U_H-DYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G_L7CoPoyNhCxvN_lZDzlHVd-ihRP2blzpahUt_5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ
X-UserSessionId: 4aa363af-3376-4146-846c-e7ecb5d1e601
Accept-Language: en-CA,en;q=0.9
X-OfficeVersion: 16.0.14805.40503
X-Key: BTJid06BeRktcPYu255xA+H7hfkCwEfeZ9sMRNIigTQ=,637751835829436445
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1641401182478
X-WacCluster: PUS4

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF00007424
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2202
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 60363e15-ce93-4eef-ab57-319bffd1241e
x-officefd: BL6PEPF00007424
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:23 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 6BF79DE1A8BC4311AACF34B7EBA366E4 Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:24Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 5FED 0
378 B 86ms
86ms XHR
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14805.40503&waccluster=PUS4

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/161480540503_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wMdTakmj9U_H-DYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G_L7CoPoyNhCxvN_lZDzlHVd-ihRP2blzpahUt_5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ
X-UserSessionId: 4aa363af-3376-4146-846c-e7ecb5d1e601
Accept-Language: en-CA,en;q=0.9
X-OfficeVersion: 16.0.14805.40503
X-Key: BTJid06BeRktcPYu255xA+H7hfkCwEfeZ9sMRNIigTQ=,637751835829436445
X-bULS-SuppressionETag: 352D23C4F4A7A2018361EF087F6B9743417AA6F2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1641401182478
X-WacCluster: PUS4

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS5
x-officeversion: 16.0.14805.40503
x-officefe: SN3PEPF0000C095
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 352D23C4F4A7A2018361EF087F6B9743417AA6F2
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-ms-server-duration: 2.2853
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: e18f0219-bc56-41d5-928f-94bbef9edf55
x-officefd: SN3PEPF0000C095
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:23 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 52025B028F4D4FEFB3DA1AC45023BF75 Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:24Z

GET
H/1.1 200
OK otelFullNext.min.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/ Frame 5FED 111 KB
31 KB 20ms
20ms Script
application/javascript 2600:1400:d:5ac::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/otelFullNext.min.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5ac::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1464c32cf5698defbc4e01f324c0f6fc0987754ef52c5a8addbad99ee75ce29b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
Origin: https://powerpoint.officeapps.live.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"c63bc521daebd71:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14730.40504
X-OfficeFE: BL6PEPF00007428
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 31119
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 08 Dec 2021 02:20:13 GMT
X-OFFICEFD: BL6PEPF00007428
X-MSEdge-Ref: Ref A: 06B1FA27DD62424C8EDC72243E601480 Ref B: BL2EDGE1521 Ref C: 2021-12-08T02:20:13Z
X-UserSessionId: 3865e8f7-3b6d-477d-8ca8-53c898dbe3c5
Date: Wed, 15 Dec 2021 16:46:24 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 3865e8f7-3b6d-477d-8ca8-53c898dbe3c5
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
DATA 200
OK truncated
/ Frame 5FED 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK prt.png
c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/ Frame 5FED 13 KB
14 KB 21ms
20ms Image
image/png 2600:1400:d:5ac::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/prt.png

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/reader.calypso.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5ac::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ARR/3.0

Resource Hash

e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000, max-age=31536000
ETag: W/"a3af7fdad2ebd71:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14730.40504
X-OfficeFE: BL6PEPF0000D640
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 13611
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Wed, 08 Dec 2021 01:28:07 GMT
X-OFFICEFD: BL6PEPF00007446
X-UserSessionId: d67146f3-e764-4479-844c-1759c0293513, 8f80a628-5f65-4260-bf29-e2262c9c5d87
X-Powered-By: ARR/3.0
Date: Wed, 15 Dec 2021 16:46:24 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: d67146f3-e764-4479-844c-1759c0293513, 8f80a628-5f65-4260-bf29-e2262c9c5d87
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 5FED 0
190 B 53ms
53ms XHR
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14805.40503&waccluster=PUS4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: 4aa363af-3376-4146-846c-e7ecb5d1e601
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":1122,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS3
x-officeversion: 16.0.14805.40503
x-officefe: BN3PEPF00003824
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-ms-server-duration: 0.5877
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: cbb08896-69c0-4e26-b6c2-f67da84896c9
x-officefd: BN3PEPF00003824
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:23 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, x-newsnapurl, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: D5610C55272D4708910885246E0C20B4 Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:24Z

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 5FED 4 B
334 B 404ms
204ms XHR
application/json 20.42.73.25
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/otelFullNext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.42.73.25 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:46:24 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://powerpoint.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 5FED 145 B
730 B 122ms
122ms Image
image/png 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=5&Rid=mediaBundlePrimer.png&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&access_token=4wMdTakmj9U%5FH%2DDYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G%5FL7CoPoyNhCxvN%5FlZDzlHVd%2DihRP2blzpahUt%5F5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ&access_token_ttl=1641401182478&z=aQzMwRDk3RTI1RDkzQzgyRCExMTQuMTA&waccluster=PUS4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e600c2c34ac5b7e472858d6c99eaf7b0a6ee62a2d90f0e266eca55ed18e62fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000742A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 145
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&access_token=4wMdTakmj9U%5FH%2DDYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G%5FL7CoPoyNhCxvN%5FlZDzlHVd%2DihRP2blzpahUt%5F5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ&access_token_ttl=1641401182478&z=aQzMwRDk3RTI1RDkzQzgyRCExMTQuMTAmediaBundlePrimer.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 8fc6efab-a302-41a4-9e3e-b7c7e4d15a05
x-officefd: BL6PEPF0000742A
x-usersessionid: 8fc6efab-a302-41a4-9e3e-b7c7e4d15a05
date: Wed, 15 Dec 2021 16:46:23 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: B4CE6B475B6F4405BA42F2E48EEED84F Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:24Z
timing-allow-origin: *
expires: Thu, 15 Dec 2022 16:46:24 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 5FED 100 KB
101 KB 57ms
57ms Image
image/png 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fd7d38308831b376c31b0c0fc9d214f3bd7174f26282961bfbef74bf783a0626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000EEB4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 102519
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&access_token=4wMdTakmj9U%5FH%2DDYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G%5FL7CoPoyNhCxvN%5FlZDzlHVd%2DihRP2blzpahUt%5F5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ&access_token_ttl=1641401182478&z=aQzMwRDk3RTI1RDkzQzgyRCExMTQuMTAS0_1_608x342.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: f315e54a-4ae7-4e6e-9045-a1f23949a8df
x-officefd: BL6PEPF0000EEB4
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:23 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: D92E71528DD04B3EB4F69D557E966F0E Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:24Z
timing-allow-origin: *
expires: Thu, 15 Dec 2022 16:46:24 GMT

GET
H/1.1 200
OK blank.2x2x32.png
c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/ Frame 5FED 119 B
1 KB 49ms
49ms Image
image/png 2600:1400:d:5ac::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/blank.2x2x32.png?ev=mediaLoaded&el=262s4f4&r=275841639586784543

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:5ac::4b36 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ARR/3.0

Resource Hash

5705895d0b214704ec057e9fb32b635aae3e0aee7cc37a30908dd06724d8da24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000, max-age=31536000
ETag: "148fb3accedd71:0"
X-OfficeCluster: PUS4
X-OfficeVersion: 16.0.14805.40503
X-OfficeFE: BL6PEPF00007420
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 119
Cache-Control: public,max-age=31536000
Server: Microsoft-IIS/10.0
Last-Modified: Fri, 10 Dec 2021 13:44:23 GMT
X-OFFICEFD: BL6PEPF0000A584
X-UserSessionId: ab1765ac-175f-4858-ac13-a7ed54ebe2ce, 0e6a5cd1-633a-45a9-8cf7-f63eab186206
X-Powered-By: ARR/3.0
Date: Wed, 15 Dec 2021 16:46:24 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: ab1765ac-175f-4858-ac13-a7ed54ebe2ce, 0e6a5cd1-633a-45a9-8cf7-f63eab186206
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 5FED 7 KB
3 KB 53ms
53ms XHR
application/json 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/161480540503_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a823ca64bc513a404f11866f7fc3a44282319173ef3883474b4cff929521ed04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wMdTakmj9U_H-DYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G_L7CoPoyNhCxvN_lZDzlHVd-ihRP2blzpahUt_5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ
X-UserSessionId: 4aa363af-3376-4146-846c-e7ecb5d1e601
Accept-Language: en-CA,en;q=0.9
X-OfficeVersion: 16.0.14805.40503
X-Key: BTJid06BeRktcPYu255xA+H7hfkCwEfeZ9sMRNIigTQ=,637751835829436445
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1641401182478
X-WacCluster: PUS4

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000D1F3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2673
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: f415e43b-228a-4ee2-b654-bfcc2f5c2149
x-officefd: BL6PEPF0000D1F3
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:23 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 74EDCC2C2F0544B593DF7B698DF016A9 Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:24Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 5FED 120 KB
121 KB 187ms
186ms Image
image/png 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

66a1aa32a9fc5a174a41e08e77780c989a237a5ec70b61583daac7c753997fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000D644
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 122844
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&access_token=4wMdTakmj9U%5FH%2DDYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G%5FL7CoPoyNhCxvN%5FlZDzlHVd%2DihRP2blzpahUt%5F5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ&access_token_ttl=1641401182478&z=aQzMwRDk3RTI1RDkzQzgyRCExMTQuMTAS1_1_608x342.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: d945c187-6654-4724-9555-e060d8846ee3
x-officefd: BL6PEPF0000D644
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:24 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: DA297075B09B47209724F35C72E3B5DA Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:24Z
timing-allow-origin: *
expires: Thu, 15 Dec 2022 16:46:24 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 5FED 10 KB
3 KB 55ms
55ms XHR
application/json 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/161480540503_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9b05cdef34440f8f5b8c9a7d198e2b80d266de17cf82310e042a15cbba293f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wMdTakmj9U_H-DYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G_L7CoPoyNhCxvN_lZDzlHVd-ihRP2blzpahUt_5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ
X-UserSessionId: 4aa363af-3376-4146-846c-e7ecb5d1e601
Accept-Language: en-CA,en;q=0.9
X-OfficeVersion: 16.0.14805.40503
X-Key: BTJid06BeRktcPYu255xA+H7hfkCwEfeZ9sMRNIigTQ=,637751835829436445
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1641401182478
X-WacCluster: PUS4

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000EEAE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2954
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: d9b2b80f-2fed-4b3d-ae8c-cad7eb05efa4
x-officefd: BL6PEPF0000EEAE
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:24 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 8D030EA6D3B84780921D0581E6AD7F74 Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:24Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 5FED 119 KB
119 KB 53ms
53ms Image
image/png 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

78ff2f704223e1439986676268381d981fed62179648b9fa7a1483fd7aa69edd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000EEAE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 121436
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&access_token=4wMdTakmj9U%5FH%2DDYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G%5FL7CoPoyNhCxvN%5FlZDzlHVd%2DihRP2blzpahUt%5F5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ&access_token_ttl=1641401182478&z=aQzMwRDk3RTI1RDkzQzgyRCExMTQuMTAS3_1_608x342.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: b7469f6e-bd1d-47a6-b471-686a97861d9b
x-officefd: BL6PEPF0000EEAE
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:24 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 51851D73C8294C859856ACC91976F8C0 Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:24Z
timing-allow-origin: *
expires: Thu, 15 Dec 2022 16:46:24 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 5FED 1 KB
2 KB 54ms
53ms Image
image/png 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4246b96badd3cd0c625e0c72419e2021b4bb4be04644c6891f7b25f7eb1451c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF00007424
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1467
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&access_token=4wMdTakmj9U%5FH%2DDYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G%5FL7CoPoyNhCxvN%5FlZDzlHVd%2DihRP2blzpahUt%5F5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ&access_token_ttl=1641401182478&z=aQzMwRDk3RTI1RDkzQzgyRCExMTQuMTAS3_2_608x342.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 030a7141-de3e-4c3f-86f2-20135077db9f
x-officefd: BL6PEPF00007424
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:24 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 1C9A9D00615941E4B882A33E5C4BD5D1 Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:24Z
timing-allow-origin: *
expires: Thu, 15 Dec 2022 16:46:24 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/ Frame 5FED 11 KB
3 KB 58ms
58ms XHR
application/json 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.https.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/161480540503_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

338e53d4b6775cc6679968d722527c1bc382fb5123a32a6d3b7ca07957924796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wMdTakmj9U_H-DYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G_L7CoPoyNhCxvN_lZDzlHVd-ihRP2blzpahUt_5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ
X-UserSessionId: 4aa363af-3376-4146-846c-e7ecb5d1e601
Accept-Language: en-CA,en;q=0.9
X-OfficeVersion: 16.0.14805.40503
X-Key: BTJid06BeRktcPYu255xA+H7hfkCwEfeZ9sMRNIigTQ=,637751835829436445
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1641401182478
X-WacCluster: PUS4

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000EEAC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3146
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 50440c00-6b3b-4e39-a5f7-b05d31f6082c
x-officefd: BL6PEPF0000EEAC
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:24 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: FFEF7704FBF84243B4A02BCFCFD3E4F4 Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:25Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 5FED 114 KB
115 KB 81ms
80ms Image
image/png 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f1cac988b8d1bc317e1327a9c105a62cef029bc8e3aacdd994d87ac618fe59dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF00007423
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 117049
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&access_token=4wMdTakmj9U%5FH%2DDYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G%5FL7CoPoyNhCxvN%5FlZDzlHVd%2DihRP2blzpahUt%5F5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ&access_token_ttl=1641401182478&z=aQzMwRDk3RTI1RDkzQzgyRCExMTQuMTAS4_1_608x342.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 70780a42-f6cd-4a68-ba25-5b16fb35b0d8
x-officefd: BL6PEPF00007423
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:24 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 067B79B2B7474854AF4574D96A04920E Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:25Z
timing-allow-origin: *
expires: Thu, 15 Dec 2022 16:46:25 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 5FED 1 KB
2 KB 53ms
52ms Image
image/png 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6707c2f620b2e3a723fec270fe28d6a57f0983f65711933f0e610cf46a42a83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-CA&rs=en-US&hid=CBBmDDn330a/pk5ifXRsYQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PUS4
x-officeversion: 16.0.14805.40503
x-officefe: BL6PEPF0000EEB4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1448
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2FC30D97E25D93C82D%21114&access_token=4wMdTakmj9U%5FH%2DDYeSQNDcd00VNuHVAJJuhepLKAvOjGtnHP163G%5FL7CoPoyNhCxvN%5FlZDzlHVd%2DihRP2blzpahUt%5F5RiMBhOWBLkh9kZDq8y5Vr4xf1iG8SFLAgsjFDhE4QWNWVmNTUpzA16my0GAmQ&access_token_ttl=1641401182478&z=aQzMwRDk3RTI1RDkzQzgyRCExMTQuMTAS4_2_608x342.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 61b46403-1835-4021-aeca-2dfe34e51a93
x-officefd: BL6PEPF0000EEB4
x-usersessionid: 4aa363af-3376-4146-846c-e7ecb5d1e601
date: Wed, 15 Dec 2021 16:46:24 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: FDE83FC50FDF41E1AB4923281D0040C4 Ref B: EWR311000102051 Ref C: 2021-12-15T16:46:25Z
timing-allow-origin: *
expires: Thu, 15 Dec 2022 16:46:25 GMT

GET
H2 204 boom.gif
pixel.wp.com/ 0
37 B 17ms
17ms Image
text/plain 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.033&largest_contentful_paint=1514&provider=wordpress.com&service=atomic&effective_connection_type=4g&host_name=oaimplan.ca&url_path=%2F&nt_fetchStart=1&nt_domainLookupStart=1&nt_domainLookupEnd=24&nt_connectStart=24&nt_connectEnd=62&nt_secureConnectionStart=33&nt_requestStart=62&nt_responseStart=634&nt_responseEnd=636&nt_domLoading=637&nt_domInteractive=1180&nt_domContentLoadedEventStart=1181&nt_domContentLoadedEventEnd=1189&nt_domComplete=1755&nt_loadEventStart=1755&nt_loadEventEnd=1760&nt_redirectCount=0&nt_api_level=2&start_render=1026&first_contentful_paint=1026&resource_size=2770880&resource_transferred=1142383&js_size=794221&js_transferred=217795&resource_cache_percent=0&js_cache_percent=0&last_resource_end=2181
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://oaimplan.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 16:46:25 GMT
cache-control: no-cache
server: nginx

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 5FED 24 B
431 B 138ms
40ms XHR
application/json 20.42.73.25
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,b664cab4b3f24a739be75b93b026749e-65c206a3-a985-48b4-8b50-36c56c3ce309-7201&upload-time=1639586786417&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptScripts/otelFullNext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.42.73.25 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer: https://powerpoint.officeapps.live.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 15 Dec 2021 16:46:25 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 117
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://powerpoint.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			powerpoint.officeapps.live.com/	1970-01-20 01:35:59	Name: DcLcid Value: ui=1033&data=1033
			powerpoint.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/segoeui.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://c1-powerpoint-15.cdn.office.net/p/s/161480540503_PptResources/1033/segoeui.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c1-officeapps-15.cdn.office.net
c1-powerpoint-15.cdn.office.net
fonts.googleapis.com
fonts.gstatic.com
js.live.net
oaimplan.ca
onedrive.live.com
pixel.wp.com
powerpoint.officeapps.live.com
s0.wp.com
spoprod-a.akamaihd.net
stats.wp.com
videos.files.wordpress.com
104.105.45.76
13.107.43.13
13.107.6.171
192.0.72.2
192.0.76.3
192.0.77.32
192.0.78.227
20.42.73.25
23.215.130.42
2600:1400:d:5ac::4b36
2607:f8b0:4006:817::200a
2607:f8b0:4006:822::2003
0107fc5b73692d33281d506e2872b39772ca35c8158dac1c4c2cb5d018691317
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0e452280c50ce1eec448085d070dd6c1266acf3a28477c0ad0507474dc9ad9b2
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1464c32cf5698defbc4e01f324c0f6fc0987754ef52c5a8addbad99ee75ce29b
1652366d4f05828d8055e403d475e7b212705442fb527249721ed1aa969f73d9
1d470ec93b65431702069fd5c436880b2cae900c87267bd2e77c172ecc2f23e7
1d93f4c931b192371a9d3a224f28ef7e64acc1350cd1d04274ca3ed03149deaa
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2039057e020b3265c2d0de2f5d5f4b040e16ba928969ee3fb672a42811483733
2236a701036e3774950d0af7b1412eb81573459737730932c55279b77d89b395
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
2a019bd15cc4934034490113d6ab3845f2287da2fa019b6068f6b1ef9bb19e98
2b5365ef1cef7674b470b457cd272d7c208c90acd976e5fe6dd92131e94f15bd
2bc42c332f9fc7827775426c087b00725af19fe97e977117583d7c2d1465a01a
338e53d4b6775cc6679968d722527c1bc382fb5123a32a6d3b7ca07957924796
382359f925113a516e0c5fcb07252f6c90da02c3d6f56f278c3a6b9fb1e0782b
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
4246b96badd3cd0c625e0c72419e2021b4bb4be04644c6891f7b25f7eb1451c3
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171
502de1a0bd23dcdd0d81b6bbcfcd78679e46b2637b6ef76701ed7614b73cd13e
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
5705895d0b214704ec057e9fb32b635aae3e0aee7cc37a30908dd06724d8da24
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
5d7e161c83ccc4af287ff5946c932ac4fa0a70b1834c5b505c23b486f632b407
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
66a1aa32a9fc5a174a41e08e77780c989a237a5ec70b61583daac7c753997fcd
6707c2f620b2e3a723fec270fe28d6a57f0983f65711933f0e610cf46a42a83f
69c2c5221dff459e98f5e64f25113e24a121afd94032f5940af833c6fac55da2
6af036a4ec23088a2e702e364d84320dbcd420a0c8c5ef82bac37006554e3ea6
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7787a06c22b28e57268b950fb99520da475f6d3fda0a5aa38da6e6ad2322af7d
78ff2f704223e1439986676268381d981fed62179648b9fa7a1483fd7aa69edd
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8e56cfeadaf5717a456f74aa7191147435cf3237b99779a243045a39a90b63cc
8eed6d3b0d7e2892aba59d98ee5075c0636b432fd655ad05ee40de3b1da38e94
9b05cdef34440f8f5b8c9a7d198e2b80d266de17cf82310e042a15cbba293f54
a24ae39d3fc621018424fd0fe49469a5c4ef193c4e61fe40467f6fc1e491e052
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a823ca64bc513a404f11866f7fc3a44282319173ef3883474b4cff929521ed04
aa773a6c9bc50be41bb6ce8e5f8fc0e6ad1b1e409a19c65704cfdcf7ce9f3db0
ac97bc7f217e4f44ef06f70136d703ef07504dcb904e0848bee504cc8a4aafc4
ae6f16a16c26c3f55b99a1fb12b6e7d16955a507fe9357b7818fc3597a95179f
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
b994cc549e96f0d73d8e29a7b01cde0e2a007d81963458ddfbe8aa99c2b1e29d
bd0ecdb353408eaa3b257bb108e5ffb79b27e69338d10bdbf8aa2dfc7299f92a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c317977a3ad6f89dc0cb354e30ebe8a9e5621c4e8039a335e765daafe766d0ab
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
ccd1ae8d139b4ddb53c470f4a9ff95259b89b0572b88bc33b4baf78636f2782d
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d2149f078f9179c941055fc6b7e331c88d994ffe27cf121c04f260ac4cb01920
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df1ae8b868678d92d766097e778c0b8696c7f2a9ff9eb7c1009ea1b31f7bd4b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c
e600c2c34ac5b7e472858d6c99eaf7b0a6ee62a2d90f0e266eca55ed18e62fde
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f1cac988b8d1bc317e1327a9c105a62cef029bc8e3aacdd994d87ac618fe59dc
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fd7d38308831b376c31b0c0fc9d214f3bd7174f26282961bfbef74bf783a0626

oaimplan.ca Open in urlscan Pro 192.0.78.227 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

86 Requests

98 %HTTPS

25 %IPv6

10 Domains

14 Subdomains

13 IPs

1 Countries

3102 kBTransfer

8977 kBSize

2 Cookies

7 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

oaimplan.ca Open in urlscan Pro
192.0.78.227 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

98 %
HTTPS

25 %
IPv6

10
Domains

14
Subdomains

13
IPs

1
Countries

3102 kB
Transfer

8977 kB
Size

2
Cookies

86 HTTP transactions
10 data transactions